Behavior-based typing analysis may strengthen passwords

Before the computer age, spies sent some reports by Morse code.  Each had his or her own way of sending dots and dashes, which was called their "fist." Intelligence officers worried if an

Published on: August 18th, 2014 Howard Solomon

Heartbleed exposed cache problem: Researchers

Most IT security pros think of the Heartbleed bug as a software vulnerability in some versions of the OpenSSL software library. Certainly that's what they thought last April when the first word of

Published on: August 17th, 2014 Howard Solomon

Eavesdrop using a smart phone without a battery possible: Researchers

As I was writing a story on the latest interview with Edward Snowden, I read a section where the fugitive NSA whistleblower's friends warned author James Bamford (himself a former NSA employee and

Published on: August 14th, 2014 Howard Solomon

Two projects to improve IT security without using software

Imagine if an invisible thief could break into your home and start stealing your possessions. That’s one of the threats posed by inadequate IT security. The pain and loss of poor IT security

Published on: August 14th, 2014 Bruce Harpham

Blackphone hack highlights Def Con

The battle over who has the most secure smart phone has racheted up in the past year with the revelations by former NSA contractor Edward Snowden of the capabilities of some Western electronic

Published on: August 13th, 2014 Howard Solomon

Six tips to end SQL Injection attacks

These tips are just the tip of the iceberg for what you need to do to stop SQL Injection attacks. For detailed advice, see this article by Paul Litwin, as well as this

Published on: August 12th, 2014 Howard Solomon

IBM makes second acquisition to boost managed security offerings

IBM has made its second security-related acquisition in two weeks with the purchase of the cloud-based identity and access management division of Lighthouse Computer Services. The division, called Lighhouse Security Group, sells the Lighthouse Gateway

Published on: August 11th, 2014 Howard Solomon

New networking protocol endangers security, Black Hat conference told

The annual Black Hat security conferences are usually fountains of black news -- another exploit discovered! criminals are partnering! Here's another one from this week's Las Vegas edition: a supposed improved version of

Published on: August 8th, 2014 Howard Solomon

U.S. should outspend anyone on bug bounties, Black Hat conference told

If you throw enough money at a problem there's bound to be a solution, some think. That's the logic of security expert Dan Geer, who this week told the Black Hat conference in

Published on: August 7th, 2014 Howard Solomon