Month: September 2014
-
Trust in cloud security at all-time low: Execs still betting on the cloud
Originally published in ZDnet. A BT study covering 11 countries reveals that more than three-quarters of IT decision makers are "extremely anxious" about security using cloud-based services — yet 79 percent of U.S. enterprise execs (70 percent globally) are adopting cloud storage and web applications within their business. BT says this trust drop (82 percent in the US,… Read more…
-
Zero Day Weekly: Bash bug Shellshock, jQuery, Amazon's messy EC2 reboot
Originally published in ZDnet. Welcome to Zero Day's Week In Security, our roundup of notable security news items for the week ending September 26, 2014. Covers enterprise, controversies, reports and more. This week, the "shellshock" bug brought Bash patching to its knees, Apple stock slipped after a disastrous iOS and security update, jQuery was hacked… Read more…
-
Zero Day Weekly: Apple's big fix, Home Depot, Salesforce flags Dyre Trojan
Originally published in ZDnet. Welcome to Zero Day's Week In Security, our roundup of notable security news items for the week ending September 19, 2014. Covers enterprise, controversies, reports and more. This week, Apple Inc. made security headlines on many fronts after suffering a black eye in the celebrity iCloud nudes scandal, news about the… Read more…
-
Legislation: To stop the next Snowden, social media security clearance screenings
Originally published in ZDnet. The company that vetted Edward Snowden also vetted Aaron Alexis, the Navy Yard shooter. The Enhanced Security Clearance Act of 2014 (HR 5482) hopes to use "social media screening" to prevent the next Edward Snowden — or Navy Yard shooter — from obtaining a U.S. Federal Government security clearance. The legislation's author, U.S.… Read more…
-
Facebook nymwars: Disproportionately outing LGBT performers, users furious
Originally published in ZDnet. Facebook is enforcing its "real names" policy, insidiously outing a disproportionate number of gay, trans and adult performers — placing them at risk for attacks, stalking, privacy violations and more. Facebook is strong-arming LGBT and adult performers to use their legal names, telling these at-risk populations that it is to "keep… Read more…
-
Recycled ‘burner’ number sends sex worker’s clients to security researcher | ZDNet
Originally published in ZDnet. A security researcher got an eyeful of a sex worker’s client base when he investigated a VoIP service whose “burner” phone numbers are being recycled. Neohapsis Labs Senior Security Consultant Rob Beck was on an engagement that had him checking out the “burner” feature of a VOIP company. It turns out the disposable… Read more…
-
Threat filtering: Strategizing serious threat detection
Originally published in ZDnet. Within the past year, companies Target and JP Morgan fell victim to deeply damaging attacks that slipped through their threat detection systems. Target's breach wasn't filtered properly — no one realized it was a critical threat. See: Target's data breach tab: $110 million The Target hack is an example of both threat… Read more…
-
Despite security flaws, legal failures: How to fight revenge porn | ZDNet
Originally published in ZDnet. The celebrity stolen nudes scandal has shined an uncomfortable light on everything from cloud security to sexual privacy. Now there’s finally a very public conversation happening about how hard it is for women to fight online attacks such as this. I think it’s time to talk about fighting back. It has never… Read more…
-
Wake up: The celebrity nudes hack is everyone's problem
Originally published in ZDnet. The celebrity nudes hacking scandal is a good reminder that a "just say no" approach isn't going to stop anyone from sexting anytime soon. This issue isn't a story about "right" or "wrong" ways of thinking about privacy — it's a wake-up call about security and sexuality. However, this could have… Read more…