Articles
  • Password security is not just a user problem

    A lot has been said about multi-factor authentication, and it can add quite a bit of security to a system. However, some of the implementations Iíve seen have some real issues. Here are some things to look for Ė either in your own systems, or those run by your partners and suppliers

  • Education is the key to increasing mobile security

    In order to empower people to take control of their digital assets, consumers must first understand that simply picking a petís name and adding a 1 to the end for a password or using a four digit PIN based on their date of birth is not enough to secure the wealth of information they carry around in their pockets.

    A personís digital identity is worth a significant amount to the right hackers and everyone needs to ensure they take the maximum precautions available to counteract this security threat.

  • How threats shape cloud usage

    In this interview, Ravi Ithal, Chief Architect at Netskope, discusses the top threats to cloud security and how they are changing the way we're using the cloud. He also talks about how the power of the cloud influences the agility of a modern security architecture and offers insight about who is ultimately responsible for data security in the cloud.

  • We can fix security, but itís not going to be easy

    When I think about computer security, I like to go back to its early days and compare the situation then with the situation now. Taking a step back is very useful because, even though we work very hard, we need to ask ourselves if weíre making things fundamentally better. In other words, are we focusing our efforts on the right problems?

  • Behavioral analysis and information security

    In this interview, Kevin Watkins, Chief Architect at Appthority, talks about the benefits of using behavioral analysis in information security, how behavioral analysis can influence the evolution of security technologies and offers several behavioral analysis strategies.

  • How to keep your contactless payments secure

    Contactless payments actually have the same level of protection as chip and PIN payment cards, but donít require the user to enter a PIN number. Rather, to send data, most contactless cards use radio technology (RF) or the newer near field technology (NFC) that turns a smartphone into a digital wallet.

    Over the last decade, researchers have shown that fraudsters can pickpocket a victimís financial data using a dedicated amplifier, an antenna and other low-cost electronics that can fit into a rucksack.

    Here are the top security threats you should be aware of if youíre using a RF-based card, along with our top safety tips to keep your payments secure.

  • Security compliance is necessary for real-time mobile data access

    Security compliance often varies from organisation to organisation due to varied industry regulation as well as internal security policies and procedures. We often see organisations attempt to repurpose security frameworks from the PC world and apply them to mobile. Mobile is fundamentally different than other enterprise technology and therefore requires a revised approach to security policies and countermeasures.

  • How to talk infosec with kids

    As cybersecurity professionals, we know first-hand how the cyber world is filled with battles between good and evil. But do your kids know that? If youíre a parent, like me, chances are youíre concerned about your kids using the Internet.

    As they live digital lives, we need to become digital parents. Youíd think that would come easily, given that we work in cybsersecurity, but Iím continually surprised to hear how many of my tech colleagues donít talk about the dangers they see on their screens at work back at home with their kids. Instead, their strategy is a mixture of hope and worry. They hope something bad doesnít happen to their kids Ė they donít click on a bad link Ė and then they restrict their kids screen time.

  • Bug bounty programs: The road to hell is paved with good intentions

    Bug bounties are in the news again. The main problem is that once a bounty program is in place, hackers of all type of qualification and ethics consider it a green light to attack the system. The issue here is that these are frequently hackers with very modest or even without experience of professional security testing, who can actually damage the system they are probing.

  • Emerging cloud threats and how to address them

    As organizations deploy and harness private, community and hybrid clouds, they encounter new types of threats, along with the old ones they've been battling for years. Many of these threats come from sharing physical, virtual, and software infrastructure with other clients of varying security postures, and relying on a cloud provider to implement the right security measures. Public and community clouds can be appealing targets for hackers looking to disrupt or steal information from scores of organizations with one successful strike.

Videos      Podcasts



Spotlight

Bash Shellshock bug: More attacks, more patches

Posted on 29 September 2014.  |  As vendors scramble to issue patches for the GNU Bash Shellshock bug and companies rush to implement them, attackers around the world are probing systems for the hole it opens.


Weekly newsletter

Reading our newsletter every Monday will keep you up-to-date with security news.
  



Daily digest

Receive a daily digest of the latest security news.
  

DON'T
MISS

Tue, Sep 30th
    COPYRIGHT 1998-2014 BY HELP NET SECURITY.   // READ OUR PRIVACY POLICY // ABOUT US // ADVERTISE //