Clik here to view.
Health Care Information Security Challenge
In the last week, I’ve read several articles claiming that health care information is a prime target for cyber-criminals in 2013. While I agree with this, I don’t agree with one of the reasons given....
View ArticleClik here to view.
Policies are not enough to protect mobile data…
Policy is not enough. Ensuring sensitive information is handled in accordance with internal policy and regulatory constraints requires monitoring of all activities associated with it. In other words,...
View ArticleClik here to view.
Three controls to deal with a broken Internet…
The Internet is broken. Browsers are gaping holes in our security frameworks. Certificates are becoming a liability as cyber-criminals or certificate authority negligence weakens our trust in the...
View ArticleClik here to view.
The Internet is Broken, Part II: NetFlow Analysis
Last week, I introduced the broken Internet, with SIEM technology as a way to help identify bad things happening on your network. This week, I continue this theme by looking at a technology often...
View ArticleClik here to view.
The Internet is Broken, Part III: Response
This is the final post in a series about the broken Internet. In the first, we looked at SIEM. Last week, we explored the value of NetFlow analysis. This week, we close with an overview of incident...
View ArticleClik here to view.
Twitter hacked. So what’s new?
Twitter reported last week that about 250,000 customers might have had their usernames, email addresses, session tokens, and password hashes stolen. This is just one more instance in which the social...
View ArticleClik here to view.
Controls: The absolute minimum
Lulled into false security by years of being told anti-malware is the best way to protect networks and devices, many network administrators leave their networks wide open. Using only anti-malware...
View ArticleClik here to view.
YAWN!!!!
Another article from AP today about the U.S. vulnerability to cyber attacks. No longer news, this kind of information is simply depressing. Mike Rogers, a member of the House of Representatives,...
View ArticleClik here to view.
Home users create security gaps: Fill them
In Phishing attacks target home workers as easy ‘back door’ – Techworld.com, John Dunn writes that users fear becoming targets when working at home. This should surprise no one. With the rapid growth...
View ArticleClik here to view.
Ease of use equals risk? Thanks, Yahoo.
In Yahoo 5 Years Behind on Java Security – Yahoo! News, Ben Weitzenkorn summarizes a Brian Krebbs article about Yahoo’s apparent disregard for the unwitting website do-it-yourself website tool provided...
View ArticleClik here to view.
Facebook employees should know better
While I believe that posting any private information to a social networking site is… well… nuts, I also believe we should have a reasonable expectation of privacy. This means companies like Facebook...
View ArticleClik here to view.
Executive Order: Improving Critical Infrastructure Security
President Obama issued an executive order (12 Feb 2013) addressing the need for a cybersecurity framework to protect the critical infrastructure of the United States. You can read the order here......
View ArticleClik here to view.
It isn’t the algorithm, it’s the admin…
In a recent Threat Post article, Dennis Fisher writes about a competition to find a new password hashing algorithm. Actually, I thought we had enough. Let’s see… we have SHA-2 and SHA-3 (just...
View ArticleClik here to view.
Nyuh-uh… wasn’t me…
Read this article first. Unit In China’s PLA Behind Massive Cyber Espionage Operation: Report | SecurityWeek.Com. Now we can talk… It should come as no surprise that China is aggressively hacking into...
View ArticleClik here to view.
IDCATU strikes Google, Apple, and Microsoft…
The Register published an article today describing Adblock Plus angst over Google seemingly trying to take down their ad blocking software on Android. See Ad-titan Google blocks Adblock Plus in...
View ArticleClik here to view.
The death of text CAPTCHA? I hope so…
In a Yahoo article posted yesterday (Internet advertisers kill text-based CAPTCHA – Yahoo! News), Mike Wehner writes about possible changes to text CAPTCHA hell. Yes, I said hell. I am nearing my...
View ArticleClik here to view.
MIT Report Troubling
In a recent report (MIT Report: U.S. Manufacturing Hits a Wall When It’s Time to Scale), Curt Woodward writes that a group of MIT researchers discovered an almost impassable chasm when looking for...
View ArticleClik here to view.
Adobe Flash? Who really needs it…?
Brian Krebs turned off Flash for a month to see what would happen. Turns out, not much. Flash isn’t all that important for most people to experience an enjoyable, productive Web experience. See...
View ArticleClik here to view.
Are we becoming numb to breaches?
Norm Laudermilch writes in an interesting article that people might be anesthetized to news reports about data breaches. Bad situation. See Anesthetized by Data Breaches.Filed under: Uncategorized
View ArticleClik here to view.
Another government “Oops!”
The OPM breach is just one more instance of a government bureaucrat standing in way of risk mitigation. Congress is getting this one right by asking for the resignations of those responsible....
View Article
