Talk Security
Steven Sprague
Brian Berger
Ed Green
Len Veil
Lark Allen
Greg Kazmierczak
Robert Thibadeau
Joseph Souren
What’s in Your Wallet? Hackers Can Find Out with a Simple Brute Force Attack
Last week, web security firm zvelo disclosed that it applied a fairly simple brute-force attack to hack the PIN protection of Google Wallet, an application that stores payment card numbers and other sensitive data on your mobile phone. To its credit, Google acknowledged zvelo’s discovery, and moved quickly to develop a fix. But the episode offers a cautionary tale to vendors who, in their rush to market, ignore the vital role that consumer trust plays in adoption of virtual wallet technology.
Passware’s Release Underscores Need for FireWire Protection
Got an hour to spare? Computer forensics firm Passware claimed recently that its latest software toolkit cracks Apple’s FileVault full-disk encryption (FDE) platform in less than sixty minutes. The company further reported its toolkit could unlock volumes encrypted by TrueCrypt and BitLocker.
Control over Online Privacy Belongs to the User
Hardly a week goes by without yet another inconclusive debate over privacy in the age of social media. So, it was refreshing to read Scott Cleland’s blog post, which also ran on Forbes.com, and explains why this problem is so systemic (and, incidentally, also confirms my belief that Wave is on the right track toward developing a solution.
Two Cybersecurity Bellwethers Sound a Familiar Refrain
Repeat something enough times and someone’s bound to listen. Wave has, for over a decade, argued that the foundation of cybersecurity is to permit only authorized devices on the network.
Our mantra finally appears to be catching on with industry bellwethers. Just last month, the UK’s Centre for the Protection of National Infrastructure (CPNI) unveiled a new program to update and improve its security measures. Within the week, the U.S. National Security Agency (NSA) followed suit. Notably, both organizations founded their new practices on a document titled 20 Critical Security Controls, which tops its list with – wait for it…
New Cloud-Based Wave Encryption Service Delivers a Class of Data Protection Once Available Only to Large Corporations
The risk of data breaches unfortunately brings out the gambler in many organizations. Currently, many companies are praying they won’t get breached or, if they do, that they won’t have to disclose it. Some believe the definite costs of IT security and disclosure of potential risks outweigh the possible costs of data breaches themselves.
Ask anyone who’s suffered a catastrophic breach whether that’s true.
Twitter Feed
- A must-read by @georgevhulme: “RSA Conference 2012 sneak peek: cloud, big data, and mobile” #RSAC $WAVX http://t.co/un727kmt”
- @TrustedComputin workshop demos #security solutions for #Cloud, #data protection, network access http://t.co/WbonFlFa $WAVX #RSAC
- RT @securitypro2009: Wave to Present at AGC's 8th Annual Information Security & Emerging Growth ... http://t.co/yguvTJeG
- @eSignSystems launches modernized electronic signing experience http://t.co/jjXstCLD #esign $WAVX
- @danraywood: thanks for your time! make sure you check out @TrustedComputin if you haven't already...
- A must-read by @georgevhulme: “RSA Conference 2012 sneak peek: cloud, big data, and mobile” #RSAC $WAVX http://t.co/un727kmt”
