The growing prevalence of shadow IT caused by BYOD and remote working is making an existing security problem much worse: how do you protect an increasing number of passwords used for an increasing number of cloud applications?
NY Times points blame for 4-month hack at Chinese government
In a development that appears to be as politically motivated as the kidnapping of embedded investigative journalists in the Middle East, the New York Times said that it has uncovered a four-month-long hacking effort on the part of Chinese hackers.
Financial skulduggery and email hackery
Buried in all the financial reporting on the battle for control of Indonesian coal mining company Bumi is the small matter of whistleblowing and email hacking.
Cross-site scripting attacks up 160% in Q4 2012
Cross-site scripting (XSS) is increasingly common in the cloud computing world, up more than 160% in the fourth quarter of 2012 from the previous three months, a security firm is warning.
Worldwide communications infrastructure faces APTs, bots, DDoS; mobile networks weakest
Communications service providers and network operators are a potential weak link when it comes to security. Their networks carry every app, connect every mobile device and provide all of us with on-ramps to the internet. In short, we couldn’t communica…
From hackers to obituary-readers, identity theives have many personae
From dumpster divers to pickpockets, identity thieves come in many varieties. But while identity theft continues to be one of the greatest security issues for consumers (the US Federal Trade Commission estimates that about 15 million Americans fall vic…
Java security settings can be ignored by malware
New vulnerabilities and flaws in Java are so common and frequent that it is difficult to keep pace. Less than two weeks ago it was revealed that the Java sandbox could be bypassed; now it is disclosed that the complete security settings can be ignored.
Virtual Directory as Database Security
I’ve written plenty of posts about the various use-cases for virtual directory technology over the years. But, I came across another today that I thought was pretty interesting.
Think about enterprise security from the viewpoint of the CISO. There are…
Google plots Pwnium 3 Chrome hacking contest, with $3.14 million on the line
In a move with perfect timing considering the number of Chromebooks that Google sold over the holidays (hint: a lot), the company has announced its third Pwnium hacking competition, which will have a new focus: the Chrome OS. In all, the browsing behem…
Advocacy groups mark Data Privacy Day with key announcements
The year 2012 was a very bad year for data breaches, with more than 240 million records compromised. So, to mark this week’s international Data Privacy Day, the Online Trust Alliance has released its ‘2013 Data Protection and Breach Readiness Guide’ to…