Security Port

Security Forums
Security Articles
Security Port Blog
Security Blogs
Security Books
Security Glossary
Security Definitions
Security Directories
Security Wikis
Security Tradeshows
Security Newsletters
Security Alerts
Buyers Guides
Security Newsgroups
Security Organizations
Submit Security Sites
Security Magazines
Security Feeds
Security News
Security Software
Security Products
Search Databases


Security Port
Contains relevant information that pertains to security related issues and solutions.

Security Port

A Security Port Blog
Security Views Differ
09/02/2013

A much higher percentage of executive-level employees believe their organizations are following security procedures through the life cycle of application development than do the engineers who are closest to executing the security processes, according to a survey of 642 IT professionals in both executive and engineering positions, which was conducted by the Ponemon Institute and Security Innovation.
Another troubling conclusion of the report was that most organizations are only taking minimal steps to address application security throughout their development process. For example, most organizations do not have a defined software development process in place and most organizations are not testing for application security.

In addition, the survey indicated executives are far more likely to agree that their organizations measure developers for compliance with secure architecture standards while only 23 percent of technicians and staff believe such measures are taken. Three-quarters of executives believe security standards are in place as opposed to just 23 percent of technicians who strongly agree or agree their organizations have defined secure architecture standards.

Security Impact on Technology
09/01/2013

How is this for an alternate reality? Imagine if the U.S. government had created institutional barriers that hindered the development of the American tech sector in the 1980s and '90s. No Microsoft or Apple, no Google nor Facebook. What would the world look like today?

The short answer is simple: The stunted growth of Silicon Valley would have allowed tech companies in other countries to fill the void, to meet the needs of the world that were being fueled by vast technological change.

Fortunately, that hypothetical scenario did not happen, but according to Daniel Castro, senior analyst with the Information Technology and Innovation Foundation, a modern-day version of it is taking place as we speak.

10 Security Tips for Customer Support
08/31/2013

What every company hopes dearly to avoid is the customer facing security incidents especially those involving compromise of customer information. While the issues related to retail customer information usually get primetime coverage, there is also the significant issue of B2B interactions with our corporate customers and partners.

Companies involved with software and system delivery projects often require customer service, sales and support staff to be deeply engaged with the customers. Often a single employee maybe dealing with multiple customers.

Homeland Security Employee Spews Hate
08/30/2013

A Department of Homeland Security employee who works on, among other things, the procurement of guns and ammunition for U.S. Immigration and Customs Enforcement, spends his nights and weekends preparing for a coming race war and advocating for anti-gay causes, according to a new report from the Southern Poverty Law Center. Meet Ayo Kimathi, a.k.a. the Irritated Genie, who told his bosses at the DHS that his anti-white, anti-gay site, War is on the Horizon, was just an entertainment site that sells concert and lecture videos.

You see, DHS employees, even those with office jobs like Kimathis, have to get outside activities approved by their supervisors, according to the SPLC. Kimathis former supervisor told the watchdog group, which tracks hate speech and groups in the U.S., that despite her former employees banal description of his extracurricular activities, the actual content of the site left her stunned.

The content of Kimathis advocacy demands some clarification. In some circles, the term black supremacist  is applied with a very wide brush.

Security Software Slows Computers Down
08/29/2013

Running more than one anti-virus program at a time can be a problem. The way anti-virus programs scan can be detected by each other as viruses. And yes, anti-virus and anti-malware programs consume computer resources, so running multiple programs can be a drag on your system.

Identity Theft of Childrens Identity
08/28/2013

As your children return to school, your to-do list will include immunizations to protect against illness. Do not forget to also immunize them against identity theft.

According to a 2012 study by Javelin Strategy and Research, 2.5 percent of U.S. households with children younger than 18 experienced child identity theft. In reality, the number is higher because many young victims might not realize their identity has been stolen until they become adults.

School Security Questions
08/27/2013

Barely more than a week into the new school year and a gunman armed with an assault rifle has attacked an elementary school in Decatur, Georgia. Fortunately, the gunman was apprehended before anyone was injured or killed.

Although the outcome of this most recent attack was significantly better than the carnage witnessed in the Sandy Hook Elementary School shooting in Newtown, Connecticut, last December, parents need to be proactive when it comes to their children's school security plans. Before sending their precious little ones back to school, every parent should ask their school administrators the following questions:

1. Does the school have a crisis response plan customized for its campus?
2. Does your campus regularly practice school safety drills?
3. What should parents do if there is an emergency at the school?
4. Have both staff and students received training on what to do during an active shooter incident?
5. Has the school partnered with its local law enforcement agency to practice emergency response procedures?

Google Security Patent for Android Phones
08/26/2013

Privacy and security concerns have increased with the revelation of PRISM. Even though there are lot of security measures one can take, most of them are tiring at times, especially when you know you are in a safe zone. Google is trying to solve this issue, and in a new patent filed by the company for Android aims to have security features in your Android device which adapt according to your location.

Motorola has been trying to make security on phones more hassle free by introducing skip NFC tags, but Google aims to makes things even more simpler and use locations awareness to implement security on Android devices.The new patent states that the Android device will be able to detect its current location and change security settings accordingly.

US Syria Security Options
08/25/2013

President Obama held a meeting with his national security team Saturday to review the deteriorating situation in Syria, which saw rebels accuse the regime of President Bashar al-Assad this week of using chemical weapons in an artillery attack on suburban Damascus.

The White House says Mr. Obama is still trying to determine whether chemical weapons were in fact used, but an official insisted the president still has a range of options available.

LoJack for Phones
08/03/2013

Most smartphones users are concerned about the safety and security of their device as well as the data on their devices. That is why third party developers make a lot of apps that offer various security features. Manufacturers themselves bundle security softwares to make their devices more secure. The LoJack security app is now available for Samsung Galaxy S4 and Galaxy S4 Active, the service will cost users $29.99 per year and will provide features such as recovery assistance, tracking and remote data wiping.

The unique thing about LoJack is that it is actually built inside the firmware of the device, that makes it immune to factory resets. So one can say that LoJack is persistent, though it probably will not be secure against manual ROM flashes. In order to activate LoJack for these devices, users have to visit their website, register their device and pay the annual subscription fees. The developer of LoJack, Absolute Software, claims that they will work with law enforcement in order to recover the user’s stolen device. The firmware update required for this app has already been rolled out by AT&T, Sprint and Verizon. T-Mobile is yet to follow. LoJack currently works only in North America right now.

Energy Companies Vulnerable
08/02/2013

A series of recent cyber attacks used basic tools to break into power company networks and threaten their automated systems, according to a memo sent by the Department of Homeland Security.

In the memo, sent to electric and nuclear sector CEOs and obtained by the Houston Chronicle, the department, for the second time, urged energy companies to beef up security after recent physical and online attacks threatened serious damage to infrastructure and equipment.

Wearable Security Devices are the New Security Vulnerability
08/01/2013

Among other things, Google Glass is bringing to light how wearable computers and the new wave of web-connected objects collectively known as the Internet of Things are introducing new security vulnerabilities to the puzzle of mobile computing.

Google Glass is a pre-production device made for developers. It has bugs, and it has problems, some of which are related to security. That’s the main reason why Google distributed the devices among a limited sample group. The company has tasked these developers with discovering and reporting security vulnerabilities in Glass so Google can address them.

And many of these issues are entirely new. For instance, one of the latest problems to be addressed, discovered by Lookout Mobile Security, involves how Glass interprets QR codes when it snaps a picture. QR codes themselves are a fairly new development, and only recently have mobile devices had enough processing power to be able to automatically execute QR code commands in a photograph. Thus for the first time, this has provided malicious folks with the opportunity to gain access to your device through these machine-readable blobs of black and white blocks.

Windows XP Is the Newest Dinosaur
07/31/2013

Microsoft will no longer provide updates and security patches for Windows XP as of April 8, 2014, so the tech giant and its partners are now trying to get users off the ancient operating system.

The Computer Emergency Response Team-India is one the latest important names that joined Microsofts efforts to move consumers to a newer platform.

The end of support of Windows XP Operating System means that Microsoft will not provide security updates, non-security hotfixes, free or paid assisted support and any online technical support for the Windows XP, CeRT-IN said in a security advisory according to Business Standard.

Security for Small Businesses
07/31/2013

If your small-to-midsized business is like most, you're playing a game of chicken with cyber-criminals. You probably know that your defenses probably are not able to repel today's sophisticated, persistent attacks, yet you hope that you will be overlooked.

IT security is complex, and security professionals are mired in a nonstop arms race against cyber-criminals. It is easy to read headlines and think, If the DoD can be penetrated, how am I going to ward off would be attackers?

True enough, but there's an old security maxim to keep in mind: You do not have to have the most secure house on the block; you just have to have better security than your neighbors.

Tumblr Password Reset
07/30/2013

Tumblr urged users to download an important update for its iOS apps on Tuesday, after a security vulnerability put passwords at risk.

Unisys to Help Border Security
07/29/2013

U.S. border security systems will be operated, managed and enhanced by Unisys Corp. under a contract from the U.S. Department of Homeland Security.

The indefinite-delivery/indefinite-quantity award from DHS' Border Enforcement and Management Systems Program Office is for a five year period -- one base year of performance and four one-year option periods -- and has a ceiling value of $460 million.

The award represents new work that significantly builds upon Unisys' success as an industry partner to Customs and Border Protection for more than a decade, the company said.

complete article





Current Blog

2013 Security Blog Archive
August Archive
July Archive
June Archive
May Archive
April Archive
March Archive
February Archive
January Archive

2012 Security Blog Archive
December Archive
November Archive
October Archive
September Archive
August Archive
July Archive
June Archive
May Archive
April Archive
March Archive
February Archive
January Archive

2011 Security Blog Archive

December Archive
November Archive
October Archive
September Archive
August Archive
July Archive
June Archive
May Archive
April Archive
March Archive
February Archive
January Archive

2010 Securty Blog Archive
December Archive
November Archive
October Archive
September Archive
August Archive
July Archive
June Archive
May Archive
April Archive
March Archive
February Archive
January Archive

2009 Securty Blog Archive
December Archive
November Archive
October Archive
September Archive
August Archive
July Archive
June Archive
May Archive
April Archive
March Archive
February Archive
January Archive

2008 Security Blog Archive
December Archive
November Archive
October Archive
September Archive
July-August Archive
May-June Archive
April Archive
March Archive
February Archive
January Archive

2007 Security Blog Archive
December Archive
November Archive
October Archive
September Archive
August Archive
July Archive
June Archive
May Archive
April Archive
March Archive
February Archive
January Archive

2006 Security Blog Archive
December Archive
November Archive
October Archive
September Archive
August Archive
July Archive
June Archive
May Archive
April Archive
March Archive
February Archive
January Archive


Security Alerts
Locate security alerts, and security feeds via a security rss feed directory.