Techworld

Stories by Ellen Messmer

Is "Bring Your Own Identity" a security risk or advantage?

The "Bring Your Own Identity" (BYOID) trend in which websites let users authenticate using identities established through Facebook, LinkedIn, Google, Amazon, Microsoft Live, Yahoo or other means raises some questions in the minds of IT and business managers. And a survey conducted by Ponemon Institute shows a vast difference in how the IT and business sides think about this so-called BYOID method of authentication.

By Ellen Messmer | 29 July, 2014 04:51

Tags: Yahoo, Google, security, Microsoft, LinkedIn, Ponemon Institute, three, Facebook, network security

New SSL server rules go into effect Nov. 1

Public certificate authorities (CAs) are warning that as of Nov. 1 they will reject requests for internal SSL server certificates that don't conform to new internal domain naming and IP address conventions designed to safeguard networks.

By Ellen Messmer | 25 July, 2014 07:03

Tags: Apple, forum, symantec, security, Microsoft, SSL

Malwarebytes questions poor showing in anti-malware protection-evaluation lab testing

Dennis Technology Labs (DTL), which tests anti-malware products for effectiveness in protection, for the first time included the free version of the Malwarebytes software in the labs' competitive evaluation along with nine other vendor products, both paid and free. The results published by DTL today reveal Malwarebytes Anti-Malware Free had a poor showing, with only Microsoft Security Essentials doing worse in terms of effectiveness of protection.

By Ellen Messmer | 25 July, 2014 02:41

Tags: security, Microsoft, Avast, Malwarebytes, bitdefender, norton

Cybercrime wave whacks European banks

Banks across Europe are now coping with a wave of cybercrime in which crooks are transferring funds out of customer accounts through a scam involving bypassing some two-factor authentication systems to steal large sums, according to a security firm assisting in the investigation.

By Ellen Messmer | 23 July, 2014 00:34

Tags: consumer electronics, security, trend micro, Android, legal, smartphones, banks, cybercrime, malware

Ping Identity rolls mobile one-swipe authentication; takes aim at RSA tokens

Identity and access management vendor Ping Identity today unveiled software-based multi-factor authentication that lets users to sign onto an enterprise service or system with a swipe of their smartphone.

By Ellen Messmer | 22 July, 2014 00:55

Tags: RSA Token, CA Technologies, Okta, Ping, Ping Identity, cloud computing, internet, emc, rsa, Gartner, Apple, Google, symantec

Juniper boosts DDoS Secure appliance to mitigate UDP-based amplification attacks

Juniper Networks has added a new way for its anti-DDoS appliance to mitigate what's known as massive UDP-based amplification attacks that typically work by exploiting compromised servers of different kinds to both spoof and vastly increase the denial-of-service barrage.

By Ellen Messmer | 17 July, 2014 23:35

Tags: network security, security, ddos, juniper, juniper networks

Survey: Corporate security thwarted by dialog failure between IT dept. and management

So talk to me!

By Ellen Messmer | 17 July, 2014 23:34

Tags: network security, security, Ponemon Institute, websense

U.S. malware share rising, Amazon service No.1 in hosting it

In its quarterly report on global malware distribution and threats, security firm Solutionary Tuesday said that 56% of the malware it captured via sensors and other means was hosted in the U.S.-- a 12% increase from six months ago -- and about half of the malware overall appeared to originate at 10 Internet service and hosting providers.

By Ellen Messmer | 16 July, 2014 05:52

Tags: Amazon Web Services, network security, Google, dropbox, security, CloudFlare, GoDaddy, malware

The worst security SNAFUs this year (so far!)

Security SNAFUs? How bad is it so far this year? Well, let's start with Snapchat's 4.6 million user database SNAFU, followed by a parade of retail stores including Neiman Marcus and Sally Beauty Holdings, telling their customers how their payment card information had been hacked. The hacker group Syrian Electronic Army was also busy tormenting Microsoft, among many others. And there's plenty of other mischief, such as denial-of-service attacks and cyber-espionage to round out what's only the first half of the year.

By Ellen Messmer | 15 July, 2014 23:56

Tags: Yahoo, SnapChat, security, Sally Beauty, Microsoft, Steam, Neiman Marcus

The worst security SNAFUs this year (so far!)

Security SNAFUs? How bad is it so far this year? Well, let's start with Snapchat's 4.6 million user database SNAFU, followed by a parade of retail stores including Neiman Marcus and Sally Beauty Holdings, telling their customers how their payment card information had been hacked. The hacker group Syrian Electronic Army was also busy tormenting Microsoft, among many others. And there's plenty of other mischief, such as denial-of-service attacks and cyber-espionage to round out what's only the first half of the year.

By Ellen Messmer | 15 July, 2014 23:55

Tags: Yahoo, SnapChat, Sally Beauty, Microsoft, Steam, Neiman Marcus

The Firewall: Questions abound about its future role in cloud, mobile and SDN environments

It's been 20 years since Check Point Software Technologies shipped its first enterprise network firewall, marking the beginning of a mass market for firewalls that has protected millions of networks across the world.

By Ellen Messmer | 14 July, 2014 22:59

Tags: firewalls, Check Point Software Technologies, network security, HP, mcafee, security, nsa, Tenable

Bugcrowd adds ‘flex' pricing model to bug-bounty programs

Bugcrowd, the firm that offers a bug-bounty service program that brings together companies willing to pay to hear about serious software vulnerabilities and the security researchers that can find them, says it's offering a new pricing model.

By Ellen Messmer | 01 July, 2014 06:26

Tags: network security, security, Bugcrowd

10 security start-ups to watch

Security start-ups arise because they have fresh approaches to fighting malware and cyber-espionage or combatting the insider threat through network monitoring. In this round-up of some of the newer security firms, Distil Networks, Observable Networks and Vectra Networks fit into that category. But two others just out of the gate, Exabeam and Fortscale, are part of another trend--squeezing more out of existing log management and security information and event management products.

By Ellen Messmer | 01 July, 2014 02:08

Tags: network security, mcafee, security

Gartner to IT security pros: Get ready for ‘digital business'

There's a "digital business" revolution coming and IT security professionals need to grasp the significance early on to be prepared to address whatever security needs arise. That was the message from Gartner analyst Jorge Lopez in the closing keynote at the Gartner Security and Risk Management Summit today.

By Ellen Messmer | 27 June, 2014 05:32

Tags: network security, Gartner, security, Internet of Things

Gartner: Best practices for Amazon AWS security

The Amazon AWS cloud service is fine for enterprise workloads and applying security controls such as encryption and firewalls is possible, though more security vendors need to step up to support Amazon's EC2 service, according to the Gartner analysis presented today.

By Ellen Messmer | 26 June, 2014 06:08

Tags: amazon, amazon.com, security, cloud security, internet, cloud computing

Top Whitepapers

Twitter Feed

Featured Whitepapers