security

Tokenization is the way to prevent e-commerce security breaches

By Avery Buffington, Information Security Architect, SecureNet, Network World | August 25th, 2014 E-com security breaches are increasing in frequency at an alarming rate, but there is a way to prevent them from: tokenization. This vendor-written tech primer has been edited by Network World to eliminate product promotion, but readers should note it will likely …

Tokenization is the way to prevent e-commerce security breaches Read More »

Your living room is vulnerable to cyber attacks

By Tony Bradley, PC World | August 22nd, 2014 A Kaspersky Labs researcher hacked his own home and found a number of serious security concerns. At the Black Hat security conference in Las Vegas earlier this month, researchers demonstrated how a Nest thermostat can be hacked, to show how easily connected appliances–the household technologies that …

Your living room is vulnerable to cyber attacks Read More »

Security spending gets boost from mobile, social and cloud, says Gartner

By Mikael Ricknäs, IDG News Service | August 22nd, 2014 Worldwide spending will increase by almost 8 percent this year. The increased adoption of mobile, social and cloud computing is driving growth in security spending among organizations that are also becoming more aware of threats on all those fronts. Worldwide spending on information security will …

Security spending gets boost from mobile, social and cloud, says Gartner Read More »

NIST taking input for mobile security guidelines

By Joab Jackson, IDG News Service | August 21st, 2014 A new NIST publication aims to alert enterprises of potential security dangers within commercial apps. The U.S. National Institute of Standards and Technology (NIST) is developing a guide for testing third-party apps to ensure that they are secure and don’t introduce any vulnerabilities. The government …

NIST taking input for mobile security guidelines Read More »

Researchers build security framework for Android

By Antone Gonsalves, CSO | August 21st, 2014 University researchers have modified the Android operating system to let developers plug in enterprise-class security enhancements that would normally require overhauling a mobile device’s firmware. The code added to the OS is called the Android Security Modules (ASM) framework, which is described in a paper from security …

Researchers build security framework for Android Read More »

Healthcare organizations still too lax on security

By Jaikumar Vijayan, Computerworld | August 19th, 2014 Data breach at Community Health is symptom of broader problem, security experts say. The data breach at Community Health Systems that exposed the names, Social Security numbers and other personal details on more than 4.5 million people is a symptom of the chronic lack of attention to …

Healthcare organizations still too lax on security Read More »

Community Health Systems blames China for recent data breach

By Steve Ragan, CSO | August 18th, 2014 Community Hospital Systems (CHS), which operates just over 200 hospitals in 29 states, reported a data breach impacting about 4.5 million people on Monday. The incident, blamed on actors in China, was made public via an 8-K filing with the U.S. Securities and Exchange Commission. The 8-K …

Community Health Systems blames China for recent data breach Read More »

New security tools from Tenable, HP, Co3 attempt the impossible

By John Breeden II, Network World | August 11th, 2014 Automated incident response promises total network security by combining threat detection, prevention and response. Automated incident response is one of the fastest growing fields in computer security. Alternatively called threat monitoring, vulnerability management or threat management, it encompasses the seemingly impossible task of defending a …

New security tools from Tenable, HP, Co3 attempt the impossible Read More »

PCI Security Council moves to boost service providers’ credit card security

By Jaikumar Vijayan, Computerworld | August 8th, 2014 Growing use of outsourcing companies by merchants drives need for stronger controls. The Payment Card Industry Security Standards Council (PCI SCC) has updated its guidance to help merchants better determine whether third party service providers have implemented security measures to protect credit and debit cardholder data. The …

PCI Security Council moves to boost service providers’ credit card security Read More »

The Internet of Things Brings Far-Reaching Security Threats

By Kenneth Corbin, CIO | August 8th, 2014 Bringing new devices online at home and in the enterprise raises a host of security concerns that will require a more hands-on rethinking. WASHINGTON Security pros routinely cite poor cyber hygiene as one of their top concerns. But if they’re lying awake at night worried about lazy …

The Internet of Things Brings Far-Reaching Security Threats Read More »

Black Hat 2014: How to steal security codes from home alarm systems

By Tim Greene, Network World | August 4th, 2014 A $50 device made with off the shelf hardware can. For $50 attackers can build a radio device that cracks home alarm systems and other common security devices, Black Hat 2014 attendees will hear this week. A combination of a microcontroller and a single-board computer comprises …

Black Hat 2014: How to steal security codes from home alarm systems Read More »

Cisco patches traffic snooping flaw in operating systems used by its networking gear

By Lucian Constantin, TechWorld | August 4th, 2014 The vulnerability affects the OSPF routing protocol implementation on Cisco networking equipment. Cisco Systems said attackers could disrupt or intercept traffic in many of its networking products unless a new security update is applied to the software they run. The issue affects the implementation of the Open …

Cisco patches traffic snooping flaw in operating systems used by its networking gear Read More »

Attackers use domino effect to compromise your accounts

By Tony Bradley, PC World | July 31st, 2014 The two-factor authentication used to “protect” your accounts is often insecure and poses a weak link that can be exploited by attackers. Data breach after data breach has illustrated just how weak and ineffective passwords can be for protecting accounts and sensitive information. Many sites and …

Attackers use domino effect to compromise your accounts Read More »