July, 2018

  • 9 July

    MOBILE DEVICE ATTACKS

    MOBILE DEVICE ATTACKS

    A recent information security challenges is the number of mobile devices ranging from USB flash drives to laptops that are infected with malware outside of a security perimeter, and then carried into an organization. Traditional network based protection, such as the firewalls and intrusion detection systems, are powerless to prevent …

  • 9 July

    DATABASE SECURITY

    DATABASE SECURITY

    Database present unique security challenges. The sheer amount of data that may be housed in a database which requires the special security consideration. As we will see shortly in the “Inference and aggregation” section, the logical connections database users may lead to inference and aggregation attacks, requiring database security precautions …

  • 8 July

    SYSTEM VULNERABILITIES, THREATS, AND COUNTERMEASURES

    SYSTEM VULNERABILITIES, THREATS, AND COUNTERMEASURES

    System threats, vulnerabilities, and countermeasures describe security architecture and design vulnerabilities, as well as the corresponding exploits that may compromise system security. We will discuss countermeasures, or the mitigating actions of that to reduce the associated risk. COVERT CHANNELS A covert channel is any communication that violates security policy. The …

  • 7 July

    Protecting Data in Motion and Data At Rest

    Protecting Data in Motion and Data At Rest

    Data at rest is stored data that resides on a disk and/or in a file. Data in motion is data that is being transferred across a network. Each form of data requires different controls for protection, which we will discuss next. Drive and Tape Encryption Drive and tape encryption protect …

  • 7 July

    Twitter’s Efforts to Suspend Fake Accounts Have Doubled

    Bots, your days of tweeting the politically division nonsense might be over. The Washington Post reported on Friday that in the last few months Twitter has suspended accounts to stop the disinformation running on their platform. Washington Post reports that Twitter has suspended as many as 70 million accounts between …

  • 5 July

    Information Security Governance

    Information Security Governance

    Information security governance is the information security in the organizational level, which includes senior management, policies, processes, and staffing. It is also the organizational priority provided by the senior leadership, which is required for a successful information security program.   Security Policy and Related Documents Documents such as policies and …

  • 5 July

    Facebook Faces Broadened Federal Investigations Over Data and Privacy

    Facebook Faces Broadened Federal Investigations Over Data and Privacy

    WASHINGTON — Facebook said on Monday that they are facing more of the federal investigations into its sharing of the user data with the political consulting firm Cambridge Analytica, many other governmental agencies are inquiring regarding this matter for examining the social network’s statements about the new issues. The Justice …

  • 4 July

    Baidu Just Made 100th Autonomous Bus Ahead of Commercial Launch in China

    Baidu Just Made 100th Autonomous Bus Ahead of Commercial Launch in China

    Baidu is preparing to launch their very own driverless services in China — and elsewhere — with another update to Apollo autonomous driving platform and the mass production of Apolong, an autonomous bus which allows up to 14 seats for people. Baidu made this announcement at Baidu Create 2018, the …

  • 4 July

    Facebook Confirms That it’s Acquiring Bloomsbury AI

    Facebook Confirms That it’s Acquiring Bloomsbury AI

    Facebook announced this morning that the London based team at Bloomsbury AI will be joining the company from now. Facebook would reply the team and the technology to assist in its efforts to fight against the fake news and of course other content issues. In fact, The Bloomsbury AI Co-Founder …

  • 3 July

    Legal and Regulatory Issues

    Though general understanding of the major legal systems and their types of law is really essential, it is critical that information security professionals understand the concepts described in the next section. Of course with the ubiquity of information systems, data and applications comes a host of legal issues that require …