Security Port

Security Forums
Security Articles
Security Port Blog
Security Blogs
Security Books
Security Glossary
Security Definitions
Security Directories
Security Wikis
Security Tradeshows
Security Newsletters
Security Alerts
Buyers Guides
Security Newsgroups
Security Organizations
Submit Security Sites
Security Magazines
Security Feeds
Security News
Security Software
Security Products
Search Databases

Security Port
Contains relevant information that pertains to security related issues and solutions.

Security Port

A Security Port Blog

What if you reached to grab a newspaper out of a news stand and you found a rock in your hand instead? How about opening the front door to a grocery store and ending up on a boat?

This sounds like a Matrix movie, but the virtual equivalent of this is real and poses one of the most serious new risks on the Internet, according to Jeremiah Grossman, chief technology officer and co-founder of Whitehat Security.

Most exploits like worms and attacks that take advantage of holes in software can be patched, but clickjacking is a design flaw in the way the Web is supposed to work, Grossman said. The bad guy is superimposing an invisible button over something the user wants to click on...It can be any button on any Web page on any Web site.

The technique was used in a series of prank attacks launched on Twitter in February.

Money in Jobs with Security Clearance

Companies are cutting jobs or slashing pay to cope with the sagging economy but there is money to be made of you have a government security clearance., an online career management resource company, reports workers holding security clearances are enjoying an average pay increase of nearly 2 percent to $73,961.

Invasion of Privacy or Piracy Prevention?

Software vendors fed up with software piracy have responded by beefing up their licensing and activation procedures, only to have pirates crack their code again.

A company called V.i. Laboratories Inc. is proposing a new approach called CodeArmor Intelligence, which embeds stealth algorithms inside programs that phone home with information about the unauthorized usage of software, including their Internet domain and even a company location on a Google Map.

Iowa Women Goes to Prison for Software Piracy

A federal judge in Madison has sentenced an Iowa woman to prison for pirating software.

U.S. Attorney Erik Peterson said Kelly Garcia, 39, of Dubuque, posted online advertisements selling software at reduced rates in March 2003.

The Business Software Alliance bought several titles and discovered they were pirated copies of Macromedia software programs. In November 2003, federal investigators searched a home in Boscobel, Wis., where Garcia lived at the time, and uncovered records showing she made about $85,000 selling pirated programs.

Teen Hackers

One in five teenagers are able to used advanced internet-distributed hacking tools, says Panda Security.

Research by the security firm revealed that casual hacking is as much a part of teen life as downloading music to an iPod.

Two thirds of those surveyed revealed they had succeeded in hacking instant messaging or social network accounts of people known to them, with 20 percent admitting to having published embarrassing photographs or videos of acquaintances on the internet.

Security Flaws

Should you use WEP or WPA encryption with your wireless router? WEP is now considered obsolete, as it contains security flaws and is much more easily hacked. It is still used widely, however, because some older devices still do not support WPA. Most recent routers, however, do offer WPA data encryption, which is far more secure.

Facebook Hacker

Facebook has been working to clean up its site after its 200 million members were targeted by hackers.

Facebook spokesperson Barry Schnitt would not comment on how many accounts had been hit but he did confirm it was blocking any that had been compromised.

Craigslist Targeted by District Attorney

Craigslist CEO Jim Buckmaster pointed out Saturday there are plenty of places in South Carolina other than his Web site to find prostitution ads and obscene photos, saying in a blog that he wants to know why the states top prosecutor is targeting his company.

South Carolina Attorney General Henry McMaster has threatened to prosecute Craigslist executives for aiding and abetting prostitution if an ad on the Web site leads to a prostitution case in South Carolina.

In the post on his companys blog, Buckmaster linked to a publication in Greenville he said has a larger number of adult ads and more explicit content than his Web site. He later updated the post to point out a publication in Charleston that listed 19 adult ads on Friday.

Elliptical Curves May Improve Security

An approach based on the mathematical theory of elliptic curves may pave the way much more efficient cryptography ‚€” which underpins privacy, confidentiality, and identity to provide the fabric for e-commerce and secure communications ‚€” that will be capable of strengthening security against cyber crime and any terrorist attacks via the Internet.

Inspected Air Cargo

Thousands of boxes of Washington cherries will be loaded onto passenger planes in coming weeks, bound for Pacific Rim countries like Japan and Korea.
Or so farmers hope.

Growers and shippers of highly perishable crops like cherries worry that a new requirement that all cargo on U.S. passenger flights undergo a security scan could create huge delays, leaving crops to rot in hangars as they await inspection.

Swine Flu May Not Be Done

The World Health Organisation warned on Friday against a false sense of security from waning and apparently mild outbreaks of H1N1 flu, saying the worst may not be over. WHO Director-General Margaret Chan, who raised the United Nations agencys pandemic alert to the second-highest level, said there remained great uncertainty about the strain that could pose particular threats in Southeast Asia.


The scale of the threat posed by cybercriminals has been revealed after researchers took over a network of computers for 10 days, gaining unrestricted access to thousands of bank and credit-card accounts.

They showed how a botnet, a network of 180,000 compromised or zombie computers, allowed thieves to steal thousands of bank account and credit-card details and computer passwords and to spy on the browsing habits of the users.

US Risks Increasing

Former Vice President Dick Cheney says he believes the U.S. has become more vulnerable to a potential terrorist attack since the Obama administration took power.
Cheney cites interrogation and surveillance policies put in place after the Sept. 11 attacks. He says those policies kept the U.S. safe, but the Obama administration is now critical of them ‚€” and raising the possibility of prosecuting government lawyers who signed off on some policies.

Online Trolling Could Result in Jail Time

A new cyberbullying bill aims to punish those who intend to cause emotional distress online with fines, jail time, or both. The problem‚€”as usual‚€”is the vague language used in the bill, which leaves many critics concerned that it could be used to censor speech on the Internet.

Google Regulation

Googles unabashed success as an Internet search and advertising juggernaut has placed it in the crosshairs of regulators worried the firm will trample free market competition.

Online Applications Reduce Security

Bruce Schneier, author and computer security expert, wrote a good reality-check essay on the subject of online privacy, or the lack thereof.

In it, he points out how using Webmail or an online document service like Google Docs not only allows for more easily snagging your information, but also severely waters down legal privacy protections. For example, he points out that the courts have ruled that the police can search your data without a warrant, as long as others hold that data. If the police want to read the e-mail on your computer, they need a warrant; but they don't need one to read it from the backup tapes at your ISP.

Must Have Software Applications

Applications I Can not Live Without!

Used daily for updating RSS feeds.

The Bat!
Used hourly for managing email.

FTP Voyager
Used for FTPing up new web design layouts and images.

Used for Web Design.

MS Office
Used for correspondents and administrative tasks.

PaintShop Pro
Used for graphic editing and image enhancement.

Used occasionally for recording audio files for podcasts.

RSS Submit
Used weekly to submit RSS feeds to RSS directories and search engines.

Used to manage reading of RSS feeds on a regular basis.

Used for sending email newsletters.

Used regularly for converting documents to PDFs.

TNT Screen Capture
Used occasionally for capturing screen shots

Used occasionally for making changes to Cascading Style Sheets -CSS

SureThing CD Labler
Used occasionally for designing CD inserts and labels.

Used hourly for navigating the web, also use plug-ins for search marketing research.

US Military Cuts a Big Problem

Last week, the Pentagon embarked on a yearlong review of its strategic priorities. In the months to come, defense officials will be facing some exceptionally painful choices about where to focus their limited resources in the wake of the economic crisis and the ever-rising tab for seven years of war. The Defense Department got used to being on the receiving end of blank checks to fight tough military campaigns on two fronts, but money is tight now.

Indeed, budget constraints are making it increasingly difficult for the U.S. military to project power to hot spots around the globe, with an alarming and growing effect on national security, some longtime military analysts say.

Supreme Court Limits Identity Theft

The Supreme Court on Monday took away one of the governments tools for prosecuting and deporting workers in this country illegally, ruling that the crime of identity theft was limited to those who knew they were using another person's Social Security number.

People who use false documents can be jailed, the court said. But they cannot be convicted of the more serious crime of aggravated identity theft without proof that they knew the identification number belonged to someone else, the court ruled unanimously.

European Commission Wants Software Makers Held Liable for Code

Software companies could be held responsible for the security and efficacy of their products, if a new European Commission consumer protection proposal becomes law.

Commissioners Viviane Reding and Meglena Kuneva have proposed that EU consumer protections for physical products be extended to software. The suggested change in the law is part of an EU action agenda put forward by the commissioners after identifying gaps in EU consumer protection rules.

Internet Just Not Safe for Children

Leaving children unsupervised on the internet is like giving them the keys to a Porsche and letting them loose on the motorway, Privacy Commissioner Marie Shroff says.

Privacy Awareness Week began yesterday, with events focused on two privacy hotspots: the security of official information and internet awareness for young people.

Shroff said cases like that of Kaiapoi man Malcolm Spark who last week was jailed for 2 1/2 years for offences that stemmed from his prowling through internet chatrooms and enticing underage girls into discussions about sex highlighted the dangers the internet posed.

Spammers Attempting to Profit from Flu

Worried about Swine Flu? If so, do not let your fear and anxiety dupe you into clicking dubious links in emails. Spammers are increasingly using Swine Flu in subject lines and messages to take advantage of people's fears of the rapidly-spreading Influenza strain, according to McAfees Advert Labs Blog.

Swine Flu in 18 Countries

Doctors have confirmed 898 cases of the H1N1 flu virus in 18 countries and, for the first time, a sick farm worker has infected pigs, according to the World Health Organization.

A farm worker who had recently traveled to Mexico has infected a herd of pigs in Alberta, Canada, said Peter Ben Embarek, a food safety scientist at the WHO at press conference Sunday morning. The worker returned to the farm in mid-April and the animals began getting sick eight to 10 days later, Embarek said. The infection was mild, however, and the farm worker and pigs have recovered.

The Pan American Health Organization Sunday said there are cases in Colombia, but this in not reflected on the WHO site.

Web 2.0 White House

The White House took a major leap into the Web 2.0 world, launching pages on social networks MySpace and Facebook and sending its first tweets on hot micro-blogging service Twitter.

Feds Looking to Buy Security

Among the suggestions for improving federal cyber security that were proposed at a hearing by the Senate Homeland Security Committee Tuesday, one that appeared to garner a fair amount of interest from lawmakers had to do with the use of government buying power to boost security.

The suggestion from Alan Paller, director of research at the Bethesda, Md.-based SANS Institute is one that is shared by several others within government and outside it as well. The basic premise is that the government which purchases over $70 billion worth of IT products a year can use its enormous buying power to force vendors to make their products more secure.

Most often, cyber criminals and foreign adversaries are able to penetrate systems and networks because of common programming errors and insecure configuration issues that are pretty well understood at this point but which vendors keep repeating all the same in their products. So getting them to fix these issues before they are permitted to sell into government is a surefire way to improve security and reduce costs, says Paller.

An example of where this approach has worked is the U.S. Air Force which has deployed over 500,000 desktops with a secure, standard Windows desktop configuration, Paller says.

Sensitive Identifiable Information

CBS News has learned of another data breach potentially compromising the personal information of thousands of people. Companies Lexis Nexis and Investigative Professionals have notified up to 40,000 people whose sensitive and personally identifiable information may have been viewed by individuals who should not have had access.

Facebook Boosts Security After Dual Phishing Attacks

Facebook has brought in some soldiers to fight the war against malware and phishing Relevant Products - Services scams on the social-networking site. After two different malware attacks this week, Facebook announced it would begin using San Francisco-based MarkMonitors antifraud services as an additional layer of protection against attacks.

Pros set to Tech Tech Security

The Department of Homeland Security and several technology giants are launching a nationwide volunteer program to put tech pros in kindergarten through 12th-grade classrooms to make the younger generation aware of Internet dangers.

College Spammers Prosecuted

Two brothers from Missouri and two of their cohorts have been charged with conspiracy and violations of the CAN-SPAM Act thanks to their $4 million e-mail scheme targeting university and college students across the US. The scheme originated out of the University of Missouri, but the group took numerous measures to obscure the origins of their e-mails.

Send Network Alerts

Send network alerts to pagers and cell phones immediately.

What is Software Piracy

Software piracy refers to the unauthorized duplication and use of computer software. Software developers work hard to develop solid software programs. If those applications are pirated and stolen, the software developers will often be unable to generate the revenue required to continue supporting and expanding those applications. The effects of software piracy impact the entire global economy. The reduced revenues often divert funding from product development, and result in less research and less investment in marketing. In 2007, economists indicated that software piracy cost the industry $39.6 billion.

What Is Software Piracy?

Software Industry Conference

The Software Industry Conference is scheduled for July 16-18th, 2009 in Boston MA. Sign-Up now.

Chilling Truths about Internet Drugs

Headache pills made of rat poison and Viagra made of chalk, the truth about internet drugs. They cause hundreds of thousands of deaths per year.

Security Logos

Large collection of security logos.

Fighting Cyber Terrorism

The Pentagon is completing plans for a new military command that would coordinate the security of the nations computer networks. It would also develop new offensive cyber-weapons, U.S. officials said.

It comes as hackers, criminals and spies have increased attacks on the countrys utility grids, stock markets, airline systems, military networks and other government computer systems that contain sensitive information.

Current Blog

2009 Securty Blog Archive
May Archive
April Archive
March Archive
February Archive
January Archive

2008 Security Blog Archive
December Archive
November Archive
October Archive
September Archive
July-August Archive
May-June Archive
April Archive
March Archive
February Archive
January Archive

2007 Security Blog Archive
December Archive
November Archive
October Archive
September Archive
August Archive
July Archive
June Archive
May Archive
April Archive
March Archive
February Archive
January Archive

2006 Security Blog Archive
December Archive
November Archive
October Archive
September Archive
August Archive
July Archive
June Archive
May Archive
April Archive
March Archive
February Archive
January Archive

Security Alerts
Locate security alerts, and security feeds via a security rss feed directory.