Security

How Complex Systems Fail

Any real-world security system is inherently complex. Making them safe and secure is hard. Controlgeek Blog has an interesting pointer and summary on on a very interesting white paper How Complex Systems Fail. I also found his paper, which is only a few pages long, a fascinating read (like John Huntington and Schneier on Security).

Enterprise Network Firewall trends

2013 Gartner Magic Quadrant for Enterprise Network Firewalls give a view to current firewall markets: Gartner states, “Advances in threats have driven mainstream firewall demand for next- generation firewall capabilities. Buyers should focus on the quality, not quantity, of the features and the R&D behind them. This market includes mature vendors and new entrants.” Palo

Understanding Ajax vulnerabilities

Understanding Ajax vulnerabilities article is an introduction how to protect the web applications you create with Ajax. Because of its range of functions and ease of use, Ajax is one of the most widely used tools for building web applications today. All applications, including those built using Ajax technologies, are vulnerable to exploits that compromise

Turn off UPnP now!

U.S. government warns of hack threat to network gear article tells that The Department of Homeland Security urged computer users on Tuesday to to disable a feature known as Universal Plug and Play or UPnP because new security bugs were initially brought to the attention of the government by computer security company Rapid7. UPnP is

Security trends for 2013

Year 2013 will be year of cyber security. CNN expects more cyber wars this year. Cybercrime is on the rise, and last year we saw more and more computer virus attacks. Security company Kaspersky Lab warns of more new cyber-threats against enterprises and mobile devices. Cyber security also relates to mobile. Security becomes an increasingly

Aftermath: Security trends 2012

I wrote in the beginning of the year a blog article Security trends for 2012 that tried to predict security trends for this year. No the year is near the ends, so here is my aftermath how well my article (based on many sources) predicted this year. So here are my comments on how well

Banking security and SMS authentication

After the recent incidents is seems that SMS is not very secure second factor for authentication. Australian Telcos Declare SMS Unsafe For Bank Transactions. Telcos declare SMS ‘unsafe’ for bank transactions article tells that the lobby group for Australian telcos has declared that SMS technology should no longer be considered a safe means of verifying

Time for Firefox Plugin Check

Mozillla announced that it will soon start prompting Firefox users to upgrade select old plugins. This means that Firefox users who have outdated versions of the most popular plugins will soon see a notification urging them to update when they visit a web page that uses them. Old versions of Silverlight, Adobe Reader and Adobe

Get rid of IE now!

Internet Explorer users have been told in many sources many times (including my blog): ditch the IE application and switch to another browser, pronto. There is a a new serious hole that’s exploitable by visiting a malicious Website: The site owner can take possession of the computer used for surfing. This critical zero-day bug in

EU cloud plans and legislation

All of Europe’s data in US servers? We’re OK with that – EC bod ‘It shouldn’t matter where your files are held’ article tells that there is a new data protection legislation currently making its way through the European Parliament (expected to be in use in 2-3 years and replace the old one). The rules