background preloader

Security

Facebook Twitter

Wear your raincoat.

Security. Penetration Testing Explained by Varonis. Penetration Testing Explained by Varonis. Security/Encryption. Android flaw puts personal data at risk for millions. Nearly half of Android devices are vulnerable to an attack that could replace a legitimate app with malicious software that can collect sensitive data from a phone.

Android flaw puts personal data at risk for millions

Google, Samsung and Amazon have released patches for their devices, but 49.5 percent of Android users are still vulnerable, according to Palo Alto Networks, which discovered the problem. Google said it has not detected attempts to exploit the flaw. A malicious application installed using the vulnerability, called “Android Installer Hijacking,” would have full access to a device, including data such as usernames and passwords, wrote Zhi Xu, a senior staff engineer with Palo Alto. The company wrote two exploits that take advantage of the flaw, which involves how APKs (Android application packages) are installed.

The vulnerability only affects applications that are installed from a third-party app store. PRIVACY INFRINGEMENT. Security. Security. Security & Analysis Tools. Gizmos. Research. CompTIA. Information Technology. Security Information. 10 Ways to Protect Yourself Online. As more Americans do more things online, Internet identity theft is a growing—and very costly—problem.

10 Ways to Protect Yourself Online

Learn the best ways to protect yourself. By James Van Dyke Loading 1. If You Fall Prey to a Scam, Report It If you’re a victim of online fraud, contact the authorities. If you’re a victim of online fraud, contact the authorities. 2. Never respond to requests for personal or account information online (or over the phone). Never respond to requests for personal or account information online (or over the phone). 3. Don’t divulge your birth date, mother’s maiden name, pet’s name or any other identifying information on social media websites such as Facebook, LinkedIn or Twitter. Don’t divulge your birth date, mother’s maiden name, pet’s name or any other identifying information on social media… 4. Install anti-virus software on your computer and keep it updated.

Install anti-virus software on your computer and keep it updated. 5. General tips on using social networking tools. How to keep Malware out - Castanet.net - Getting Along With Your Computer - Cate Eales. As I clean malicious software out of my customers’ computers, the question I’m most often asked is, “How did that get there?”

How to keep Malware out - Castanet.net - Getting Along With Your Computer - Cate Eales

I can usually make an educated guess, but the more important question is, “How can I keep this from happening again?” Here’s how to minimize the chances of infection. Photo: Contributed Take control of your downloads The first line of defence against malware is … you! Once you’ve downloaded a file, you can (and should) check it before you install it. How to protect and harden a database server. As an IS auditor, what are the critical issues to check when addressing whether a database is hosted on a secure platform?

How to protect and harden a database server

When reviewing database security, it's crucial to concentrate on two areas: how well the system has been hardened, and how the data and database access is controlled. Most hackers target the data held in a database. Therefore the server, where the database resides, needs to be hardened and protected, both physically... By submitting your personal information, you agree to receive emails regarding relevant products and special offers from TechTarget and its partners. You also agree that your personal information may be transferred and processed in the United States, and that you have read and agree to the Terms of Use and the Privacy Policy. and logically.

How to Protect Your Web Server from Attacks. The National Institute of Standards and Technology has released a new publication that provides detailed tips on how to make web servers more resistant to potential attacks.

How to Protect Your Web Server from Attacks

Called “Guidelines on Securing Public Web Servers,” the publication covers some of the latest threats to web security, while reflecting general changes in web technology that have taken place since the first version of the guide was published 5 years ago. Web servers are the software programs that make information available over the Internet. They are often the most frequently targeted hosts on a computer network. How to Protect Yourself Online. How to Protect Yourself Online. The Internet and the information it connects to is a resource that many have come to depend upon.

How to Protect Yourself Online

Facts that once might have taken several days to locate in a research library can now be obtained instantaneously using your personal computer or even a handheld wireless device. Individuals can publish to a world wide audience, mix up previously existing content to form new creations, or act as curators, sharing with friends the best new content found on the Internet. Because almost anyone with a computer or wireless device can connect to the Internet, however, some bad actors have found ways to use it to cause harm. Several U.S. Information Securty. Information Security. Microsoft Malware Protection Center - Help prevent malware infection on your computer. Penetration Testing Software. Security. SecTools.Org Top Network Security Tools. The Most Dangerous Malware Trends for 2014.

The common thread running through the malware trends we’ve seen in recent months is the evolution, maturation and diversification of the attacks and fraud schemes they facilitate.

The Most Dangerous Malware Trends for 2014

Malware, once purpose-built, is clearly becoming a flexible platform — in many respects, it is now almost a commodity. Take, for example, the leak of Carberp’s source code in 2013. Carberp joined Zeus as the latest prominent Man-in-the-Browser malware to become “open.” With access to this source code, cyber criminals can quickly implement a wide variety of attacks and fraud schemes aimed at specific targets.

Along with the more traditional and pure in-browser attacks, SMS-stealing attacks are becoming common, researcher evasion is quickly emerging as a malware trend and new approaches to account takeover and remote device control are being encountered more and more frequently. Welcome to the National Security Agency - NSA/CSS. Windows Secrets Lounge.