Security Port

Security Forums
Security Articles
Security Port Blog
Security Blogs
Security Books
Security Glossary
Security Definitions
Security Directories
Security Wikis
Security Tradeshows
Security Newsletters
Security Alerts
Buyers Guides
Security Newsgroups
Security Organizations
Submit Security Sites
Security Magazines
Security Feeds
Security News
Security Software
Security Products
Search Databases


Security Port
Contains relevant information that pertains to security related issues and solutions.

Security Port

A Security Port Blog
Bank of America Patents Blockchain Security Tools
05/28/2018

Bank of America has won a patent for a way to control access to certain aspects of a permissioned blockchain network, newly published documents show.

The patent for a somewhat innocuously titled system for managing security and access to resource sub-components explains how security tokens (essentially electronic keys, distinct from blockchain-based assets that mimic physical securities) would be used to grant access to certain users to the information contained in a particular block. According to the text, the system would be automated, effectively meaning that the network itself would grant and track access.

Bank of America was awarded the patent on May 22, according to the US Patent and Trademark Office (USPTO). It represents the latest intellectual property development for the bank, which has filed many blockchain-related applications in recent years.

Uranium makes feds list of minerals critical to national security, setting off a debate in Utah and beyond
05/25/2018

The Interior Department has identified 35 nonfuel mineral commodities that are essential to national security, including uranium and several others found in Utah.

Interiors U.S. Geological Survey helped compile the list under an executive order President Donald Trump issued in December, calling for a national strategy for reducing reliance on critical minerals and promoting access to domestic supplies.

The appearance of uranium on the list, published Friday in the Federal Register, has spurred controversy among those who contend uranium does not qualify as either nonfuel or critical.

Bridging the realms between cyber and physical security
05/23/2018

The recent tragic events in Las Vegas, Lakeland, Manchester – and most recently at the YouTube campus—have put the issue of gun-related violence and the response to these incidents in the headlines. But there are other physical dangers as well. In late March, some 64 people—many of them children—perished in a fire in a Russian mall.

The prevalence of such disasters—and the possibility of dual physical and cyberattacks—has prompted some firms and investors to propose tech-based solutions for physical security. The need for such solutions is widespread. A recent survey from GrandView Research predicted that the global physical security market would grow from about $134 billion today to $290.7 billion by 2025 – an annual compound growth rate of 9.2 percent. The impetus is the perception that there are growing threats across the globe and new tech-based solutions to mitigate them.

National Guard Using Cybersecurity Skills To Protect Integrity Of Midterm Elections
05/21/2018

Cybersecurity has taken center stage in American elections. In the past, the job of an election official meant making sure there are enough ballots and keeping lines of voters moving along at polling places. The job changed after Russian-backed hackers tried to break into election-related systems in 2016. That happened in at least 21 states.

The National Guard is now being called up in some states to help make sure these 2018 elections are more secure. From West Virginia Public Broadcasting, Dave Mistich has more.

The value of 20/20 hindsight in cybersecurity
05/18/2018

US-CERT publicly disclosed widespread cyber-attacks on domestic energy and other infrastructure locations.  These attacks had been occurring since at least March 2016 and had successfully compromised a number of locations including some nuclear facilities, water, and aviation locations.

This was not a typical drive-by attack. It was a systematic, multi-staged effort that advanced up the kill chain and utilized several sophisticated targeting techniques including spear-phishing, watering-hole domains, and ultimately the targeting of industrial control systems infrastructure.

Some details of this attack became known to the targets by at least September 2017, approximately six months before the public disclosure.

Enterprise cloud adoption outstrips cybersecurity capabilities
05/16/2018

Enterprise companies are adopting SaaS at a rapid pace but are failing to budget for security solutions to protect the data they hold, research suggests.

On Tuesday, cloud security firm iboss released a white paper documenting the rising adoption rates of software as a service (SaaS) applications, which while often valuable for companies, may also pose a risk when cybersecurity is an afterthought.

Verizon Cites Ransomware as Top Cybersecurity Threat
05/14/2018

In Verizons latest Data Breach Investigations Report, ransomware was once again cited at the top security threat for businesses and consumers, and also noted that this type of malware is now targeting the critical systems of companies such as databases.

The report is based on an analysis of 53,000 incidents and over 2,200 breaches occurring in 65 countries. Of all of the types of malicious cyber attacks, ransomware was found in 39 percent of all of the malware-related cases studied, which is double the number of attacks from last years report.

4 steps to creating a winning cybersecurity strategy in 2018
05/11/2018

Most organizations are in the phase of rapidly gearing up to contain and manage cybersecurity threats. The question is how and where to begin?

In many ways the US Federal Government went through this same difficult phase in 2015 due to the OPM data breach. There are some worthwhile lessons to be learned­­. One of the key elements of the Federal response was to set cybersecurity at the forefront of a chief executive’s responsibility with clear assignment of accountability. The second element was to provide funding and investments to upgrade the cybersecurity posture.

These upgrades included concerted programs such as the Cybersecurity sprints and the Continuous Diagnostics and Mitigation (CDM) Program amongst others. For mid-sized organizations and enterprises looking to focus on cybersecurity issues in 2018, here is a proven playbook to help creating a winning strategy.

Cybersecurity tips: How companies can prevent mass data breaches
05/09/2018

As data breaches and the loss of personal information become more ubiquitous, the importance of cybersecurity inside the workplace has become increasingly imperative.

According to the 2018 Data Breach Investigation report released by Verizon, there were more than 53,000 incidents and 2,300 breaches in 2017, with almost 75% of those perpetuated by outsiders.

The issue of data privacy came into the light again after reports emerged in March that Facebook had inadvertently allowed the political consulting firm Cambridge Analytica to collect and misuse the data of more than 87 million users.

So what can companies do in order to protect themselves? Verizons global head of cybersecurity, John Loveland, suggests starting with employees and training them to be vigilant of how hackers can breach the system.

Are gamers the answer to the cybersecurity skills gap?
05/07/2018

Gamers may be the logical next step to lessening the cybersecurity skills gap, McAfee said in releasing a new report, Winning the Game.

The report is based on a survey that polled senior security managers and security professionals in public-and private-sector organizations. Nearly all (92%) of respondents said they believe that gaming affords players experience and skills critical to cybersecurity threat hunting: logic, perseverance, an understanding of how to approach adversaries and a fresh outlook compared to traditional cybersecurity hires.

In fact, three-quarters of senior managers said they would consider hiring a gamer even if that person had no specific cybersecurity training or experience.

Cybersecurity and defence for the future of Europe
05/04/2018

This is a time of change for the world and a time of opportunities for Europe. The European system of values is being challenged in its resilience by the global megatrends: globalisation, digitisation, migrations, artificial intelligence and rise of global threats.

This is the time when the European Union needs to make sure it is taking the right direction, with digitisation and security at the core. Our actions will only be decisive when we create a competitive, prosperous, resilient and secure Europe - for every European citizen.

Cybersecurity often pops up when we speak about risks and threats. However, cybersecurity - and security in general - is more than that.

Cyber expert: Future bleak, but fixes are on the way
05/02/2018

Computer science teaches the background knowledge needed to perform research, while upper-level and graduate courses provide the opportunity for research, he explained. Case encouraged the students in attendance to focus on groundbreaking research, rather than incremental improvements.



Current Blog

2018

May Arhive
April Archive

February - March Archive
January Archive

2017
Nov/December Archive

October Archive

September Archive
August Archive
April Archive
March Archive

February Archive
January Archive

2016 Security Blog Archive
November /December Archive
October Archive
September Archive
August Archive
July Archive
June Archive
May Archive
April Archive
March Archive
February Archive
January Archive

2015 Security Blog Archive
November / December Archive
October Archive
September Archive
August Archive
July Archive
June Archive
May Archive
April Archive
March Archive
February Archive
January Archive

2014 Security Blog Archive
November / December Archive
October Archive
September Archive
August Archive
July Archive
June Archive
May Archive
April Archive
March Archive
Jan & February Archive

2013 Security Blog Archive
December Archive
November Archive
October Archive
September Archive
August Archive
July Archive
June Archive
May Archive
April Archive
March Archive
February Archive
January Archive

2012 Security Blog Archive
December Archive
November Archive
October Archive
September Archive
August Archive
July Archive
June Archive
May Archive
April Archive
March Archive
February Archive
January Archive

2011 Security Blog Archive

December Archive
November Archive
October Archive
September Archive
August Archive
July Archive
June Archive
May Archive
April Archive
March Archive
February Archive
January Archive

2010 Securty Blog Archive
December Archive
November Archive
October Archive
September Archive
August Archive
July Archive
June Archive
May Archive
April Archive
March Archive
February Archive
January Archive

2009 Securty Blog Archive
December Archive
November Archive
October Archive
September Archive
August Archive
July Archive
June Archive
May Archive
April Archive
March Archive
February Archive
January Archive

2008 Security Blog Archive
December Archive
November Archive
October Archive
September Archive
July-August Archive
May-June Archive
April Archive
March Archive
February Archive
January Archive

2007 Security Blog Archive
December Archive
November Archive
October Archive
September Archive
August Archive
July Archive
June Archive
May Archive
April Archive
March Archive
February Archive
January Archive

2006 Security Blog Archive
December Archive
November Archive
October Archive
September Archive
August Archive
July Archive
June Archive
May Archive
April Archive
March Archive
February Archive
January Archive


Security Alerts
Locate security alerts, and security feeds via a security rss feed directory.