In this third and final part of our article series about risk factors, we will examine Human attack factors and Physical factors.
The previous article discussed different procedures and systems that could be invoked in order to mitigate risk. In subsequent parts we will examine areas at risk, starting with Electronic factors.
The aim of this type of initial risk analysis is to identify potentially vulnerable points that may be exploited if they are not sufficiently secured.
You should exercise extreme caution if you are allowing access to your social network account from any application.
It seems obvious that the current certificate security model needs to be replaced by something that is less vulnerable for attacks from dedicated persons, organizations or governments.
A default restrictive approach to public sharing of personal information will result in less information shared.
This intrusion in PlayStation Network ranks among the biggest cyber security incidents of all time.
Blocked access to important information - particularly if adequate backup routines are not in place - may be disastrous for the person who becomes the victim of ransomware.
The RSA Conferences are among the most important annual security conferences. This year's US conference was held in San Francisco 14 - 18 February.
Dumpster diving is known as examining trash to find interesting items that have been discarded. This security article's title refers to examining digital trash, which for certain purposes may turn out to be useful.
In our security article last week, we discussed cybercriminals who targeted financial institutions in an indirect way. However, the major bulk of malware aimed at the finance sector puts the finance sector's customers at peril. One obvious reason is that the average end user's system presumably is less secure than the systems used by the financial sector.
Advertisements (ads) on the web have become part of a multi-billion industry. These days it is almost impossible to read news on the web without being overwhelmed by a plethora of ads for everything from cars to diapers. However, it is presumably not optimal to display the car ads to children. Nor are most teenagers particularly interested in diapers.
According to a posting 15 November on the blog belonging to the UK based organization Get Safe Online, one in four UK web users have been targeted by so-called cold calls.
In recent months there have been lots of rumors about the upcoming email system closely integrated with Facebook. More detaileds about this have recently been disclosed by Facebook, and we will examine some aspects of the new offerings.
This is the third article in a series about privacy and security in social networks.
This is the second article in a series about privacy and security in social networks.
This is the first article in a series, which will focus on security and privacy issues involved in participating in social networks.
A little more than one week ago a new extension to the Firefox web browser was published. And it got attention for sure!
In a press release 25 October the Dutch High Tech Crime Team (THTC) of the National Crime Squad announced a successful takedown of a major botnet. 143 malicious computer servers were taken down from the internet resulting from collaboration with a Dutch hosting provider, the Dutch Forensic Institute (NFI), the internet security company Fox IT and GOVCERT.NL and the Dutch computer emergency response team.
A message similar to the one in this article's title may seem like a nightmare for most of us, as we have become increasingly dependent - some even addicted - to using resources available on the Internet for necessary as well as trivial tasks.
Introduction Last week it was announced that the Dutch company NXP was selected to produce the new identification (ID) card for Germany. Starting from the beginning of ...
A few days ago the Australian House of Representatives' Standing Committee on Communications published its report on cyber crime and security. This document has the ambitious title "Hackers, Fraudsters and Botnets: Tackling the Problem of Cyber Crime", and is an impressive, almost 300 pages reading with statistics, examples, and of course suggestions on how to solve the cyber crime problem.
Indeed, summer is associated with long, lazy, relaxing days in the sun. Nothing to worry about in the world. Unfortunately everyone does not take their vacation at the same time as you. Cyber crime does not stop during summer - in fact cyber criminals have their heyday during this season.
Over the years new ingenious words for security issues have come up. We have seen the neologisms pharming, vishing, clickjacking and slurping, just to mention some. This week a new one was born - tabnabbing. Which turns out to be more scary than most.
Using wireless networks for accessing the Internet has become increasingly popular. These days you can access the Internet from virtually anywhere by connecting to a wireless network.
Lately some interesting news regarding Facebook and Facebook users have emerged on the Internet. We will use this as the basis for a general discussion about Facebook and some of the issues involved in using / depending on Facebook.
Malicious programs do increasingly rely on social engineering techniques to be able to propagate and successfully execute. Gone are the days when a tempting file name in an email sufficed. In this security article we shall examine variants of one of the more successful social engineering schemes.
Introduction Various aspects, which have to do with social networks like Facebook, Twitter, LinkedIn and MySpace, have been discussed in different security articles this year. This time we ...
Earlier this month multiple tens of thousand passwords to free email accounts from Microsoft (Hotmail), Google (GMail) and Yahoo were compromised.
Listening in to telephone conversations is traditionally associated with initiatives from national security agencies / police organizations with vast resources, or shady private detectives. This may not be the case any more if the person or persons under surveillance use a particular system for telephone calls.
Software to set up any computer as an Internet resource has been freely available for a long time. However, the threshold to do so has been so high that not everyone has felt that this can be accomplished without some special skills. This situation may now change with a new initiative.
"My house is ready for burglars", is not what you would typically shout in public or write as an advertisement in the local newspaper. Nevertheless this is exactly what lots and lots of computer users do on a regular basis, without reflecting upon what they really do.
This week started with significant media attention about a report, which showed that several computers owned by governments and international organizations were compromized. This includes several embassies world-wide and a NATO computer.
"The cloud" is one of the new magic words used to describe new and fancy technology. Briefly the idea is that resources outside the organization's (or person's) own premises are used for computing. The use of resources outside the organization itself has some obvious advantages. However, it also has disadvantages - some of which are less obvious.
The use of money involved in online gaming has traditionally been only as an entrance fee to buy the game itself (if it is not free). This no longer holds true.
The Norman article from last year Big Brother is HEARING you ends with: "For now, happy VoIP, but... Be careful, you never know who will be listening in!"
Security Information Week 19, 2006
Phisher or ID thieves are traditionally known to attack financial institutions, but lately the target groups seem to have changed. Today phishers are hitting on all forms of organisations, even health care businesses.
There are several securities issues involved in using the Internet for conducting corporate business, as well as issues involved in protecting individuals for misuse of their personal information. This article will discuss some of those
The internet connections are becoming faster and faster. As a result of that, more and more bandwidth is not used all the time. This bandwidth can then be used for different applications, e.g. Internet Telephony, or better: Voice over IP (VoIP). So should we all switch to VoIP and leave the old fashioned telephone companies?
Security Information Week 35, 1999In week 35 a report of a new backdoor in Microsoft's operating systems Windows 95, 98, NT and the beta version ...
Security Information Week 28, 1999 The underground organization Cult of the Dead Cow has released a new version of its Windows backdoor program. Back Orifice 2000 ...
Security Information Week 11, 1999During the last half year one has seen an explosion in so-called Windows backdoor programs. These are programs which utilize the ...
In April 1999 Norman was acquitted in the Supreme Court of Norway. This ruling has been noticed and commented upon by news agencies and magazines all over the world.
Security Information Week 9, 1999The IT department in an organization often uses vast resources to be updated on security risks associated with hardware and software ...
Security Information Week 22, 1999 The need to secure information is for many organizations and persons extremely important. This includes of course business secrets, which could ...
Security Information Week 16, 1999Not unexpectedly, soon after Internet Explorer (IE) version 5.0 was released, security holes in this browser were discovered. Microsoft has already ...
Security Information Week 10, 1999A person who is interested in breaking in to an organization's computers wants to know as much about these computers as ...
Has a person's ability to protect his private life from intrusion of any kind been diminished during the years that has passed since 11 September 2001?
