RSS Reader for Computer Security Articles
Credit to Author: Meriah Jamieson| Date: Mon, 12 Jun 2017 16:31:55 +0000
Active Energy Management (AEM), the concept of taking an integrated approach to energy buying and management, and sustainable operations, is making waves. But many companies ask: “What’s the first step… Read more »
The post No Sustainability and Energy Data, No Integrated Savings appeared first on Schneider Electric Blog.
Read More
Credit to Author: Jack Gold| Date: Mon, 12 Jun 2017 09:15:00 -0700
Endpoint security is changing dramatically. It’s becoming clear that simply doing anti-malware the way it’s always been done with an add-on software program that scans for threats through signature comparisons as files are opened is not enough. The two major traditional AV companies, Symantec and McAfee, who championed this approach for many years, now have competition from next generation players like Cylance, who use predictive machine learning and AI approaches to evaluating and discovering new malware not easily detected through signature-only approaches. And processor suppliers like Intel, ARM, Qualcomm, etc. are getting into the act, designing-in trusted segments of their chips intended to become impenetrable vaults for protected execution of critical parts of the OS and apps. With newer sophisticated malware attacks, security must move beyond an outdated add-on only approach and into a multilayered approach that includes hardware, OS, layered software and network awareness.
To read this article in full or to leave a comment, please click here
Credit to Author: Sandra Henry-Stocker| Date: Mon, 05 Jun 2017 11:13:00 -0700
In the last few years, we’ve been seeing some significant changes in the suggestions that security experts are making for password security. While previous guidance increasingly pushed complexity in terms of password length, the mix of characters used, controls over password reuse, and forced periodic changes, specialists have been questioning whether making passwords complex wasn’t actually working against security concerns rather than promoting them.
Security specialists have also argued that forcing complexity down users’ throats has led to them writing passwords down or forgetting them and having to get them reset. They argued that replacing a password character with a digit or an uppercase character might make a password look complicated, but does not actually make it any less vulnerable to compromise. In fact, when users are forced to include a variety of characters in their passwords, they generally do so in very predictable ways. Instead of “password”, they might use “Passw0rd” or even “P4ssw0rd!”, but the variations don’t make the passwords significantly less guessable. People are just not very good at generating anything that’s truly random.
To read this article in full or to leave a comment, please click here
Credit to Author: Sandra Henry-Stocker| Date: Thu, 25 May 2017 12:52:00 -0700
One year from today, the recently passed regulation known as “GDPR” (General Data Protection Regulation) goes into effect. While EU-specific, it can still dramatically affect how businesses that work with personal data of citizens and residents of the EU. GDPR was approved a year ago and will be going into effect in another year. It applies directly to organizations within the EU, but also applies to organizations outside the EU if they 1) offer goods and services to the EU, 2) monitor the behavior EU subjects, or 3) process or retain personal data of EU citizens and residents. And the regulation can place very serious fines and sanctions for non-compliance.
To read this article in full or to leave a comment, please click here
Credit to Author: Sandra Henry-Stocker| Date: Thu, 25 May 2017 05:47:00 -0700
Deploying password quality checking on your Debian-base Linux servers can help to ensure that your users assign reasonable passwords on their accounts, but the settings themselves can be a bit misleading. For example, setting a minimum password length of 12 characters does not mean that your users’ passwords will all have twelve or more characters. Let’s stroll down Complexity Boulevard and see how the settings work and examine some settings worth considering.
First, if you haven’t done this already, install the password quality checking library with this command:
apt-get -y install libpam-pwquality
The files that contain most of the settings we’re going to look at will be:
To read this article in full or to leave a comment, please click here
Credit to Author: Matt Pley| Date: Mon, 12 Jun 2017 12:53:21 +0000
For enterprises, the very real benefits of moving applications to the cloud also come with significant challenges. Whether their using the public cloud, a private cloud or, as is often the case, a hybrid of the two, it’s necessary to optimize application performance to get the full benefits of cloud technology and enable a better business model. Just as importantly, though, you must be able to secure your people and your information as they traverse your network, from on-premises to the cloud and back, and you must be able to secure…
Read More
Credit to Author: SSD / Maor Schwartz| Date: Sun, 11 Jun 2017 10:14:42 +0000
We proud to announce the first online hacking competition! The rules are very simple – you need to hack the D-link router (AC1200 / DIR-850L) and you can win up to 5,000$ USD. To try and help you win – we bought a D-link DIR-850L device and plugged it to the internet (we will disclose … Continue reading Hack2Win 2017 – The Online Version
Read More
Credit to Author: Brian Barrett| Date: Sat, 10 Jun 2017 11:00:00 +0000
A Twitter attack, an Al Jazeera cyberattack, and more: Each weekend we round up the news stories that we didn’t break or cover in depth but that still deserve your attention.
Read More