Doug Bedell — October 23, 2014, 2:19 pm

Six Computer Security Techniques Well Worth Applying

0-underused-security-technologies-620x465

Larry Zeltzer on ZDNet provides a post, “Effective security techniques we don’t follow enough.” Discussed are six security technologies/techniques for IT people to review and/or apply, starting with “Parameterized SQL Queries”.  Check them out for inclusion in your book.

Doug Bedell — October 20, 2014, 10:13 am

‘Internet of Things’ (IoT) a Term To Get Used To

IofT2

Expect security functions to arise from the Internet of Things (IoT) applications of web technology. But for now, it’s enough to learn what the term connotes.  Shane O’Neill on InformationWeek provides that service. You’ll discover that it involves more than having a refrigerator transmit recipes for the use of its contents.

Patrick Hubbard takes the IoT discussion a bit further with his follow-up post “Internet of Things Will Turn Networks Inside Out”. Good luck on coping with the security implications of all this.

Doug Bedell — October 17, 2014, 11:40 am

Be Careful: Hackers Can Get the Best of Us

01-6-clicks-hacks-620x452

Here’s some chagrin reading, that is uncomfortable information that’s likely to be at least partly applicable to many of us. Violet Blue on ZD Net’s Zero Day writes about “The six most common ways non-tech people fall victim” to computer hackers.

“Oftentimes,” she notes, “these fateful entry points are created by people who have no idea what’s going on; non-technical employees (or even executiv es) who serve as an unwitting vector for exploitation.

So, be careful, but enjoy your weekend!

Doug Bedell — October 15, 2014, 9:33 am

At the Airport: ‘What’s that In Your Bag, Sir?’

imgres

Oh dear, it’s time for a little light relief, or perhaps profound dismay. Whichever, we invite you to read this recollection by Brian Schmidt, winner of the 2011 Nobel Physics Prize, who took his half-pound gold medal to Fargo, North Dakota, to show to his grandmother.  Imagine what happened as his bag went through an airport security X-ray machine.

We thank Homeland Security Watch for this engaging anecdote.

Doug Bedell — October 13, 2014, 10:49 am

Kmart Joins List of Retail Cyber Breeches

kmart_ss_500

Now it’s Kmart too. Another retailer joins Target, Home Depot, Neiman Marcus, Supervalu, Michaels, P.F. Chang’s and Dairy Queen in having their digital credit card systems compromised.

“With data breaches costing not only billions of dollars, but claiming executives’ jobs as well,” notes Naked Security, “now is as good a time as any for firms within every sector to reassess their security implementation.” Six tips for both businesses and consumers are offered.

Doug Bedell — October 10, 2014, 10:50 am

Cyber Security Now a CEO’s Function, Too

cyber-2-422px

The evolution, sadly, of cyber security threats is discussed in the start of a series of four articles on SecurityMagazine.com. “The greatest shift in cybersecurity,” it says, “relates to the focus and the responsibility – moving from strictly an ‘IT issue’ to one of a business function. Look no further than the Target breach and the subsequent resignations of the company’s CEO and CIO…”

October, incidentally, is National Cyber Security Awareness Month, sponsored by the U.S. Department of Homeland Security.

Doug Bedell — October 8, 2014, 9:30 am

Biden: Middle East Threats Likely for ‘A Generation or More’

images

How long are tensions with Middle East extremists likely to continue? In a privileged position to assess such questions, Vice President Joe Biden responds that they will take “a generation or more to work out.” In a speech last week at Harvard’s Kennedy School, the vice president said that the U.S. faces sustained tensions into the foreseeable future. “Our response must be deadly serious,” he added, “but we should keep this in perspective. The United States today faces threats that require attention. But we face no existential threat to our way of life or our security. Let me say it again: We face no existential threat – none – to our way of life or our ultimate security.”

Excerpts on counter-terrorism from the vice president’s speech can be found on Homeland Security Watch.

Doug Bedell — October 6, 2014, 2:13 pm

Security at Visa’s ‘Ultimate’ New Data Center

visa-headquarters

Visa has gone to a security extreme – self-reliant systems at its new East Coast (apparently) data center shielded by a “moat” – to protect its cardholders and itself, and we certainly wish them well with the center’s operation at a “nondescript” site, as reported by The Register in the UK. There’s been altogether too much news of security breeches lately, topped possibly by hackers stealing contact information on 76 million J.P. Morgan customers.  (But there, of course, the intrustion was by wires, not via roadways.)

Whatever Visa’s ultimate odds of success may be, their intentions at the new center are certainly worthy ones. It’s going to take intrepid defenses, indeed, to protect the U.S. economy against hacker zealots. The new center, says The Register, “packs sufficient redundant systems that Visa thinks it could run for a week without any contact from the outside world, other than data feeds.” Its those data feeds, however, the wires to the site, that might be the very cause for lingering apprehension.  We hope not, but, for better or worse, today’s is a wired world.

(Photo: Inside Visa’s new Operations Center East)

Doug Bedell — October 3, 2014, 10:21 am

Drone Provides ‘Eye’ in a Volcanic Sky

ragnarTh_Holuhraunseldar_20-sept-2014-695

This isn’t a security post as such,  except to suggest the incredible “spying” – or, reversed,  site protection – capacity of drones. It’s a video taken by a drone flying low over an erupting volcano in Iceland last month. The drone, Wired advises,  got “close enough to melt the face of the GoPro camera that shot the video.

Doug Bedell — October 2, 2014, 3:58 pm

SEO Traffic Becoming a Boon to Hackers

sitecheck_Pic

Hacking gets increasingly annoying and problematic. For example, did you know that people discovering you via their SEO rounds can be plucked into by hackers? The Sucuri blog explains how that occurs and  – good news – offers a free SiteCheck scanner to determine if you’ve been affected.

There’s more on the ever-evolving hacker front than we can keep up with, but we’ll try to provide more tips as we come across them.