Last week Google announced a significant change to the way they disclose vulnerabilities. In cases where a zero-day vulnerability has made it into the wild and is being actively exploited, Google will now give a scant 7 days to the software vendor whose product is being exploited before ”…support(ing) researchers (by) making details available so that users can take steps to protect themselves.” We hope that the details Google will make available do not include full disclosu…
Dr.Jekyll or Mr.Hyde?
We recently had a company contact us regarding an email they received from their bank. The company’s access to their online banking account was blocked by its bank due to fraudulent activity observed through its account
Preventing DDoS: What to Look for in a Security Solution
Distributed Denial of Service (DDoS) attacks are on the rise, and they’re only getting stronger. This was driven home by The New York Times report on how anti-spam organization Spamhaus fell prey to one of the largest DDoS attacks in history. Few can forget the targeted DDoS assaults on global financial institutions JP Morgan Chase, Wells Fargo and Bank of America, Regions Bank and American Express – attacks that crippled the businesses for hours and cost millions in lost business, rem…
IT-Harvest Interviews Fortinet’s John Maddison (video)
In the following video, IT-Harvest’s Richard Stiennon interviews John Maddison, Fortinet’s vice president of marketing on how Fortinet views itself in the security market. Topics covered include network security performance, the depth and breadth of the company’s product line and the company’s technology innovation.
New NSS Labs Report: IE’s Browser Security Bests Others
Microsoft’s Internet Explorer 10 is the most secure web browser according to the results of a mid-May 2013 NSS Labs’ analysis. Apple Safari 5, Google Chrome 25/26, Internet Explorer 10, Mozilla Foxfire 19 and Opera 12 were all evaluated against malware downloads and socially engineered malware. Results show that Chrome’s malware download protection improved significantly, up to more than 83 percent from a 70 percent performance in NSS’ October 2012 analysis, Browser C…
The Honeywords Solution
It’s rare that a week goes by without headlines of data breaches or malware attacks – or the introduction of a solution to stop them in their tracks. The latter is increasingly important, thanks to a rash of exploits on LivingSocial, eHarmony, Sony and Evernote – all part of a long, growing list of high-profile targets. The latest, greatest remedy is what researchers at MIT and RSA have dubbed “honeywords” – a new way to deter hackers from leveraging data…
11MB for a simple conference program application?
As I was following the tweets of IEEE S&P, one of the top academic conferences on security, I saw they had created a special application for the people attending the conferences, with the agenda, paper abstracts and a few news. Figure 1. IEEE Security & Privacy Android application Curious, I downloaded the application for Android (air.org.computer.confprog.sp.apk) and ran it through my automated analysis scripts.
Cutting Wires, Costs: A Look at Creating Wireless Efficiencies
Wireless network infrastructure – for anyone in business, it’s a necessary evil and, perhaps ironically, one that isn’t short on infrastructure. You need a controller and wireless routers or access points – lots of them – enabling wireless networks to join an existing wired network. You’ll have to invest in a site planner/survey tool, or risk incorrectly guessing where the APs should go
M2M Attracts Enterprises, Risks and All
Machine-to-machine (M2M) communications applications are working their way beyond traditional utility, traffic control and telemedicine industries, as enterprises search for ways it can benefit their businesses despite some real risks.
IDC BYOD Survey Shows Mobile Malware is the Top Concern
Just a few years ago, the bring-your-own-device (BYOD) to work trend was just starting to give IT administrators cause for concern. Flash forward to today: BYOD has not only reached a tipping point, but is accelerating at a dizzying pace. With this momentum comes elevated fears and a torrent of threats, proven by the latest BYOD and mobility figures from research firm IDC in its Mobile Security Survey 2013.