The insecurity paradox
2011-08-29
The formula here attempts to explain a paradox in security analysis:
If it is true that security is only as strong as its weakest link, why are not those who use insecur...
mer >>
mer >>
Proaktiv IT-sikkerhet
Sikkerhetssenter
Les de siste sikkerhetsoppdateringer fra våre eksperter
Sikkerhetstemaer
Nyeste artikler - Mobile and wireless technologies
An approach to an organization's risk factors (part 3)
In this third and final part of our article series about risk factors, we will examine Human attack factors and Physical factors.
An approach to an organization's risk factors (part 2)
The previous article discussed different procedures and systems that could be invoked in order to mitigate risk. In subsequent parts we will examine areas at risk, starting with Electronic factors.
An approach to an organization's risk factors (part 1)
The aim of this type of initial risk analysis is to identify potentially vulnerable points that may be exploited if they are not sufficiently secured.
Malicious images (codes)
The ease involved in creating QR codes that links to web pages implies that this will be a popular way to facilitate the propagation of malware for mobile devices.
Restricting access to net resources for "good reasons"
The target should be the illegal act itself, rather than the communication mediums that may be used in planning undesired activities.
Diversification of attack vectors
Computer systems are becoming increasingly sophisticated and complex with components that are individually computerized. This increases the attack surface for cybercriminals, and represents a challenge for users and the security industry.
Mobile (in)security
The steps that private users and organizations can take to protect themselves, are quite similar in character to protection of traditional computers.
Free music with an unwanted tune
Whenever malware authors find new vehicles to spread their malware, the probability for success increases immensely.
Digital Dumpster Diving
Dumpster diving is known as examining trash to find interesting items that have been discarded. This security article's title refers to examining digital trash, which for certain purposes may turn out to be useful.
Firesheep - an eye-opener or a tool for criminals
A little more than one week ago a new extension to the Firefox web browser was published. And it got attention for sure!
Man-in-the-middle goes Mobile
The term Man-in-the-middle in a security context refers to an attack where someone/-thing is inserted between two endpoints and intercepts the communication between those. The intent is usually to obtain information and use this for illegitimate purposes. Recently the term Man-in-the-mobile, abbreviated as Mitmo, emerged.
A plethora of malware for mobile phones to be expected soon (?)
In later years dangerous malicious software for mobile phones and other handheld devices has been predicted and expected by several analysts. Norman, however has traditionally been among those more reluctant in predicting that the explosion of if malicious software for mobile devices is imminent. In retrospective it seems safe to say that our view has proven correct (so far).
"Those Lazy Hazy Crazy Days of Summer"
Vi forbinder sommeren med lange, sløve, avslappende dager i solen. Ingenting å bekymre seg for. Dessverre er det ikke slik at alle tar ferie samtidig med deg. Datakriminaliteten tar ikke sommerferie - faktisk er det slik at datakriminelle har sin glanstid om sommeren.
Upcoming? The age of the cyborgs
We should have been expecting it - some did. Late May this year a researcher in the U.K. claims to be the first person in the world infected by a computer virus.
Data harvesting by mistake
Using wireless networks for accessing the Internet has become increasingly popular. These days you can access the Internet from virtually anywhere by connecting to a wireless network.
Systems prime for exploitation?
We have now looked into our crystal ball and believe that we see new types of systems, which in the near future will rapidly climb on attackers' ladder of priorities.
Dangerous device diversification
Most organizations have been experiencing an explosion in the number and types of devices that are in use in their networks. Gone are the days when traditional desktop computers, servers and printers, hard-wired together, were the available hardware in the network.
New devices vulnerable for Internet based attacks, OR: The future is here
In our regular security articles, we have several times pointed out that security vulnerabilities and exploits are not restricted to "traditional" computers. We have predicted that several of the devices that our daily lives are filled with, may be exploited in the (near) future.
Hot stuff: Exploitable routers - a flash of the whole iceberg
A new type of malicious software has recently been getting some media attention. The most interesting part of this is the fact that the malware's targets are not traditional computers. Rather does this malware attack different types of devices, namely routers and modems.
Mobile phone threats - hype or (finally) truth?
So far there has been no really dangerous malicious software targeting mobile phones. The New Year 2009 started with a new, interesting threat to mobile phones, which may change this picture.
Ghosts from the past resurface through USB sticks
The increasing use of USB sticks and their storage capacity constitute major security issues. Problems that were dominant with floppy disks resurface.
Offentlige trådløse aksesspunkter – verden gjennom fingertuppene eller risikabelt foretak
Forestill deg en person med skumle hensikter sittende på en kafé med en cappuccino. Hun later som om hun surfer på Internett, men det hun egentlig gjør, er å samle inn brukernavn og passord fra hennes medgjester. Et usannsynlig scenario eller enkelt-å-sette-opp-system? Dessverre det siste.
Tilkoblingsutstyr overalt – en sikkerhetsutfordring
Nyttig og effektivt, men en stor trussel mot sikkerheten.
Big Brother FINNER deg!
Vår artikkel fra i fjor - Big Brother is HEARING you slutter med: "For now, happy VoIP, but... Be careful, you never know who will be listening in!"
Syndere i sommersol
Sommer, solskinn og søte synder er noe de fleste forbinder med sødmefylte gleder og uskyldig moro. Men tyvene tar ikke ferie!
Trådløs og bærbar sikkerhet i ferien
Ferie for deg betyr ikke ferie for alle. For hackere, virusforfattere og datatyver er sommeren en tid med gode muligheter for gevinst. Mange benytter seg av trådløse nettverk og tar med seg den bærbare ut i gresset, på terrassen på hytta eller ut på café. Tanker om sikkerhet, datavirus og industrispioner er fjernt for de fleste.
Sikkerhet i trådløse nettverk
Stadig flere, både enkeltpersoner og bedrifter, skaffer seg trådløst nettverk. Ikke alle er like bevisst på alle farene som lurer dersom man ikke har sikret seg godt nok.
Proof of concept worm for handheld devices
The first worm that spreads through handheld devices, like mobile phones, is observed. This is a "proof of concept" program without malicious code.
Attacks from the Internet on home PCs
Security Information Week 19, 1999 One normal way to connect to the Internet from home is through a dial-up connection. The Internet Service Provider (ISP) may ...
Nyeste blogg-innlegg [EN]
The 10 most insecure passcodes
2011-06-16
Earlier this week I read an extremely interesting and impressing blog item by Daniel Amitay: Most Common iPhone Passcodes.
Amitay has analyzed more than 200 000 passcodes used in an app with a similar...
mer >>
mer >>
Purchasing and downloading outdated software
2011-05-23
Last week in the "JoshMeister On Security" blog, the topic was about Apple's Mac App Store, and the fact that software available from this store may not be the latest version.
The blog's aut...
mer >>
mer >>