As the holidays approach, you’ll probably be seeing many relatives and friends. Many will pull you aside and ask you about the latest security news, myths and rumors. While preparing for a Thanksgiving visit, one relative asked me about a hoax security alert warning that her iPhone’s flashlight was listening to her conversations.
Educated security … Read More »
Why read another article on the Shellshock bug when there have been a number of well-written articles and blog posts on it? Because almost all of the articles and blogs are talking about the bug itself, how it can be exploited, and how much of the Internet is open to it. However, what you … Read More »
Too often in information security we focus on the confidentiality of personal information, ignoring the damage that can result from failures in integrity and availability. In fact, this is the main driver of much of our information security spending in the U.S. But the proper function of information and communications can create huge impacts … Read More »
There I was, ankle deep in raw sewage, incredulous that for the second time this summer, my basement was filling up with foul smelling murky waste. As I looked hopelessly at my wife while the water level continued to rise, I angrily thought to myself, “What else can I do?” Didn’t I shell out … Read More »
Some recent breaches of cardholder data have been the direct result of a successful compromise of a trusted third party to the breached entity. For example, a factor in the well-publicized breach at Target may have been compromised credentials of a trusted service provider with access to the Target internal network. In order to attain … Read More »