If Humans Weak Link Then Fix mobile security losses
If the weakest link in Security or the equal parts of security : People, Process, and Technology, then we need to help the people in your organization with keeping up…
Application Security Testing : Do It Now
Yes as Veracode says: https://www.veracode.com/blog/2015/07/application-security-assessment-reviewing-your-testing-program-sw They list 3 misconceptions: QA (Quality Assurance) is when development is done. Third party software does not need testing Developers don’t care about security We…
How To Stay Secure in Insecure World
I want to highlight 2 current articles: http://www.infosecurity-magazine.com/news/pawn-storm-serves-malware-via-fake/ and http://googleonlinesecurity.blogspot.com/2015/07/new-research-comparing-how-security.html It is best to use good passwords, 2factor authentication, and patch your systems The first article points to how a…
Courts Uphold FTC Regulation-Punishment to Negligent Company
Threatpost has the story: https://threatpost.com/court-rules-ftc-has-authority-to-punish-wyndham-over-breaches/114390 From the court brief http://www2.ca3.uscourts.gov/opinarch/143514p.pdf are some interesting snippets: Let’s list the cybersecurity problems that Wyndham had: Stored CC data (which is a violation of…
DefCon Talk Your: Domain is Compromised “Now What”?
Grant Bugher with perimetergrid.com had a talk on the DEFCON101 track. “Obtaining and Detecting Domain Persistence” As the slide above states, it is not about _how_ to hack a domain.…