information security

Blogs, other content management sites targeted by password thieves

August 07, 2013CSO — Brute force attacks to pry login credentials from content management sites like blogs have been growing as more data robbers use a short-term gain for a bigger pay-off later on.

Such sites are attractive targets because they tend to be less secure than other environments -- such as financial services -- and since they're interactive by design, "drive-by" malware planted on them can infect a lot of users quickly, said David Britton, vice president of industry solutions at 41st Parameter.

U.S.

Are non-payment NFC applications secure?

Non-payment NFC applications are not one-size-fits-all where the same level of security is required or needed. For example, you don’t need the same level of security for a coupon as you would an identity application. Application developers know this, too, and incorporate the appropriate amount of security depending on the application. Applications that use sensitive data such as you identity information will always be stored in the secure element, where it cannot be tampered with or stolen.

See also,

U.S.

Are NFC mobile payments secure?

NFC mobile payments are very secure. NFC-enabled mobile devices, which are readily available today, have a chip inside of them called a “secure element.” The payment application and your payment account information is stored in this special chip, making it invulnerable to attack. The method through which your mobile device relays information wirelessly is also very secure. The communication between a mobile phone and point-of-sale terminal use a globally recognized standard called ISO 14443 – this is the same standard used today for EMV and U.S. contactless payment cards.

U.S.

How can I increase my security when logging in to Facebook?

An advanced Facebook security option, “login approvals,” uses one-time password (OTP) codes to verifying your identity when logging in to your account. If you turn this feature on in your Security Settings page (> Account Settings > Security), you'll be asked to enter a special OTP login code each time you try to access your Facebook account from a new computer or mobile phone. This can help prevent a hacker from hijacking your account.

U.S.

How can I prevent identity theft?

Here are some great ideas to help prevent identity theft.

1. Educate yourself about how identity theft happens. Remember you are the most important part of your identity and personal information security.

2. Protect your personal information. Shred financial documents and paperwork with personal information; don’t just throw them in the trash.

3. Don’t make your wallet a one-stop-stealing opportunity. Don’t keep social security numbers, birthdays and other personal information in your wallet.

U.S.

How do I get a personal digital security device to protect my online identity?

Personal digital security devices must be obtained from your online service provider or their partner. If you want one, look for options in the security section of their support pages. One example is Amazon Web Services, who partners with Gemalto to offer one-time password (OTP) tokens to help protect information stored in the cloud. Another example is Bank of America, who offers PassCard, an OTP card used to protect online bank logins. Google, PayPal and many other Internet security leaders also offer similar options.

See also,

U.S.

Small biz survey: No cybersecurity plans -- no worries. What?

Seventy-seven percent of small- and medium-sized businesses believe that their companies are safe from cyber threats and yet 83 percent of them have no formal cyber security plan. Um, yeah. And that was just one of the contradictions uncovered in a survey of 1,015 small- and medium-sized businesses carried out by the National Cyber Security Alliance and Symantec.
U.S.

Data Security 101: Avoiding the List (INFOGRAPH)

Here’s something that may keep your typical healthcare CIO from getting a good night’s sleep:  the growing list of data breach victims on the federal Department of Health and Human Services (HHS) website. From breaches affecting 500 patients to those that impact millions, it’s an extensive catalog, which shows how even the most sophisticated provider and payer organizations are susceptible to this growing threat.
U.S.

Pages

Subscribe to information security