VB Migration

Tag: security

  • VB2017 preview: Consequences of bad security in health care

    Earlier this month, at the SHA2017 hacking camp, among the professional hackers and security experts, there was one speaker with a rather unconventional CV: Jelena Milosevic’s day job is that of an ICU nurse at a Dutch hospital. But despite having a different background, Jelena is just as passionate about security as professional hackers, if…

  • VB2017 preview: Consequences of bad security in health care

    Earlier this month, at the SHA2017 hacking camp, among the professional hackers and security experts, there was one speaker with a rather unconventional CV: Jelena Milosevic’s day job is that of an ICU nurse at a Dutch hospital. But despite having a different background, Jelena is just as passionate about security as professional hackers, if…

  • Security products and HTTPS: let’s do it better

    It is one of the most hotly discussed topics in the security community: is it acceptable for a security product to intercept encrypted HTTP communication (HTTPS) to analyse its content? First, those who are against the practice point out that it breaks the end-to-end principle of HTTPS. This is obviously true, but misses an important…

  • Security products and HTTPS: let’s do it better

    It is one of the most hotly discussed topics in the security community: is it acceptable for a security product to intercept encrypted HTTP communication (HTTPS) to analyse its content? First, those who are against the practice point out that it breaks the end-to-end principle of HTTPS. This is obviously true, but misses an important…

  • The Living Dead Anti-Virus

    A former director of testing at AV-TEST and a one-time VB conference speaker , security consultant Hendrik Pilz is passionate about the quality of security products. In a guest blog for Virus Bulletin, he explains why he doesn’t think anti-virus products should be disabled. Just recently, security expert Robert O’Callahan (a former developer at Mozilla ) published…

  • The Living Dead Anti-Virus

    A former director of testing at AV-TEST and a one-time VB conference speaker , security consultant Hendrik Pilz is passionate about the quality of security products. In a guest blog for Virus Bulletin, he explains why he doesn’t think anti-virus products should be disabled. Just recently, security expert Robert O’Callahan (a former developer at Mozilla ) published…

  • Box-ticking mentality leads to insecurity

    Credit card company fails to understand how authentication works. Security experts often bemoan a ‘box-ticking’ mentality and argue that in many cases ticking boxes doesn’t address the real issues. In some cases, it can even make things less secure. Yesterday I received a call from what was probably my credit card company. The caller asked…

  • There is no ‘I know what I am doing’ trump card in security

    NSA activities could make millions avoid US-based services. We have all been there. To continue the product you’re working on, you need to get some extra permission: a port needs to be opened, or perhaps some files need to be uploaded onto a protected system. You ask the IT department for this permission and, much…

  • FBI warns against malware installed via hotel networks

    Malware poses as fake update of popular software. The FBI has warned travellers against fake software updates served through hotel connections which actually attempt to install malware. The agency reports that it has seen instances where travellers connecting to a hotel room’s Internet connection are presented with a pop-up of what looks like an update…

  • Hacktivists hijack DNS of popular websites

    Security at registrars may be weak link. A hacktivist group has managed to redirect the traffic of two popular websites by hijacking their DNS settings, researchers at Internet Identity report. The sites belong to UFC , a mixed martial arts promotion company, and Coach , which produces luxury goods. Both companies had expressed their support…