You are viewing 'encryption'

Emails and Encryption

Improving email security and privacy

Jacob Faires

October 23, 2015 - Posted by Jacob Faires to Security Insight

Email

It’s been a little over two years since Edward Snowden broke news about massive government surveillance in the United States and abroad. Since then, major applications have begun tightening security. It was made well known that the government has the ability to read your emails and listen to your phone calls by getting a court order or a subpoena and paying a small fee.

So, what changes have been enacted on the digital front? In this blog I’m going to focus on one area in particular, email.

Before mid-2013 emails were, for the most part, unencrypted, passed in clear text, and stored in clear text. After Snowden, changes started to occur almost immediately. The question is how far have they come?

Outlook.com

a. Perfect Forward Secrecy (Nov 2014)

b. Transport Layer Security (TLS) (inbound and outbound as of Nov 2014)

c. Two-factor Authentication (Oct 2014). You have to enable this for... read more >

The Incredibly Problematic Scourge: RANSOMWARE

Bryan Pasquale

February 10, 2015 - Posted by Bryan Pasquale to Security Insight

ransomware

By now, most everyone has heard of the malware boogeyman known as ransomware. This is a type of malware that an end-user finds on a system after clicking a link with a malicious program or Trojan horse. Ransomware makes no secret of its presence on your machine. Similar to keystroke loggers, the focus is on you and your data.

How does ransomware work?

Ransomware restricts access to an infected computer and, as the nomenclature suggests, demands a ransom payable to the program creator in order to release control of the computer back to the... read more >

Retail Needs to Take a Lesson From...Retail

Protecting Credit Card Data and Meeting PCI DSS Requirements

Brian Drexler

February 05, 2015 - Posted by Brian Drexler to Security Insight

POS

Have you ever walked into a grocery store and found the milk on a shelf next to the mustard? Or while walking the seemingly endless aisles of a supermarket and seen the ice cream next to ice scrapers?

Unless some mischievous kids were having fun, the answer is “of course not.” There's an almost perfect order to the retail store layout, even if it is a bit overwhelming.

Does this look like segmentation?

Sure does.

Not only are the dairy products kept in a somewhat contained area, they are also refrigerated and protected. Do you think it's a coincidence that high-value items like jewelry and electronics are in central locations with lots of lights and minimal visual barriers?

Of course not.

This is done by design. These valuable items are prone to theft so they require an elevated level of visibility and additional protection to safeguard them. Many items are locked away and can only be accessed by... read more >

Hiding In Plain Sight

Analyzing Anomalous Data Structures

Ramece Cave

December 09, 2014 - Posted by Ramece Cave to Security Insight

anomalous data structure

Malware authors are known for developing clever, interesting and sometimes dastardly ways to move, hide and distribute their wares to the masses.

They often work tirelessly to stay ahead of security analysts by playing on doubts, limitations and red tape. Some authors use trivial encryptions or encoding schemes like base64 while others use high-grade encryption or perform small modifications to a file to avoid detection.

If that does not work, the attacker can hide content in, or append content to image files or files made to look like images, but structurally they are another file type entirely. From a forensic standpoint, some of these files do not have a known structure and can be extremely difficult to identify and categorize, therefore they fall into the anomalous category.

In my thought process, anomalous data is that binary file that does not have an identified file structure.... read more >

Mobile Device Security Tips

Nine Tips For Your Holiday Gifts

Chad Kahl

November 25, 2014 - Posted by Chad Kahl to Security Insight

mobile device security

Welcome! Welcome, one and all!

With Black Friday just around the corner, there is no doubt the holiday shopping season is upon us. For many, myself included, new phone FTW! This means a myriad of new electronic gadgets and gizmos.

Considering you are reading the Solutionary Minds blog, it stands to reason that you care about security. And because I've started setting up my new phone, it seems like a good time to discuss mobile device security.

The tips below apply primarily to phones, tablets and phablets (phones that are too big to be a normal phone and too small to be a true tablet), but many of these tips can help you protect laptops and other devices as well. The list certainly should not be considered all-inclusive, but applying it is a strong step in the right direction.

Nine Tips for Mobile Device Security

1. Enable Total-Device Encryption

Despite the ... read more >

1 | 2 | 3 | 4 | 5 | Older Entries >>

Voted one of the Best Computer Security Blogs 2016
NTT Security (US), Inc. (formerly Solutionary) is a security consulting and managed security services provider. The NTT Security blog is a place for IT professionals to both learn and talk about the latest in IT security and compliance.

Get the NTT Security Blog delivered to your inbox!

Enter your Email:

(We will not share your email or use it for anything else.)

LATEST TWEETS