When meeting the IT security standard isn’t enough

There's a price to be paid for organizations that aren't on the leading edge of security -- they usually get caught. That's the lesson from an incident a Canadian penetration tester ran into

Published on: September 1st, 2014 Howard Solomon

Warning issued for watering-hole attack

Crackers use a number of techniques to get into corporate systems, including reconnaissance through s0-called watering-hole attacks. This appears to be behind the discovery by a California unified threat management company called Alien

Published on: September 1st, 2014 Howard Solomon

Suspicion over celebrity photo hacks pointed at Apple’s iCloud

It was a long weekend for more than 100 international celebrities, and not because of Labour Day. On Sunday someone published nude photos of a number of well-known performers including Jennifer Lawrence, Rhianna,

Published on: September 1st, 2014 Howard Solomon

Video interview: Check Point Software’s Amnon Bar-Lev

Let’s face it: 2014 has been a miserable year for IT security professionals. Every week, it seems, an organization somewhere around the world confesses its systems have been broken into and data has

Published on: August 26th, 2014 Howard Solomon

How to protect Secure Shell access

A considerable number of Canadian IT departments rely on the Secure Shell protocol for automating access management thanks to it being embedded in a wide number of IT, networking and security products. Its

Published on: August 25th, 2014 Howard Solomon

Another warning about Android apps

A security vendor has raked the Google Play store and the Android ecosystem over the coals for allowing apps that have SSL vulnerabilities  susceptible to man in the middle attacks to be made

Published on: August 21st, 2014 Howard Solomon

Spammers discover iMessage

One of the business users' favorite smart phones is becoming jammed with messaging spam. According to an article on Wired.com, the iPhone's iMessage platform has been discovered by people you don't know, and don't

Published on: August 21st, 2014 Howard Solomon

Heartbleed exposed cache problem: Researchers

Most IT security pros think of the Heartbleed bug as a software vulnerability in some versions of the OpenSSL software library. Certainly that's what they thought last April when the first word of

Published on: August 17th, 2014 Howard Solomon

Six tips to end SQL Injection attacks

These tips are just the tip of the iceberg for what you need to do to stop SQL Injection attacks. For detailed advice, see this article by Paul Litwin, as well as this

Published on: August 12th, 2014 Howard Solomon