Tools for Reducing Software Vulnerabilities
NIST, the US National Institute of Standards and Technology, released a report last December, “Dramatically Reducing Software Vulnerabilities.” It has multiple useful and interesting ideas for improving vulnerabilities in software. I want to highlight two that I felt were most important. 1. Education There is no technological substitute for developer discipline. Education is not just […]
Could a Hand-held EMP Device Threaten Cyber Security?
The ability to disable computers, cars, or other machinery from a distance without being easily detected has fascinated me for a long time. Years ago I worked for defense cub-contractor founded by engineers who had worked on the Airborne LASER Laboratory (ALL). They successfully used a LASER on board an airplane to shoot down drones. […]
How Can We Help Users Improve Security?
Maybe we should rename CIA. I don’t mean the government agency by that name. I’m risking heresy by saying that the tired old acronym CIA for Confidentiality, Integrity, and Availability isn’t sacred text. We talk about CIA in Learning Tree’s System and Network Security Introduction course. Let’s take a critical look at it here. I’ve […]
Using SSH for IoT Authentication
In a previous post, I wrote about attackers using default passwords in FTP and Telnet to compromise devices (especially IoT ones such as cameras). The compromised devices were then used to attack other devices on the Internet. I suggested users change passwords on the devices where possible but acknowledged that some were not changeable. I […]
The Next Big Thing in Biometric Authentication: Ephemeral Biometrics
A device like a FitBit may soon greatly improve user authentication. The key to this will be ephemeral biometrics. We talk about biometric authentication in some of Learning Tree’s cyber security courses, including the System and Network Security Introduction course and the CompTIA Security+ test-prep course. But how are ephemeral biometrics different? Biometrics Today Biometric authentication […]