Security Port

Security Forums
Security Articles
Security Port Blog
Security Blogs
Security Books
Security Glossary
Security Definitions
Security Directories
Security Wikis
Security Tradeshows
Security Newsletters
Security Alerts
Buyers Guides
Security Newsgroups
Security Organizations
Submit Security Sites
Security Magazines
Security Feeds
Security News
Security Software
Security Products
Search Databases


Security Port
Contains relevant information that pertains to security related issues and solutions.

Security Port

A Security Port Blog

What Would Happen if the Department of Homeland Security Shut Down?
02/21/2015

Any type of government shutdown—even if only of a single agency—has real and significant consequences. But many of the politicians who talk about these consequences use the kind of hysterical rhetoric that suggests a shutdown would result in ISIS setting up a new branch office in El Paso, Texas.

Box Security
03/02/2015

Box, a cloud-based data storage and collaboration company, hopes it has solved one of the last great impediments to businesses going fully online.

On Tuesday, the company announced a technology that adds another layer of data encryption to its service. The idea is to put in new kinds of protection from hackers and snoops. If it works, regulated industries like finance and healthcare might move their data from locally maintained computers to Boxȗs machines, which are accessed via the Internet to office computers and mobile devices.

Companies send fake phishing emails to test security
02/27/2015

The next phishing email you get could be from your boss.

With high-profile security breaches on the rise, from Sony Pictures to Anthem, companies are on the defensive. And they want to make sure their employees are not a hack waiting to happen.

Data show phishing emails are more and more common as entry points for hackers. Unwittingly clicking on a link in a scam email could unleash malware into a network or provide other access to cyberthieves.

A Security Researcher Just Dumped 10 Million Real Passwords
02/26/2015

Security researcher Mark Burnett released a torrent of 10 million passwords and usernames, a trove of comparatively anonymized data that he sourced from open websites from around the web. The passwords and usernames are older and most probably dead and, most importantly, Burnett sourced them from websites that were generally available to anyone and discoverable via search engines in a plaintext (unhashed and unencrypted) format and therefore already widely available to those with an intent to defraud or gained unauthorized access to computer systems.

Why did he do it? Password behaviors are opaque. No one knows why we choose certain passwords over others nor do they have any way of assessing the relative strength of passwords on the web. While corporations like to say their password databases are secure, how do we know? And how can they be secure when the most popular password is password?

Dating App Security
02/25/2015

The millions of people using dating apps on company smartphones could be exposing themselves and their employers to hacking, spying and theft, according to a study by International Business Machines Corp.

IBM security researchers said 26 of 41 dating apps they analyzed on Google Incs Android mobile platform had medium or high severity vulnerabilities, in a report published on Wednesday.

IBM did not name the vulnerable apps but said it had alerted the app publishers to problems.

Dating apps have become hugely popular in the past few years due to their instant messaging, photo and geolocation services. About 31 million Americans have used a dating site or app, according to a 2013 Pew Research Center study.

IBM found employees used vulnerable dating apps in nearly 50 percent of the companies sampled for its research.

Facebook Patched Hole
02/24/2015

Facebook has patched a security vulnerability that could've allowed a hacker to delete every single photo on the social networking site.

The social network said in 2013 that more than 350 million photos are uploaded to the site every day. That figure must have risen, along with its entire user base, which is now 1.3 billion people strong. The number of photos stored by Facebook is an almost unfathomable figure -- and the storage space needed for it is indescribably large.

Report Sees Weak Security in Cars Wireless Systems
02/23/2015

Serious gaps in security and customer privacy affect nearly every vehicle that uses wireless technology, according to a report set to be released on Monday by a senators office.

The report concludes that security measures to prevent hackers from gaining control of a vehicle’s electronics are inconsistent and haphazard, and that the majority of automakers do not have systems that can detect breaches or quickly respond to them.

Security Training
02/20/2015

Chief information officers see employee training as the top way to beef up their corporate information security, according to a survey by IT staffing firm Robert Half Technology.

The survey, which is based on 2,400 CIOs with 100 or more employees, is instructive because it reflects how internal workers are still the largest security risk.

Fifty four percent of CIOs said they would boost training on security issues.

Home Security Flaws
02/19/2015

Do not freak out, but the products inside your smart home have some serious security flaws, according to a new report out from enterprise security research firm Synack. The company tested 16 popular devices over the holidays and determined that connected cameras were the least secure. Products ranging from the SmartThings hub to the Nest and Lyric thermostats also had some problems.

Colby Moore, a security research analyst who compiled the report, said it took him about 20 minutes to break into each of the assorted devices and he only found one — the Kidde smoke detector — that did not have any significant flaws.

Facebook launches Social Network for Security Pros
02/18/2015

Facebooks new ThreatExchange will allow corporate security professionals to share cybersecurity information and better protect themselves from hackers.

In the wake of massive cyberattacks against the some of the world's biggest companies, Facebook decided to make it easier for security professionals across industries to alert each other about new threats as they become known. To do that, the worlds largest social network created a dedicated service that could give companies the same privacy controls individuals already have on Facebook. With ThreatExchange, security pros can decide what they want to share and with whom, without worrying about disclosing sensitive information.

Early partners in a beta version of the site include Bitly, Dropbox, Facebook, Pinterest, Tumblr, Twitter and Yahoo.

UN Passes Restrictions Against Syria
02/17/2015

The United Nations Security Council on Thursday banned all trade in antiquities from war-torn Syria, threatened sanctions on anyone buying oil from ISIS, also knows as the Islamic State and Al-Qaida-linked Nusra Front militants and urged states to stop kidnap ransom payments.

The 15-nation council unanimously adopted a Russian-drafted resolution, which is legally binding and gives the council authority to enforce decisions with economic sanctions. It does not authorize using military force.

U.S. Ambassador to the United Nations, Samantha Power, lamented that the council had not been able to show the same unity on attempting to bring an end to the four-year civil war in Syria, blaming the conflict for the rise of Islamic State.

The Enemies of Data Security: Convenience and Collaboration
02/16/2015

It is natural to view IT as both the cause and the cure for cyber security problems. After all, attackers typically steal information by exploiting a technology-related vulnerability. In addition, IT networks are usually the scene of the crime, and their inner workings are a mystery to most users and therefore a focus of suspicion. It is also tempting to believe that using sophisticated security devices alone will offer protection from cyber threats. However, such a view ignores fundamental drivers of information security risk: organizational culture and the behaviors that result from it.

Technologies and Key Trends
02/12/2015

Anonymous threats and lone wolf attacks, increasing fears on cyber security and concerns over immigration will generate significant debate over foreign policy and how to mitigate the security risk posed by terrorist organizations. There will also be an increasing focus on how to manage the global cyber threat, including the growing concern of state sponsored involvement and complexity of attacks on private business.

Domestic policy will continue to focus on protecting borders, limiting the movement of people from war zones or stemming illegal immigration. This issue will be a key political battleground in Europe especially with concerns over open borders and free movement of labour. The rise of nationalism is a particular concern.

Do Not Neglect Mobile Security
02/11/2015

Lots of people now use mobile and internet banking services because they are convenient and save time. Unfortunately, there are several risks too. If your device is not secure, your financial information can be at risk. Fraudsters are increasingly targeting mobile customers and stealing their money.

Each year 15 million people become victims to identity theft and financial fraud. How do hackers manage to do this? What can you do if you have been a victim of financial fraud? Will there be anyone willing to help you?

Large scale fraud and thefts rarely target individuals. Rather they target organizations that have, store and use personal and financial data of their customers. Retailers and banking institutions bore the brunt of powerful hacking attempts last year. Hackers not only stole user data but also destroyed the reputation of these businesses.

Five Application Security Trends for 2015
02/10/2015

The top security trends in 2015 are going to be based on the kind of vulnerabilities that we witnessed in the past year.

1. Exploiting the logical flaws

As developers get aware of the CSRF and XSS issues, the attackers too will try and find new ways to harm and exploit the systems. With hackers trying to breach the security systems by understanding the logic behind the coding, rather than capitalizing on an evident vulnerability, it is going to be harder to protect oneself against such an attack.

2. Trust Breach

Solutions like OpenSSL and UNIX are starting to come of age.With security bugs like Heartbleed and Shellshock, we witnessed the vulnerabilities in UNIX Bash shell and OpenSSL cryptographic library. More security lapses of this kind are likely to surface in the coming year.

Google Looks Forward on Security Program
02/09/2015

In 2014, Google rewarded more than $1,500,000, paid out to over 200 researchers, with the largest single reward being $150,000. The company also rewarded more than 500 bugs – and for Chrome, more than half of all rewarded reports for 2014 were in developer and beta versions.

Looking ahead to 2015, Google announced two additions to its Security Rewards Programs.

The first is Vulnerability Research Grants, which are up-front awards that Google will provide to researchers before they ever submit a bug.

Research and Markets: Global Physical Security Market 2015-2019
02/06/2015

The Global Physical Security market to grow at a CAGR of 15.49% over the period 2014-2019

Physical security is the method that involves securing an organization's data, hardware, network, and programs that can be damaged by an external agency, leading to the loss of organizational and brand value. The damage by an external agency can be through burglary, data theft, and terrorism. There are a number of hardware devices and software that are being adopted by government organizations and enterprises to ensure the physical security of business critical data.

Sharing security data really does make a difference
02/05/2015

The global fight against cyberthreats continues to keep the Internet and those that use it as safe and secure as possible. The ranks of those that use the Internet to steal corporate or state secrets, personal data or money online are only growing. The sophistication of the threats continues to rise, and the end is not in sight. The question is: how can we work toward making the Internet even safer? Also, how do we get better at stopping and prosecuting malicious acts online? This has to start with global cooperation and global leadership.

Hacking for Good - Hacking group Anonymous to Target Paedophiles
02/04/2015

In the wake of the Westminster child abuse scandal and allegations of establishment cover-ups, hackers Anonymous have decided to expose international paedophile networks.

The hacking group says it is is planning on collecting evidence against international paedophile rings and their abuse of children to find the links between different operations and ultimately bring the perpetrators to justice.

Named after Voldemorts band of evil followers in the Harry Potter series, the group is calling for a global effort in exposing the paedophile rings through the power of social media.

TSA Breaches
02/03/2015

A report from the Transportation Security Administration detailing serious security breaches at the nation;s airports has been held up for months because the TSA insists the information in the report is classified.

Inspector general John Roth had been trying to pry the report loose, but was ignored by TSA management.

Inspector General John Roth said the Transportation Security Agency was abusing its powers in order to shield the information — though he said the agency had released the exact same kinds of details in previous reports, so there is no valid reason not to release them now. He said the only conclusion is that the agency is hiding behind classification.

Hacking Wifi
02/02/2015

Whether you are at an airport, hotel, mall, coffee shop or almost anywhere else, you will usually find free Wi-Fi service that conveniently connects you to the Internet. However, with this convenience comes danger.

Many people assume that the Wi-Fi that they are using is secure, but this isn't always the case. In fact, identity thieves often go the same coffee shop or other venue where free Wi-Fi is provided to set up their own Wi-Fi, which is what you may unwittingly be tapping into. .

Turn your old Phone into a Security Camera
01/30/2015

The main thing you need is a smartphone (a tablet with a rear camera can work, too), a stand to keep the gadget upright and a monitoring app. Set up your gadget on the stand and point the camera in the direction you want to watch. Then start the app. If the app detects movement, it will alert you via email or text, take pictures of the thieves and even sound an alarm to scare them off.

If you already have an old smartphone or tablet lying around, you can be up and running in no time. You can also use your main smartphone if you want to guard something overnight while you are sleeping, like a hotel room door.



Current Blog

2015 Security Blog Archive
February Archive
January Archive

2014 Security Blog Archive
November / December Archive
October Archive
September Archive
August Archive
July Archive
June Archive
May Archive
April Archive
March Archive
Jan & February Archive

2013 Security Blog Archive
December Archive
November Archive
October Archive
September Archive
August Archive
July Archive
June Archive
May Archive
April Archive
March Archive
February Archive
January Archive

2012 Security Blog Archive
December Archive
November Archive
October Archive
September Archive
August Archive
July Archive
June Archive
May Archive
April Archive
March Archive
February Archive
January Archive

2011 Security Blog Archive

December Archive
November Archive
October Archive
September Archive
August Archive
July Archive
June Archive
May Archive
April Archive
March Archive
February Archive
January Archive

2010 Securty Blog Archive
December Archive
November Archive
October Archive
September Archive
August Archive
July Archive
June Archive
May Archive
April Archive
March Archive
February Archive
January Archive

2009 Securty Blog Archive
December Archive
November Archive
October Archive
September Archive
August Archive
July Archive
June Archive
May Archive
April Archive
March Archive
February Archive
January Archive

2008 Security Blog Archive
December Archive
November Archive
October Archive
September Archive
July-August Archive
May-June Archive
April Archive
March Archive
February Archive
January Archive

2007 Security Blog Archive
December Archive
November Archive
October Archive
September Archive
August Archive
July Archive
June Archive
May Archive
April Archive
March Archive
February Archive
January Archive

2006 Security Blog Archive
December Archive
November Archive
October Archive
September Archive
August Archive
July Archive
June Archive
May Archive
April Archive
March Archive
February Archive
January Archive


Security Alerts
Locate security alerts, and security feeds via a security rss feed directory.