safer

now browsing by tag

 
 

5 ways to be a bit safer this Data Privacy Day – Naked Security

Source: National Cyber Security – Produced By Gregory Evans Today is Data Privacy Day. As we say every year, Data Privacy Day is more than just a 24-hour period when you try to keep safe online. It’s a day to think about changes you can make in your digital life that will keep you safer […] View full post on AmIHackerProof.com

#hacking | We Talk to Security Engineer Laurie Mercer – “Together We Can Build a Safer Internet!”

Source: National Cyber Security – Produced By Gregory Evans

This article first appeared on MyHackerTech.com

This week we had the pleasure of talking to Laurie Mercer, Security Solutions Engineer at vulnerability coordination and bug bounty platform, HackerOne. Security Engineers are tasked with designing and building systems that remain dependable against malicious cyber attacks, vulnerabilities, and even natural disasters.

To be a security engineer you need a hybrid and knowledge and experience in several areas of IT. These areas include network engineering, system engineering, and security architecture, but other areas of IT may come into play as well.

 

Laurie started his IT career in software development and transitioned into penetration testing as his interest in IT Security strengthened. Today, Laurie’s focus is on responsible disclosure, vulnerability management, and risk reduction. He has worked in several roles including software, security, and education and has a diverse set of professional experiences.

For example, Laurie has worked on government security projects, including projects for the Chinese government, and the British Royal Family. Let us take a look at what Laurie had to say.

 

How did you get started in the industry?

 

I’ve been hooked on computers from a young age when I got my very first computer — a blue screen Amstrad!

Amstrad CPC 464, with CTM644 colour monitor
By Bill Bertram – Own work, CC BY-SA 2.5, Link

I spent my teenage years building and breaking Linux boxes and, after reading Computer Science at the University of East Anglia, I began developing software professionally for projects large and small.

At the time I was coding everything from Ruby web apps to real-time communication services in C++STL. This was 3 years after the “Manifesto for Agile Development” was published and engineering practices, while rapidly changing, were still archaic. My first project had as much documentation as code and the system was updated every year, onto physical servers!

My career as an ethical hacker started rather accidentally. I had just returned from a Chinese language course in Kunming, China, when I was approached by a London based boutique consultancy. They were looking for a fast learner with a background in software engineering: if you can learn Chinese in 3 years, then ethical hacking should be a breeze, they said!

 

I retrained from a builder to a breaker and worked as a pen-tester for several years, alongside visionary researchers like James Forshaw (now ar Google’s Project Zero, the first-ever researcher to be awarded a US$100,000 bug bounty), James Kettle (now head of research at Portswigger) and Black Hat Conference regular, Alex Chapman.

As a “builder turned breaker”, my responsibilities have focused on both testing software and also trying to build security practices into software development teams.

In my current role as a security solutions engineer at HackerOne, I help to run bug bounty programs, coordinating thousands of the world’s best hackers to find vulnerabilities in software developed by companies and open source projects. Rather than having one or two people looking vulnerabilities once or twice a year, we can leverage thousands of people with diverse skill sets to continuously perform security assessments.

https://www.hackerone.com/product/bounty

Bug bounty programs have become the number one source of high and critical vulnerabilities, and bounties are being paid out daily — some organizations are offering as much US$250,000 for a single critical bug.

What do you think are the biggest cybersecurity challenges the world is facing in 2019?

There are many cybersecurity challenges that we will have to overcome this year, and in the years that follow, but I’ve come up with three main areas.

As a user, I’m concerned that we put our trust in so many different systems and services every day, both in our personal and professional lives. These services may be incredibly beneficial to us, but how can we trust that they are safe and secure?

The scalability of security capabilities is a major concern. We live in a world where the number of digital services is increasing at a seemingly exponential rate. We need to design systems that scale appropriately to the number of people that will be using them now, but also 10 years from now.

In order to trust organizations to manage our data responsibly, we need to build frameworks for them to prove they are secure. At present, some companies are more transparent than others. Even when a company shares the information, sometimes it’s hidden layers and layers deep into a website, making it difficult to access. We need to set expectations for security and a process by which organizations can prove they have met these expectations.

 

How do you see the cybersecurity industry evolving in the next decade?

Hackers are the immune system of the internet. This immune system will grow to a community of millions of hackers, inclusive of security and IT professionals, hobbyist breakers and builders, developers, CISOs, presidents.

As new technology platforms are invented and adopted, new vulnerabilities will be introduced and discovered. Security will foster more collaboration and transparency will breed trust.

 

What are some simple steps that organizations can take to secure their data?

Have a Vulnerability Disclosure Program. A study recently conducted by the company I work for, HackerOne, found that 94% of the Forbes Global 2000 do not have known vulnerability disclosure policies. This means that there’s no way for good-faith security researchers to report the bugs they find. If more companies implemented a Vulnerability Disclosure Program, the future will be safer for everyone.

Implement continuous security testing. New vulnerabilities are discovered all the time and sometimes things are missed. This is why continuous security testing is a must.

What advice would you give to aspiring ethical hackers and security professionals?

– Go to HackerOne and make a profile!

– Watch the Hacker101 training videos.

Install Burp: A popular and useful tool for testing web application security.

– Complete the Hacker101 Capture The Flag.

Report some vulnerabilities!

– Learn to code! There is no point in finding vulnerabilities if we can’t fix them!

Together we can build a safer internet!

 

Source link

The post #hacking | We Talk to Security Engineer Laurie Mercer – “Together We Can Build a Safer Internet!” appeared first on National Cyber Security.

View full post on National Cyber Security

UL bids to make IoT safer with new Cybersecurity Assurance Program

dreamstime_xl_59705849Today more number of enterprises and businesses are exploring new possibilities of using Internet of Things (IoT) than ever before. However, information security experts including CIOs, CISOs and IT heads globally have raised their concerns on the new technology concept of IoT and its usage in enterprise environment. For them the top concern when it […] View full post on AmIHackerProof.com | Can You Be Hacked?

In A Lot Of Ways, Schools Are Safer Than Ever

As schools have taken steps to beef up their security measures, violence in schools has taken a dive. 

The latest school safety numbers from the Department of Education, released Wednesday, show that schools have overall become safer places. While the data, which presents the most recent national indicators on school crime and safety, shows a slight uptick in violent deaths at school, it also shows that bullying and nonfatal crimes have greatly decreased.

At the same time, the numbers show a huge increase in terms of school security measures and training over the years. In the 1999-2000 school year, only 19 percent of public schools reported using security cameras.

Read More

The post In A Lot Of Ways, Schools Are Safer Than Ever appeared first on Parent Security Online.

View full post on Parent Security Online

Credit card chip tech safer, but could lead to holiday slowdowns

Source: National Cyber Security – Produced By Gregory Evans

Credit card chip tech safer, but could lead to holiday slowdowns

New credit cards are arriving all over the county that have security chips that are designed to cut down on fraud. The changeover is leading to some confusion and questions about why its all necessary. One reason is that it moves the U.S. toward a world-wide standard for accepting credit cards. The new cards are called EMV chip cards. That stands for “Europay, Mastercard and Visa. They became the norm in the European Union 10 years ago; in 2012 Canada joined and now, finally, the U.S. has decided it’s time too. Why now? Because almost half of the world’s credit card fraud happens to U.S. consumers. The cards contain tiny chips that give every transaction a unique encryption code, instead of using the same card information over and over, like with the magnetic strip cards we’ve gotten used to swiping. The chip stops thieves from stealing your card info and then duplicating it, according to Carolyn Belfany at Mastercard. “We’ve seen dramatic drops in fraud in other markets as soon as chip cards are distributed to consumers by 70, 80 or more percent,” she said. The chip cards also make retailers liable for any fraudulent transactions that happen at the […]

For more information go to http://www.NationalCyberSecurity.com, http://www. GregoryDEvans.com, http://www.LocatePC.net or http://AmIHackerProof.com

The post Credit card chip tech safer, but could lead to holiday slowdowns appeared first on National Cyber Security.

View full post on National Cyber Security

Identity Theft and Having Credit Card Information Stolen by Hackers Is the Greatest Fear in the Minds of Consumers Highlighting the Need for a Safer Credit Card According to SmartMetric

Source: National Cyber Security – Produced By Gregory Evans

Identity Theft and Having Credit Card Information Stolen by Hackers Is the Greatest Fear in the Minds of Consumers Highlighting the Need for a Safer Credit Card According to SmartMetric

Americans worry the most about having their credit card information stolen by hackers or becoming a victim of identity theft. Anxiety over the theft of credit card information and a person’s identity is considerably more than any other serious concern. Americans’ Worries About Various Crimes: Pollsters asked, how often do you, yourself, worry about the following things — frequently, occasionally, rarely or never? The percentage who Frequently or occasionally worry according to Gallup Poll conducted October, 2015. 69% Having the credit card information you have used at stores stolen by hackers 69% Being a victim of identity theft 40% Having your car stolen or broken into 39% Your home being burglarized when you are not there 33% Having a school-aged child of yours physically harmed while attending school 27% Being a victim of terrorism 25% Getting mugged 25% Your home being burglarized when you are there 19% Being a victim of a hate crime 17% Being attacked while driving your car 17% Getting murdered 16% Being sexually assaulted 7% Being assaulted/killed by a coworker/employee where you work By adding biometric security to a consumers credit and debit card brings a much higher level of security and safety giving a greater […]

For more information go to http://www.NationalCyberSecurity.com, http://www. GregoryDEvans.com, http://www.LocatePC.net or http://AmIHackerProof.com

The post Identity Theft and Having Credit Card Information Stolen by Hackers Is the Greatest Fear in the Minds of Consumers Highlighting the Need for a Safer Credit Card According to SmartMetric appeared first on National Cyber Security.

View full post on National Cyber Security

FBI says chip-based credit cards safer but need PIN to protect against fraud

Source: National Cyber Security – Produced By Gregory Evans

The National Retail Federation today said it agreed with a warning from the FBI that new chip-based credit cards are safer than traditional cards but still vulnerable to fraud and need to be used with a PIN instead of a signature to minimize risk. “What the FBI is saying is what the rest of the world already sees as common sense,” NRF Senior Vice President and General Counsel Mallory Duncan said. “It’s the right thing to do, and we hope the banks are listening.” “Retailers are determined to protect their customers,” Duncan said. “That’s why we are pushing the banks to use all of the security the new cards are capable of providing, not just half. They shouldn’t lock the front door but leave the back door wide open.” In a warning issued on Thursday to consumers, merchants and law enforcement, the FBI praised Europay MasterCard Visa chip cards as being more secure than traditional magnetic stripe cards, but said they are “still vulnerable to fraud.” Despite card industry claims that the chips are difficult to counterfeit, the FBI said the cards “can be counterfeited using stolen card data obtained from the black market.” The bureau also said the chip […]

For more information go to http://www.NationalCyberSecurity.com, http://www. GregoryDEvans.com, http://www.LocatePC.net or http://AmIHackerProof.com

The post FBI says chip-based credit cards safer but need PIN to protect against fraud appeared first on National Cyber Security.

View full post on National Cyber Security

SYMANTEC IS ALREADY PLANNING FOR A SAFER CYBER MONDAY

Source: National Cyber Security – Produced By Gregory Evans

While Cyber Monday is still months away, information protection company Symantec is challenging eCommerce retailers to make this year’s annual online shopping event, which takes place on the Monday following Thanksgiving and Black Friday, the safest on record. In preparation, Symantec announced yesterday (July 22) the release of an enhanced version of its Symantec SSL Assistant Plus encryption tool, which it said will allow online retailers and other sites to keep customers safe while they shop. “When it comes to SSL encryption, you get what you pay for,” Quentin Liu, VP of engineering at Symantec, said in a company release. “With Symantec SSL Assistant Plus, we’re delivering extreme value over free, basic SSL options by hiding complexity and helping to ensure that websites are properly secured. In addition, we make the entire process as simple and intuitive as installing an app on a phone. SSL Assistant Plus is also backed by our world class technical support organization and offers peace of mind because it’s created by security experts. Our goal is to create a safer web as less than 1 percent of online sites today are encrypted and use certificates,” Liu explained. According to a U.S. online consumer study conducted by Symantec, […]

For more information go to http://www.NationalCyberSecurity.com, http://www. GregoryDEvans.com, http://www.LocatePC.net or http://AmIHackerProof.com

The post SYMANTEC IS ALREADY PLANNING FOR A SAFER CYBER MONDAY appeared first on National Cyber Security.

View full post on National Cyber Security

10 tips to make your home safer for kids

558d0e565bd2e.image(BPT) – Home is where the heart is, and for most people, it’s where they feel safest. Yet for children, the home isn’t as safe as you might assume. In fact, you may be surprised to learn that 3.5 million children go to the emergency room every year for injuries that happen in homes.

Some parents are unintentionally putting their children at risk by making common mistakes in the home. For example, parents say they are worried about fire safety and 96 percent report they have a smoke alarm, yet 14 percent never check their smoke alarm battery, according to “Report to the Nation:

Read More

The post 10 tips to make your home safer for kids appeared first on Parent Security Online.

View full post on Parent Security Online