Inside the Briefcase
Tweet Just as Apple was officially responding to the MacDefender scareware scam that popped up a few weeks ago, a new and possibly more dangerous variant set to work tricking users into installing dangerous software. Unlike the original MacDefender scam, however, the new version does not require an administrative password to install itself on a […]
Tweet A new round of patching has begun for Android phones, the vast majority of which were found to be vulnerable to hackers if the owner was using it on an open WiFi network. The flaw affected 99.7 percent of all Android smartphones running Android 2.3.3 and earlier versions because they don’t use a secure […]
Tweet Days after Sony relaunched its supposedly fixed PlayStation Network, reports have surfaced concerning a new trick hackers can use to change a user’s account password without his or her permission. The apparent exploit represents another pothole in PSN’s long road to recovery, which started last month when Sony pulled the plug in response to […]
Tweet The area of customer relationship management (CRM) is often focused on capturing information on customers and using that information within the organization to drive value out of every interaction. That CRM system has valuable information – and sometimes sensitive information – that may need to be protected. This recent CIO article focused on the […]
Tweet It seems Facebook can’t make up its mind about privacy. Last week, it tried to hang Google out to dry in an inept effort to blast its Social Search for invading users’ privacy. This week, it’s cozying up with Bing, allowing the Microsoft search engine to draw on its user data to do the […]
Tweet If Value Engineering is the identification of different implementation strategies to achieve the business goal, the ultimate in value engineering is to identify requirements that don’t need to be done in the first place. Although security and access control would seem to be a poor candidate for this kind of requirements elimination, in many […]
Tweet SOURCE: BusinessWire Research and Markets has announced the addition of Nemertes Research’s new report “2010-11 Virtualization Security Benchmark” to their offering. Virtualization security has lagged behind overall adoption of virtualization, creating the possibility for security breaches in company data centers. Even though most companies have not conducted a formal assessment of the risk introduced […]
Tweet Every time you turn around another company is reporting a serious data breach. Last week it was the LastPass online password management service that lost some e-mail addresses and master passwords, as CNET’s Seth Rosenblatt reported in The Download Blog. A couple of weeks before that, hackers broke into the servers of German software […]
Tweet Cloud computing vendors and customers may not be paying enough attention to security issues, according to a recent study by the Ponemon Institute, sponsored by CA Technologies. The study, “Security of Cloud Computing Providers,” found security to be a low priority for cloud service providers – and, apparently, their customers. A whopping 73 percent […]
Tweet Scareware has apparently made its way to the Apple Mac platform. Intego, which specializes in creating antivirus software for the Apple Mac platform, warned Monday that a fake antivirus program called “MACDefender” is attacking Apple Macs. Scareware in general is a common tactic used by online scammers, and it’s been seen many times in […]
Tweet The advancement of mobile technologies has enabled employees to take the enterprise anywhere — both at home and on the road. But with a greater amount of work being done outside the firewall, criminals have begun to target their attacks accordingly. Companies must incorporate security policies and mechanisms that define and automate how sensitive […]
By Klaus Brandstätter The concept of a virtual workplace has increasingly been implemented by enterprises as a way to boost employee satisfaction and productivity as well as reduce their carbon footprint and energy expenses, in an effort to be more environmentally friendly. According to a recent survey conducted by Microsoft, 62 percent of employees believed they could perform their job duties at a remote location.
Tweet Social networks give cybercrooks a potentially powerful point of leverage, sometimes allowing them to launch sophisticated attacks against businesses. However, companies may be reluctant to institute a zero-tolerance ban on all forms of online social networking. A balance of good education, good policy and good technology must be struck. Read More…
Tweet Being a social networker doesn’t necessarily mean a person is tech-savvy, and that can be a problem when it comes to how Facebook handles security. The site offers a new feature that improves its HTTPS setting for example, but to benefit from it, users are required to know that the setting exists — or […]
Tweet Rather inconveniently, there’s no obvious answer to this question because, as yet, no real market leaders in virtualized infrastructure security have emerged. But this sticky situation is set to change in the near future, according to Jeff Wilson, a security analyst at Infonetics Research. The results of his “Security for Virtualized Infrastructure: North American […]
Tweet Disaster recovery is a term often used in Information Technology (IT) circles to describe the necessity for backup technology systems to safeguard an organization’s data. While this type of safeguard is absolutely a necessity to protect valuable data, and also reduce the amount of time your organization will need to recover from an incident, […]
Tweet Wouldn’t it have been prudent on Epsilon’s part to have encrypted email addresses and client names on the off chance that its systems could have been breached? After all, the conventional wisdom among IT security professionals now is that it’s not a question of if your systems will be breached, but when. Perhaps Epsilon, […]
CA today announced the acquisition of Base Technologies, a privately-held consulting firm focused on the management of IT assets, with leading practices in virtualization management, mainframe technology, security and managed IT infrastructure. Terms of the transaction were not disclosed.
Tweet The state of Web security has never been pretty, and a new report from Symantec (Nasdaq: SYMC) discussing current and future threats only highlights just how risky the Internet environment has become. The daily volume of Web-based attacks increased an eye-popping 93 percent from 2009 to 2010, the report says — and that’s a […]
Tweet When both private and corporate data is stored on the same device, it becomes a data container that is vulnerable to data leakage. As a result, when employees use personal devices to access core business applications that reside in the cloud, how can organizations ensure that the device won’t be used by unauthorized personnel […]
Tweet VeriSign announced today that it has deployed the DNS Security Extensions (DNSSEC) in the .com generic top-level domain, the largest domain on the Internet with more than 90 million registered names. The publishing of the new root zone for .com with delegation signature records at about 11 a.m. Eastern Time was called a critical […]
This white paper describes the drivers for better IT security auditing, the problems with current approaches and how to automate IT security audits.
Tweet Individual internet users can no longer expect to be able to manage their own online security according to the head of Australia’s peak internet association- and the arrival of the National Broadband Network could compound the problem. Read more…
Tweet South Korea’s recently proposed Zombie PC Prevention Bill, aims to fight them with common sense – by making security software mandatory on users’ PCs. What’s particularly interesting about the bill, is the backdoor left open, empowering the government to “examine the details of the business, records, documents and others” of users and companies who […]
Tweet Ninemsn, Yahoo7 and Microsoft on Monday told a Federal Parliamentary inquiry that more needs to be done to shore up safety, particularly to safeguard children. The inquiry heard how social networking site Facebook is forced to pull down 20,000 pages a day because they have been started by children under the age of 13. […]
Tweet A software package designed to minimize the potential risks of synthetic biology for the nation’s defense and security is now available to the gene synthesis industry and synthetic biology community in an open-source format. Virginia Tech has licensed GenoTHREAT, a software tool that helps detect the use of synthetic DNA as bioterrorism agents. Developed […]
Tweet A panel discussion on global IT security at the ITSEF conference Wednesday involved much talk of private and public sector cooperation and trust. Such conversations, however, can only go so far, as audience member Jody Westby reminded the panelists. “The issue is a legal one,” Westby remarked. Read More…
Tweet SOURCE: Broadview Broadview’s cloud-based services target the growing opportunity for Software as a Service (SaaS) and Infrastructure as a Service (IaaS). Both SaaS and IaaS allow companies to move software, applications, storage and server hardware that support critical business operations off-site, which can improve the availability, security and compliance of their data and applications […]
Written by: Thomas Knight, VP of N. America, AuthenWare In healthcare today, there is an ever increasing concern with protecting patient privacy as nurses, technicians, doctors, billing clerks, payers, providers and many others have practically unlimited access to their private information. The biggest disappointment that I have with HIPAA is that it offers healthcare organizations a rare opportunity to update their technology platform with best practices, proper procedures and policy enforcement, but very few have actually done so. Read More…
Tweet Fluctuating economic conditions, increased competition and surging volumes of organizational information are pushing organizations to opt for business intelligence software. The business intelligence software was one among the few markets which was resilient to the global economic crunch, and showed a growth in the same period. The increasing requirements of Business Intelligence applications by […]
