Network Security - Page 10Network Security - Page 10.5 - Results from #190

Discover Network Security News

Why Cloud Security Worries Are Overblown

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

Here's to the multi-tenant application, an invention of the Internet age and without which many of the low-cost services, such as search and travel reservations, would be impossible. And here's to the multi-tenant doubters, such as Oracle's Larry Ellison, who recently questioned its "weak security model" and its "co-mingling of competitors' data."

Alex
Oct 28, 2010

Comcast starts DNS security rollout

Comcast has begun migrating its customers to a new Internet security mechanism that will help protect them from being inadvertently routed to phony Web pages for pharming attacks, identity theft and other scams.

Anthony Pell
Oct 20, 2010

Facebook Introduces Disposable Passwords

Moving to enhance online security, Facebook on Tuesday said that it will soon offer users the ability to receive one-time passwords on their mobile phones and that it has already enabled the ability to sign out of Facebook remotely.

Alex
Oct 13, 2010

Six enterprise security leaks you should plug now

In modern enterprises, there's a similar perception of invulnerability. Yet, for every large organization that glides through the year without any mishaps, there are many stories about perilous break-ins, Wi-Fi sniffing snafus and incidents where Bluetooth sniper rifles were used to steal company secrets.

Anthony Pell
Oct 12, 2010

MySQL update addresses DoS vulnerability

Oracle has released version 5.1.51 of MySQL, a security update that addresses a Denial of Service (DoS) vulnerability in the open source database. According to security specialist Secunia, an error in the processing of arguments passed to the LEAST() or GREATEST() functions could be exploited by a malicious user to cause a server crash, leading to a DoS condition. All versions up to and including 5.1.50 are reportedly affected.

Alex
Oct 05, 2010

OAuth 2.0 API security tool used by Facebook too easy to crack

The emerging OAuth 2.0 web API authorisation protocol, already deployed by Facebook, Salesforce.com and others, is coming under increased criticism for being too easy to use, and therefore to spoof by malicious hackers.

Anthony Pell
Sep 23, 2010

Encryption patent battle could hit database security industry

Data security vendor Protegrity has added new names to a lengthening list of companies it wants to sue over alleged violation of its encryption patents.

Alex
Sep 17, 2010

NoMachine Ports OpenSSH to Windows

A final step towards removing Cygwin dependencies, new Win32 port of OpenSSH includes both client and server, implementing a majority of the functionalities found in the original code

Anthony Pell
Sep 15, 2010

Compromising Twitter's OAuth security system

Twitter officially disabled Basic authentication this week, the final step in the company's transition to mandatory OAuth authentication. Sadly, Twitter's extremely poor implementation of the OAuth standard offers a textbook example of how to do it wrong.

Alex
Sep 02, 2010

3 areas where FUD needs to stop

There is a new breed of animal appearing in the infosec community, according to Dr. Jimmy Blake, chief security officer for Mimecast, a cloud-services company based in London, and host of the blog Cloud Computing and Bad Behavior. The new breed is what he calls the "attention monger" (he actually used a more colorful word, but we toned it down for this article.) The attention monger is courting headlines with the media that add no real value to information security.

Alex
Aug 30, 2010

Flawed Deployments Undermine Kerberos Security

Significant weaknesses in the common configuration of Kerberos-based authentication servers could allow attackers to more easily circumvent security measures in networks that rely on the open authentication standard, according to recent research presented by consultants at the recent Black Hat USA 2010 conference.

Alex
Aug 09, 2010

Deep packet inspection software at root of Red Lambda network security

Network security architecture expert Robert Bird saw the difficulties universities have protecting their systems while maintaining an open and collaborative environment. As director of network services at the University of Florida's 10,000 user residence hall network, Bird began designing a system that could identify users and track their activity on the university network while protecting their privacy.

Anthony Pell
Jul 22, 2010

Network stress test tools: Dos and don'ts

Network stress testing tools are not for the underfunded, the underskilled or the faint of heart. Consider them carefully before deciding whether to purchase them or how to use them. See the companion article "Stress-testing your network" for details on software from BreakingPoint, Mu Dynamix, Spirent and Ixia. Here are dos and don'ts to help you get the most from these tools.

Alex
Jul 21, 2010

New metasploit GUI written in Java

If you don't like command mode to interact with metasploit, I have good news for you: there is a new Java GUI. Don't forget to install Java to execute it.

Anthony Pell
Jul 20, 2010

Comodo Targets Web Hosting Companies with New Security Solutions at HostingCon in Austin

Comodo, a leading Certificate Authority and Internet security organization, today announced it will be exhibiting at the sixth annual HostingCon,in Austin on July 19-21 at the Austin Convention Center located in the heart of the Texas capital.

Anthony Pell
Jul 20, 2010

Internet takes DNSSEC on board

The Internet is set to get a whole lot safer, the security standard DNSSEC is set to be assigned to the Internet's 13 root servers from later today.

Alex
Jul 16, 2010

The challenges of cloud security

Some IT execs dismiss public cloud services as being too insecure to trust with critical or sensitive application workloads and data. But not Doug Menefee, CIO of Schumacher Group, an emergency management firm in Lafayette, La.

Alex
Jul 12, 2010

Cryptographic DNS security progressing

The three organisations behind the DNSSEC test

Anthony Pell
Jun 18, 2010

DNS security reaches 'key' milestone

The dream of bolting security onto the Internet's Domain Name System takes one step closer to reality Wednesday as Internet policymakers host a ceremony in northern Virginia to generate and store the first cryptographic key that will be used to secure the Internet's root zone.

Alex
Jun 17, 2010

Cloud security in the real world: 4 examples

We laid out the essential concepts of cloud security in Cloud security: The basics. Perhaps the best way to further understand cloud security is through specific examples. Here's a peek into a few of the biggest concerns that users have and how four companies have chosen to handle them.

Alex
Jun 15, 2010

Network Security - Page 10.5

I2P 2.5.0 Release Brings Improvements in Tunnels, I2PSnark & More

Canonical Makes Network Management Simpler and More Secure with Netplan 1.0

GTPDOOR Linux Malware Threatens Telecoms, Exploits GPRS Roaming Networks