Security

Articles, advice and resources.

Snoopy Drone Shows Lax Smartphone Security

Snoopy Drone Data
A remote-controlled quadcopter named “Snoopy” prowled the streets of London in late March, collecting confidential data from the smartphones of passersby at the rate of about 150 victims per hour. Included in the haul were usernames and passwords to PayPal, Amazon, Yahoo and other sites that represent concentration points for the financial and identity-management data of millions of users. Click here to find mobile security jobs. Snoopy is the cutting edge of mobile-security technology, but not in the way most… continue…

Changing Anti-Virus Models Spur New Hiring

Mobile Security
If you expect that increasing malware and security threats means increased hiring at companies that combat them, you’d be both right and wrong. Among the industry stalwarts — the likes of Microsoft, AVAST, Symantec and McAfee – some are hiring while others are letting people go. The reason is the dramatic changes impacting the industry. First, there’s the financial: A crop of new companies is benefiting from lower costs of entry and cloud-based setups. For example, San Jose, Calif.-based Malwarebytes… continue…

How to Become More Marketable in IT Security

Cybersecurity
There are certainly plenty of opportunities for IT security professionals nowadays. They can get well-paid jobs that offer loads of advancement opportunity, as long as they’re motivated and have a deep interest in security. So what should you do to better position yourself? The Right Experience First, you should make sure that your technology experiences put you in contact with a wide assortment of IT and development teams. You don’t want to be a coder in a cubicle corner. The… continue…

More Spies Needed in Silicon Valley

Spy
Increasing demand is giving cybersecurity engineers more options in terms of where and for whom to work. Where before many of the available jobs were government positions based in the Washington, D.C., area, today private companies in Silicon Valley are offering opportunities that didn’t exist before. Reporting on a story from the Information, Business Insider says engineers working for agencies like the NSA and CIA can take advantage of “fast-moving, non-bureaucratic environments” in the private sector. Besides that, they can… continue…

Authentication’s New Methods Spotlight Need for More Training

Fingerprint Authentication
IT security professionals may want to brace for more training and skills development on emerging forms of authentication following Google’s acquisition of Israeli startup SlickLogin and moves by organizations like the Fast Identity Online Alliance (FIDO). Companies are seeking ways to keep their customers and employees secure online beyond reusable passwords, as cybercriminals become increasingly sophisticated and attacks more massive in scope, as evidenced by the recent Target security breach. Earlier this week, Google acquired SlickLogin, which uses a unique,… continue…

4 Interview Questions for Security Analysts

Dice Interview Qs Icon
Recent data breaches involving Target, Michael’s and Neiman Marcus are adding fuel to the fire for security analysts. But that doesn’t mean job interviews are easy. As a security leader with an impressive list of certifications, David O’Berry expects analysts to know the ins and outs of networking and operating systems. He also looks for resourceful professionals who use their insatiable curiosity to stay one step ahead of hackers and cybercrooks. “I don’t need someone to check off items on… continue…

Security Mergers Indicate Solid Job Prospects

Security Key
Recently, we ran a story about the number of VCs putting cash into security startups. That turns out to be the tip of the security spear. The past month has seen several acquisitions of note as well-established vendors sought to broaden their product line, complement security products with malware or detection services, or make noteworthy hires. For example, Milpitas, Calif.-based FireEye bought Washington, D.C.’s Mandiant for $1 billion. Mandiant made headlines last year by working with The New York Times… continue…

Time to Reassess Your Network Access Rights

Hacker Thumbnail
At the heart of the celebrated case of Edward Snowden lies one important fact: The infamous contractor gained access to the trove of documents that he ultimately leaked to journalists by escalating his access rights. And despite this very real poster boy having been in the news for the past several months, many enterprises haven’t done much with reeling in — or even auditing – the access rights they have in place. In fact, far too many enterprises don’t know… continue…

VCs Pump Cash Into Security Startups

Cyber-Security-Thumbnail
A significant rise in cybercrimes and corporate hacking means that cybersecurity equipment and software companies are enjoying a real upswing. Venture capital firms are taking note and pouring cash into startups in the sector, according to the Los Angeles Times. AlienVault of San Mateo, for instance, has raised $55 million in three rounds since January 2012. The company snagged seven top security executives from Hewlett-Packard, many of whom had worked at Fortify Software, a San Mateo security company HP bought… continue…

Is SAP the Latest Malware Target?

Stealing-Passwords-Thumbnail
Reports over the past several weeks have pointed to potential malware — a variation on the Shiz banking-related Trojan — that is targeting SAP installations. This nasty piece of business was originally designed to provide attackers with remote access to an infected PC and steal online-banking passwords and cryptographic certificates. According to Infoworld, the malware was discovered a few weeks ago by Russian antivirus company Doctor Web, which shared it with security researchers. Alexander Polyakov, chief technology officer at ERPScan,… continue…