Sources on this Page

> Headlines by Category

 Home / Technology / Security / Authentication & Encryption

You are using the plain HTML view, switch to advanced view for a more complete experience.

When it comes to security, trust but verify

ORLANDO -- It's time to rethink a bunch of security truisms, Gartner analysts said at the company's annual Symposium/IT Expo here this week.

The security rules companies have relied on for decades are ready for retirement. These include: Prevention is better than cure, humans are the weakest link, and access should be limited to just an employee needs to do his or her job. These old saws have been "exploded" by today's tech trends, said Tom Scholtz, Gartner research vice president.

For one thing, employees are now mobile, digitally literate, embrace new tools without fear and expect access to whatever they need from wherever they're working.

To read this article in full or to leave a comment, please click here

5 tips for better enterprise security

The recent spate of data breaches at major U.S. organizations has raised questions about how effective current security tools and approaches are when it comes to dealing with emerging threats.

To read this article in full or to leave a comment, please click here

(Insider Story)
Why we love outside vendors' ideas of security

Outside vendor has a contract to manage a server for the company where this IT pilot fish works -- but something's not working.

"I got an email forwarded by our Network Operations Center from the vendor, saying that they had an issue connecting to the server," fish says.

"The message included the listing for a failed Telnet session from one of their scripts.

"I emailed the NOC back: The vendor is in the wrong decade. Do they know that Telnet passes the user name and password in clear text? Telnet is turned off on all servers we build. Please tell them to use Secure Shell instead."

Sharky practices security by obscurity -- I file off the identifying marks when you send me your true tale of IT life at sharky@computerworld.com. But there's nothing obscure about the stylish Shark shirt you'll get if I use it. Add your comments below, and read some great old tales in the Sharkives.

To read this article in full or to leave a comment, please click here

Google patches another round of Stagefright flaws in Android

Google has issued patches for two new Stagefright-related vulnerabilities, one of which affects Android versions going back to 2008 and puts millions of users at risk.

The flaws were found by security company Zimperium, which also unearthed the original Stagefright flaws in April.

In an advisory Monday, Google said it didn't appear that attackers have started exploiting the vulnerabilities yet.

The latest flaws are only slightly less dangerous than their predecessors, which allowed a device to be compromised merely by sending a specially crafted multimedia message (MMS). An attacker needed only to know the victim's phone number.

To read this article in full or to leave a comment, please click here

Anonymous insiders reveal real hacking risks to nuclear power plants, report

The risk of serious cyber-attacks on nuclear power plants is growing, according to a new report by think-tank Chatham House. If you follow this type of news, then this is probably not a big shocker, but did you know there have been around 50 cyberattacks on nuclear plants? 

One unnamed expert quoted in the Chatham report (pdf) claimed, “What people keep saying is ‘wait until something big happens, then we’ll take it seriously’. But the problem is that we have already had a lot of very big things happen. There have probably been about 50 actual control systems cyber incidents in the nuclear industry so far, but only two or three have been made public.” The report claimed that there is limited incident disclosure and a “need to know” mindset that further limits collaboration and information-sharing.  

To read this article in full or to leave a comment, please click here

An Enhancement of Secured Multi Message Authentication Protocol for Vehicular Networks
It is well recognized that security plays a vital for the reliable operation of Vehicular Ad hoc NETworks (VANETs). One of the critical security issues is the revocation of misbeha...
Can the first true smartwatch deliver?
If you're looking for a smartwatch that can perform without an associated phone, you might be in luck. Omate is about to unleash the TrueSmart+. But can it succeed?
The perils of single sign-on

My company, like most, has been letting go of on-premise corporate applications in favor of cloud-based alternatives for quite a while now. Still, it wasn’t until last week that it really came home to me how thoroughly committed to the cloud we now are.

The occasion for this eye-opener was a meeting with our CIO and his IT team, who were preparing to investigate single sign-on (SSO) for the company and wanted my input on requirements and vendor selection.

11 famous hackers and their handles
You could be whoever you wanted

Image by flickr/the euskadi 11

The origins of what we think of as modern hacker culture emerged from the same California milieu as the 1960s counterculture, and it shows. In 1973, programmers from Berkeley who had worked on the time-sharing Berkeley Operating System launched Community Memory, the first public bulletin board system, and prominent among these pioneers was Jude Milhon, aka St. Jude. She passed away in 2003, much beloved. At the other end of the state, a few years later Susan Headley fell in with a gang and helped hack into DEC's systems; she went by the name Susy Thunder. Why not take on a kooky new name? It was a sign of the times.

To read this article in full or to leave a comment, please click here

How (and why) to launch a bug bounty program

Aaron Bryson, director of information security at cybersecurity company Cylance, has been hired to hack everything from mobile apps to cars. Bryson, who became hooked on hacking as a kid growing up with movies like WarGames and Hackers, got his first real taste of the ethical hacking world in college.

To read this article in full or to leave a comment, please click here

(Insider Story)
Post Selected Items to:

Showing 10 items of 122

home  •   advertising  •   terms of service  •   privacy  •   about us  •   contact us  •   press release design by Popshop •   Official PR partner PRNews.io •   © 1999-2015 NewsKnowledge