Last week the security world was abuzz with news of a new attack vector for mobile attacks.
When is a Rogue AP not a Rogue AP?
One of the WORST riddles I can recall from my youth is, “When is a door not a door? When it’s ajar.” A riddle that’s also a pun?!… Seriously, who comes up with this
Security 101: Two-Factor Authentication
Time and time again, the old methods of identifying who you are have fallen prey to various attacks and breaches. Simply having a login name and a password, even a strong password – one that doesn’t contain words from the dictionary, and consists of upper case letters, lower case letters, numbers, and special symbols like exclamation points, ampersands or other non-alphanumeric characters – is often no longer strong enough to prevent a breach. You could have an incredibly strong passwo…
Sandboxing Technologies, Techniques Get Another Look
Neil MacDonald, a vice president at Gartner, wrote in a blog last week the idea of sandboxing potentially malicious content and applications isn’t new, but interest in this type of approach – particularly on Windows desktops – is on the rise. A growing number of virtualization and abstraction techniques available on Windows, he wrote, create isolation to provide security separation. FortiGuard Labs describes sandboxing as a practice employed by security technology to separate running progra…
Insomni’hack 2013
Insomni’hack 2013 took place last week at Geneva and I had the opportunity to attend. Insomni’hack DAY 1 consisted of one day workshops on subjects ranging from “Linux exploitation” to “How to make sure your Pentest Report is never empty”. I had the chance to attend a workshop on “Practical ARM exploitation” given by black Steve (@s7ephen) and white Steve (Stephen Lawler)
Deloitte Survey Finds Breaches Across Industries
A mid-February 2013 Deloitte Tech Trends poll of 1,749 business executives found more than one in four report their organizations were the victims of at least one cyber attack in the past year. Nine percent report multiple breaches, and 17 percent say they are not confident their organizations could detect an attack
Network World Security Landscape Video Podcast (March)
In this month’s Network World Security Landscape video podcast, reporter Keith Shaw speaks with Fortinet’s Derek Manky on trends he saw at this year’s RSA tradeshow, a new Claco cross platform botnet that’s migrating from the smartphones to PCs, the recent Evernote hack and the recent trend of companies migrating to two factor authentication.
RSA Conference 2013: New Threats, New Solutions
The keynote speakers have gone home, the parties have ended, and another RSA Conference 2013 is over. By all reports, this year set records for attendance and business conducted. With a complex and evolving threat landscape and the accelerating adoption of disruptive technologies, exhibitors had a field day on the show floor with sophisticated releases that vied to differentiate in the burgeoning security markets
The Game of Security Evasion
Evasion techniques have existed ever since attacks were created, that’s no secret.
IT Complexity Bolsters Argument for Managed Security
The forward drive and accompanying expense found in the integration of existing systems and infrastructure with new technologies is placing pressure on organizations to rethink network security strategies. Increasing complexity of both IT and physical security requirements, observes Frost & Sullivan in its “Analysis of the Global Managed Security Services Market” (Feb