HNS MAIN FEED
Mobile eID security issues examined by ENISA
Friday, 21 November 2008, 11:00 PM CET
In the near future, we will pay our taxes, buy metro tickets or open bank accounts over our phone. Mobile devices, national ID-cards, smart phones and PDAs, will play an ever more important role in the digital environment. However, as is the case with many new technologies, the pervasive use of mobile devices also brings new security and privacy risks. ENISA looks at different use-cases for electronic authentication using mobile devices. They identify the security risks which need to be overcome, give an opinion about their relevance, and present mechanisms that help in mitigating these risks.
Major spam botnets yet to recover after host shut-down
Thursday, 20 November 2008, 11:51 PM CET
One week after the world's most significant breakthrough in the fight against spam, spam levels are yet to return to their previous levels. However, it is likely that spam levels will eventually return to their previous high levels in the future.
Security issues in group management
Wednesday, 19 November 2008, 11:19 PM CET
According to a study conducted by Osterman Research and sponsored by Imanami, 42 percent of organizations report unauthorized access of information through Active Directory.
Organizations fail to educate employees about online shopping risks
Tuesday, 18 November 2008, 9:33 PM CET
Organizations allow employees to shop online but do not educate users about risks, exposing employees and employers alike to spam, malware, phishing and loss of productivity in the workplace. ISACA has carried out three simultaneous surveys to look at the latest trends in online shopping and workplace Internet safety. Only 32% of organizations that allow online shopping educate employees about the risks. Slightly over 31% of organizations prohibit using a work e-mail for online shopping or other online non-work related activities, even though allowing the use of work e-mails can expose the organization to greater volumes of spam.
Attacks on banks
Monday, 17 November 2008, 6:09 PM CET
This article provides an overview of the methods currently used by cyber criminals to attack financial institutions and banks in particular. It reviews general trends and takes how malicious programs targeting financial institutions are designed to evade detection by antivirus solutions. The article also covers phishing, money mules, the technical steps which cyber criminals may take when launching an attack (such as redirecting traffic, man-in-the-middle and man-in-the-endpoint attacks).
5 essential steps for improving virtualization security
Monday, 17 November 2008, 9:00 AM CET
With virtualization technologies becoming pervasive in the data center, here are five essential steps for addressing virtualization security challenges. The steps reflect the strategic belief that information security must be integral to the assessment, design and implementation phases of virtualized environments to protect data assets and meet compliance requirements.
Top 5 industries most at risk of web-based malware
Thursday, 13 November 2008, 9:06 AM CET
ScanSafe released its report ‘The Vertical Risk’ which reveals the top 5 industries at risk of Web-delivered malware as well as an analysis of the types and severity of the malware encountered.
Users continue risky Internet behavior after a security breach
Wednesday, 12 November 2008, 9:15 AM CET
A new study by the Ponemon Institute examined behavioral aspects around corporate policy compliance with regards to Internet tools and applications. The most startling discovery was that when confronted with a security or privacy breach as a direct result of using an Internet application, 45 percent of employees did nothing and continued using the product. Furthermore, 19 percent simply decreased frequency or level of use.
Friday, 21 November 2008, 11:00 PM CET
In the near future, we will pay our taxes, buy metro tickets or open bank accounts over our phone. Mobile devices, national ID-cards, smart phones and PDAs, will play an ever more important role in the digital environment. However, as is the case with many new technologies, the pervasive use of mobile devices also brings new security and privacy risks. ENISA looks at different use-cases for electronic authentication using mobile devices. They identify the security risks which need to be overcome, give an opinion about their relevance, and present mechanisms that help in mitigating these risks.Major spam botnets yet to recover after host shut-down
Thursday, 20 November 2008, 11:51 PM CET
One week after the world's most significant breakthrough in the fight against spam, spam levels are yet to return to their previous levels. However, it is likely that spam levels will eventually return to their previous high levels in the future.Security issues in group management
Wednesday, 19 November 2008, 11:19 PM CET
According to a study conducted by Osterman Research and sponsored by Imanami, 42 percent of organizations report unauthorized access of information through Active Directory.Organizations fail to educate employees about online shopping risks
Tuesday, 18 November 2008, 9:33 PM CET
Organizations allow employees to shop online but do not educate users about risks, exposing employees and employers alike to spam, malware, phishing and loss of productivity in the workplace. ISACA has carried out three simultaneous surveys to look at the latest trends in online shopping and workplace Internet safety. Only 32% of organizations that allow online shopping educate employees about the risks. Slightly over 31% of organizations prohibit using a work e-mail for online shopping or other online non-work related activities, even though allowing the use of work e-mails can expose the organization to greater volumes of spam.Attacks on banks
Monday, 17 November 2008, 6:09 PM CET
This article provides an overview of the methods currently used by cyber criminals to attack financial institutions and banks in particular. It reviews general trends and takes how malicious programs targeting financial institutions are designed to evade detection by antivirus solutions. The article also covers phishing, money mules, the technical steps which cyber criminals may take when launching an attack (such as redirecting traffic, man-in-the-middle and man-in-the-endpoint attacks).5 essential steps for improving virtualization security
Monday, 17 November 2008, 9:00 AM CET
With virtualization technologies becoming pervasive in the data center, here are five essential steps for addressing virtualization security challenges. The steps reflect the strategic belief that information security must be integral to the assessment, design and implementation phases of virtualized environments to protect data assets and meet compliance requirements.Top 5 industries most at risk of web-based malware
Thursday, 13 November 2008, 9:06 AM CET
ScanSafe released its report ‘The Vertical Risk’ which reveals the top 5 industries at risk of Web-delivered malware as well as an analysis of the types and severity of the malware encountered.Users continue risky Internet behavior after a security breach
Wednesday, 12 November 2008, 9:15 AM CET
A new study by the Ponemon Institute examined behavioral aspects around corporate policy compliance with regards to Internet tools and applications. The most startling discovery was that when confronted with a security or privacy breach as a direct result of using an Internet application, 45 percent of employees did nothing and continued using the product. Furthermore, 19 percent simply decreased frequency or level of use.Need a secure laptop? Read laptop reviews before buying.
