Health Care Information Security Challenge
In the last week, I’ve read several articles claiming that health care information is a prime target for cyber-criminals in 2013. While I agree with this, I don’t agree with one of the reasons given....
View ArticlePolicies are not enough to protect mobile data…
Policy is not enough. Ensuring sensitive information is handled in accordance with internal policy and regulatory constraints requires monitoring of all activities associated with it. In other words,...
View ArticleThree controls to deal with a broken Internet…
The Internet is broken. Browsers are gaping holes in our security frameworks. Certificates are becoming a liability as cyber-criminals or certificate authority negligence weakens our trust in the...
View ArticleThe Internet is Broken, Part II: NetFlow Analysis
Last week, I introduced the broken Internet, with SIEM technology as a way to help identify bad things happening on your network. This week, I continue this theme by looking at a technology often...
View ArticleThe Internet is Broken, Part III: Response
This is the final post in a series about the broken Internet. In the first, we looked at SIEM. Last week, we explored the value of NetFlow analysis. This week, we close with an overview of incident...
View ArticleTwitter hacked. So what’s new?
Twitter reported last week that about 250,000 customers might have had their usernames, email addresses, session tokens, and password hashes stolen. This is just one more instance in which the social...
View ArticleControls: The absolute minimum
Lulled into false security by years of being told anti-malware is the best way to protect networks and devices, many network administrators leave their networks wide open. Using only anti-malware...
View ArticleYAWN!!!!
Another article from AP today about the U.S. vulnerability to cyber attacks. No longer news, this kind of information is simply depressing. Mike Rogers, a member of the House of Representatives,...
View ArticleHome users create security gaps: Fill them
In Phishing attacks target home workers as easy ‘back door’ – Techworld.com, John Dunn writes that users fear becoming targets when working at home. This should surprise no one. With the rapid growth...
View ArticleEase of use equals risk? Thanks, Yahoo.
In Yahoo 5 Years Behind on Java Security – Yahoo! News, Ben Weitzenkorn summarizes a Brian Krebbs article about Yahoo’s apparent disregard for the unwitting website do-it-yourself website tool provided...
View ArticleFacebook employees should know better
While I believe that posting any private information to a social networking site is… well… nuts, I also believe we should have a reasonable expectation of privacy. This means companies like Facebook...
View ArticleExecutive Order: Improving Critical Infrastructure Security
President Obama issued an executive order (12 Feb 2013) addressing the need for a cybersecurity framework to protect the critical infrastructure of the United States. You can read the order here......
View ArticleIt isn’t the algorithm, it’s the admin…
In a recent Threat Post article, Dennis Fisher writes about a competition to find a new password hashing algorithm. Actually, I thought we had enough. Let’s see… we have SHA-2 and SHA-3 (just...
View ArticleNyuh-uh… wasn’t me…
Read this article first. Unit In China’s PLA Behind Massive Cyber Espionage Operation: Report | SecurityWeek.Com. Now we can talk… It should come as no surprise that China is aggressively hacking into...
View ArticleIDCATU strikes Google, Apple, and Microsoft…
The Register published an article today describing Adblock Plus angst over Google seemingly trying to take down their ad blocking software on Android. See Ad-titan Google blocks Adblock Plus in...
View ArticleThe death of text CAPTCHA? I hope so…
In a Yahoo article posted yesterday (Internet advertisers kill text-based CAPTCHA – Yahoo! News), Mike Wehner writes about possible changes to text CAPTCHA hell. Yes, I said hell. I am nearing my...
View ArticleMIT Report Troubling
In a recent report (MIT Report: U.S. Manufacturing Hits a Wall When It’s Time to Scale), Curt Woodward writes that a group of MIT researchers discovered an almost impassable chasm when looking for...
View ArticleAdobe Flash? Who really needs it…?
Brian Krebs turned off Flash for a month to see what would happen. Turns out, not much. Flash isn’t all that important for most people to experience an enjoyable, productive Web experience. See...
View ArticleAre we becoming numb to breaches?
Norm Laudermilch writes in an interesting article that people might be anesthetized to news reports about data breaches. Bad situation. See Anesthetized by Data Breaches.Filed under: Uncategorized
View ArticleAnother government “Oops!”
The OPM breach is just one more instance of a government bureaucrat standing in way of risk mitigation. Congress is getting this one right by asking for the resignations of those responsible....
View Article
More Pages to Explore .....