Security Port

Security Forums
Security Articles
Security Port Blog
Security Blogs
Security Books
Security Glossary
Security Definitions
Security Directories
Security Wikis
Security Tradeshows
Security Newsletters
Security Alerts
Buyers Guides
Security Newsgroups
Security Organizations
Submit Security Sites
Security Magazines
Security Feeds
Security News
Security Software
Security Products
Search Databases


Security Port
Contains relevant information that pertains to security related issues and solutions.

Security Port

A Security Port Blog
Happy Cyber Security Awareness Month
10/23/2016

Although not an official part of the holiday season, October being National Cyber Security Awareness Month is still a good thing. If people can take an awareness of cyber security and turn it into positive actions, maybe the good guys can win the war for the Internet.

What Consumers Need to Know About the Yahoo Security Breach
10/31/2016

What was taken?

The stolen information could include names, email addresses, dates of birth, telephone numbers, password information and possibly the question-answer combinations for security questions, which are often used to reset passwords, said Yahoo in a statement.

However, Yahoo said that the passwords that were compromised were hashed, a way of encrypting data.

The stolen information did not include unprotected passwords, payment card data or bank account information, according to Yahoo.

7 Ways Cloud Alters The Security Equation
10/28/2016

By now, the pitch for cloud-based services is familiar to anyone in IT: They are cheaper, more efficient, and will free up in-house infosec professionals for more value-added tasks (yes, everyone's really going to miss reviewing log management data).

The promises of highly automated functionality and trouble-free operations may be slightly overstated, at least where cloud-based security is concerned. But most infosec professionals are already masters of due diligence, and cloud is like any other external service provider: seasoned security pros know to ask a lot of questions, perform their own testing and audits, and get customer references for the real skinny on how cloud-based security goes.

iPhone Hackers Say Apple Weakened Backup Security With iOS 10
10/26/2016

Professional iPhone hackers say that Apple AAPL -1.72% has dropped the ball on password security with its latest iPhone operating system, making the task of cracking the logins for backups stored on a Mac or PC considerably easier.

7 Days Before Obama Gives Away Internet & National Security
10/24/2016

In one week, President Obama will allow what remains of the United States control over the Internet to pass to a California non-profit organization, the Internet Corporation for Assigned Names and Numbers (ICANN).  This is a reckless and dangerous decision that has serious national security consequences that have not been fully considered.

Currently, ICANN has a contract with the Department of Commerces National Telecommunications and Information Administration (NTIA) to manage the naming and numbering functions associated with the Internet. The most important of these is the assignment of Internet Protocol Addresses (IP Addresses) to domain names.

Cyber Security Controls That Actually Make You More Efficient
10/22/2016

1.        Install Firewalls on your computer systems

You must install firewalls and routers on your systems. This will prevent your system from external attacks. Firewalls are programmed to trigger off alarms whenever there is a potential breach of a computer system.

2.        Don’t Just Install Antivirus Software programs on your Systems; Scan them Regularly

The installation of antivirus software programs is one of the effective methods that will guarantee the security of your computer systems. Contrary to the general belief, antivirus programs are not designed exclusively for the prevention of virus attacks. They are also effective means of preventing attacks by Trojans, Keyloggers, and some other harmful programs.

3.        Use Anti-spy Software programs

There are some computer software programs that perform the functions of human spies. These programs steal information from computer systems without the consciousness and consent of the users. The pieces of information that they steal are used by others to harm the organizations or individuals that are using these systems.

4.        Use complex passwords on your systems

Homeland Security Secretary Warns of New Terror Environment Post 9/11
10/20/2016

Fifteen years after the 9-11 attacks, U.S. Secretary of Homeland Security Jeh Johnson said the U.S. is in a new environment, with the nations greatest risk from lone-wolf attacks and self-radicalized terrorists.

Johnson said on ABCs This Week that there is no credible evidence of an imminent terrorist threat to the United States -- but there are still risks.

Cyber Security Unicorn
10/18/2016

The first cybersecurity unicorn kernel popped in late 2013 with the announcement of CloudFlares $50 million Series C investment. Today, 10 privately held companies hold membership in the ultra-exclusive cybersecurity unicorn club.

With the addition of each new member, eyebrows are raised and questions are asked. What underlying data supports such valuations? Would there ever be sufficient revenue in the cybersecurity market to sustain unicorn valuations? Are cybersecurity unicorns outliers or are we at the start of a sustainable trend?

Google fixes two serious Android security flaws
10/16/2016

Google's mobile security team has definitely been busy cleaning house this week. The company has released an Android update that closes two security holes that could pose a major threat if intruders found a way to exploit them. The first was only designed for research purposes and would only have been malicious if modified, Google tells Ars Technica, but it wouldn't have been hard to detect or weaponize.

Government Surveillance
10/14/2016

Ninety-one percent of ISPs in the UK are concerned that government surveillance efforts will compromise or weaken the security of their networks.

While most internet and managed service providers see cyber-attacks on a weekly basis, the most common concern among the companies is that government surveillance will weaken network security and make providers a target of attackers, according to a report released by the UK Internet Services Providers Association (ISPA).

The report, released Sept. 6, found that 54 percent of respondents were attacked at least every week. Currently, denial-of-service attacks and SQL injection attacks are the main types of cyber-threats Internet and managed service providers face, with 91 percent of respondents suffering a denial-of-service attack, 64 percent an SQL injection attack and 36 percent a phishing attack, the study found.

Security of Self Driving Cars
10/12/2016

The U.S. Justice Department has formed a threat analysis team to study potential national security challenges posed by self-driving cars, medical devices and other Internet-connected tools, a senior official said.

Privacy and Security in the Age of the Driverless Car
10/10/2016

Driverless cars are coming.  After testing prototypes for years, companies are poised to roll out self-driving vehicles for consumer use.  The future is here.  But, are we ready for it?

The existing law is clearly not. There are currently no federal statutes governing driverless cars, and only eight states (i.e., California, Florida, Louisiana, Michigan, Nevada, North Dakota, Tennessee, and Utah) and the District of Columbia have enacted laws addressing driverless cars.  These state statutes typically define autonomous vehicles, or autonomous technology, establish parameters and guidelines for their testing, and or require that the vehicles have either manual override or a licensed driver in a position to assume control of the vehicle.

The Challenge of Internet of Things Security
10/08/2016

IoT is one of the most significant technology shifts since the creation of the internet with projections of up to 100 billion devices connected by 2025. This scale is enormous and the value of both consumer and enterprise IoT connecting wearables, cars and trucks, highways and entire cities has been measured in the trillions of dollars by 2025. IoT literally has the potential to transform the way humans work, live and play.

With this value and transformational potential comes inherent risks and none more serious than a car being hacked or as catastrophic as a country’s power grid being compromised. Both these scenarios have already been demonstrated and is further exacerbated by the overall lack of legal policy, guidelines and standards. Simply put, IoT scale, diversity and adoption is outstripping our ability to create laws to govern and guidelines to standardise it’s adoption.

Sorry Robocop: AI security guards do NOT stop people from stealing
10/06/2016

While the robot is not designed to look particularly menacing or authoritative, it has cameras that enable it to see what people around it are doing.
The behaviour of hundreds of students was captured by a hidden GoPro action camera, reports New Scientist.

The results showed that a disappointing seven per cent snaffled reserved food from the table, despite the robot guards presence.

This was only very slightly lower then the eight per cent who took supplies when the table of food was not guarded at all.

Modernizing Security
10/04/2016

In perusing the web and taking stock, as well as talking to my constituents in business and IT, several things become clear:

Most employees steal proprietary data when quitting or getting fired from an organization.
Nearly all employees are vulnerable to exploit kits.
Four out of five breaches go undetected for a week or more.  Some take up to a year.
Just over a third of global organizations feel they are prepared for a sophisticated cyberattack.
Generally, when an organization is targeted for attack, the attackers need only minutes to bring about a compromise.
Most organizations lack the means to track and control their most sensitive data.
Most organizations lack clear security guidelines, policies, and reinforcement through training.
What does the modern organization do?  

Why identity protection is the next phase in security
10/02/2016

If the chances of an organisation being hacked on a long enough timeline eventually hits 100 percent, then as a user with personal information stashed in silos all over the internet, on the same timeline the user is likely facing a percentage of information leakage that is in multiples of hundreds.

While as an industry we appear to have accepted the pragmatic security arguments of this scenario, the situation for privacy and the individual is quite the reverse.




Current Blog

2016 Security Blog Archive
October Archive
September Archive
August Archive
July Archive
June Archive
May Archive
April Archive
March Archive
February Archive
January Archive

2015 Security Blog Archive
November / December Archive
October Archive
September Archive
August Archive
July Archive
June Archive
May Archive
April Archive
March Archive
February Archive
January Archive

2014 Security Blog Archive
November / December Archive
October Archive
September Archive
August Archive
July Archive
June Archive
May Archive
April Archive
March Archive
Jan & February Archive

2013 Security Blog Archive
December Archive
November Archive
October Archive
September Archive
August Archive
July Archive
June Archive
May Archive
April Archive
March Archive
February Archive
January Archive

2012 Security Blog Archive
December Archive
November Archive
October Archive
September Archive
August Archive
July Archive
June Archive
May Archive
April Archive
March Archive
February Archive
January Archive

2011 Security Blog Archive

December Archive
November Archive
October Archive
September Archive
August Archive
July Archive
June Archive
May Archive
April Archive
March Archive
February Archive
January Archive

2010 Securty Blog Archive
December Archive
November Archive
October Archive
September Archive
August Archive
July Archive
June Archive
May Archive
April Archive
March Archive
February Archive
January Archive

2009 Securty Blog Archive
December Archive
November Archive
October Archive
September Archive
August Archive
July Archive
June Archive
May Archive
April Archive
March Archive
February Archive
January Archive

2008 Security Blog Archive
December Archive
November Archive
October Archive
September Archive
July-August Archive
May-June Archive
April Archive
March Archive
February Archive
January Archive

2007 Security Blog Archive
December Archive
November Archive
October Archive
September Archive
August Archive
July Archive
June Archive
May Archive
April Archive
March Archive
February Archive
January Archive

2006 Security Blog Archive
December Archive
November Archive
October Archive
September Archive
August Archive
July Archive
June Archive
May Archive
April Archive
March Archive
February Archive
January Archive


Security Alerts
Locate security alerts, and security feeds via a security rss feed directory.