- Encryption Confusing the Padlock and the Favicon in the Web Browser
Attackers can display padlock-shaped favicons to fool users into thinking non-HTTPS connections are secure. Chrome and Firefox addressed this by removing favicons from the URL bar, while Internet...
- Incident Response 9 Convenient Lies in Information Security
Common security claims are often oversimplifications: encryption alone doesn't secure data, compliance doesn't address all necessary controls, security seals reflect limited scans, background checks...
- Encryption What Information Security Can Learn from NYC Restaurant Inspections
NYC's restaurant letter grades publicly signal food safety compliance, motivating improvements—72% of initially failing restaurants improved to A or B on second inspection. InfoSec could benefit from...
- Malware 11 Recommendations for Coming Up to Speed on Bitcoin
Bitcoin represents a precursor to future distributed online payment approaches. Security implications include compromised computers being used for mining, trojans designed to steal Bitcoin wallets,...
- Risk Management Understand the Risks of Email Search Add-Ons and Services
Cloud email search tools like Greplin and Xobni index messages and contacts across services, creating attractive targets for attackers. Most vendors provide little detail about security measures....
- Malware Respect the Browser - Security Awareness Recommendations
Six brief browser safety recommendations for non-technical users: use bookmarks to avoid typosquatting, patch browsers and add-ons automatically, ensure HTTPS for sensitive data, log out properly,...