content top

Password Security – Is rotating passwords helpful?

Many companies require that you change your password a number of times per year.  It usually ranges between 30 to 90 days.  However, does this provide any actual benefits to the overall user account security?  I do understand the logic behind it, your network will be more secure if all your users account passwords are changed frequently.  There are a few issues with this however.  The first issue is people tend to have issues remembering...

Read More

The Economics of Security

At the RSA Conference in San Francisco I was able to listen to many interesting topics on security during the week I was there. This one covered the economics of security, and the five laws of security. Law 1: Most attackers aren’t evil or insane; they just want something. At first you might wonder why the distinction. The reason is, if a truly evil or insane person was attacking your system, or property you will not prevail. We simply do...

Read More

RSA Conference – San Francisco

RSA Conference – San Francisco

I will be attending the RSA Conference in San Francisco later on this month.  The various topics all look very interesting, and I have scheduled out the sessions I will be attending while there.  I plan on writing up information on what I learn while I am there. My Schedule Monday – April 20, 2015 Security Basic Seminar Tuesday – April 21, 2015 Security’s Age of Enlightenment Enhancing Cloud Trust Security on Offense The...

Read More

Apple releases security patch for the FREAK SSL vulnerablity

Apple releases security patch for the FREAK SSL vulnerablity

Apple today has released the security patch for OSX as well as iOS 8.2 for iPad and iPhone devices that resolve the FREAK SSL Vulnerability on Apple devices.  It is highly advisable to if you have any Apple devices that you run the updates as soon as possible to resolves these security issues. After you have updated your system you can confirm the issue has been resolved by visiting FREAK Attack which will scan your client and inform you...

Read More

FREAK SSL security flaw

FREAK SSL security flaw

Another SSL security flaw has been detected by cryptographers from IMDEA, a European Union research group; INRIA, a French research company; and Microsoft Research.  The Washington Post reported earlier today that “They could force browsers to use the old export-grade encryption then crack it over the course of just a few hours.  Once cracked, hackers could steal passwords and other personal information and potentially launch a...

Read More
content top