One of the attack vectors blamed for the headline-making Stuxnet attack on Iranian centrifuges employed an infected USB stick. Now it emerges that it may not be that difficult to socially engineer someone into using an unverified stick inside the corporate firewalls.
19 March 2013
In practical terms for the average user, probably not yet; but in the absolute terms of crypto-theory, probably yes – again. The difference is that security professionals measure security in the relative terms of risk analysis, while cryptographers take a binary view to cryptography: it is or it is not broken.
18 March 2013
In what is believed to be an industry first, Tennessee-based footwear and sports apparel retail chain Genesco is suing Visa over a $13 million dollar fine imposed following a data breach in 2010.
13 March 2013
Apple has finally patched several vulnerabilities present in the App Store iOS app, issuing a fix and turning on HTTPS for the application service.
12 March 2013
The UK Information Commissioner has simultaneously published details of a YouGov survey on the use of BYOD in the UK, and guidance on how a BYOD policy can be implemented securely and compliantly.
08 March 2013
The 2012 Global Encryption Trends Study, which surveyed 4,205 people in 7 different countries shows that in the US it is business leaders rather than IT departments that are now the more influential group in setting the enterprise encryption strategy.
26 February 2013
One of the most worrying security concerns to come out of the growth of cloud computing and BYOD has been the extensive adoption of third-party file synchronization services, typified by Dropbox and Box, but also including other cloud services such as Drive and SkyDrive.
26 February 2013
Even though Microsoft SharePoint is widely deployed throughout enterprises and SMBs as a collaboration platform, a shocking two-thirds of SharePoint-using companies in a recent survey have admitted to having ‘no active security policy’ in place for the application.
21 February 2013
The first in a new series of annual reports seeking to quantify the cost of trust – more specifically the loss of trust – suggests that global 2000 companies can expect a breach of trust to cost almost $400 million.
21 February 2013
Many merchants are failing to meet compliance with the Payment Card Industry Data Security Standard (PCI DSS), putting users’ credit card data at risk. But the issue isn't complacency, but rather obsolescence: too many stores and restaurants are in desperate need of equipment upgrades.
19 February 2013