Category: best practices

dropbox sharing flaw exposes personal documents and (unencrypted) cloud risks

A security vulnerability in the way that online storage provider DropBox (and possibly rival Box) handles links to shared files caused some documents (which were…

Continue Reading

apple security fail leaves email attachments unprotected

One of the nice things about Apple’s iOS platform is the “hardware level encryption” that protects “all of the information on the device.”  At least,…

Continue Reading

a new, saner approach to password policies

In this article over at Ars Technica, we get the scoop on Standford University’s new password policies which vary the requirements for password complexity (use…

Continue Reading

heartbleed attack on ssl vpns

Heartbleed strikes again… according to respected security consulting firm Mandiant, one of its corporate customers’ SSL VPN appliances was compromised by attackers using the Heartbleed…

Continue Reading

Keep your users informed with SANS’ OUCH! newsletter

  SANS recently published the latest edition of their “OUCH!” security newsletter for end users – this month’s topic is Yes – You Actually ARE…

Continue Reading

creepy but effective belgian internet safety psa

Via Gizmodo

Continue Reading

attackers are doing their homework – are you?

Some spear phishing wisdom from Security BSides SFO today… Rohyt Belani of PhishMe told an interesting story highlighting just how much research attackers do when…

Continue Reading

java: threat or menace?

It has been a pretty bad few weeks for Oracle’s Java language – zero day vulns, followed by an out of band patch, with another…

Continue Reading

time to strengthen your human firewall

For the past few years, the Social Engineering Capture the Flag contest has been a highlight of the Defcon security conference.  The report from the…

Continue Reading

more (and better) social media guidance from the nlrb

A while back, I wrote about how US organizations writing social media policies need to beware of the National Labor Relations Board’s requirements that these…

Continue Reading