SecurityOrb_Staff

Google responds to Congress over privacy policy inquiries

/0 Comments/in /by

Interesting article on the Google privacy issues by   of CNET.com

Google has responded to Congress, defending its decision to make a controversial change to its privacy policy.

In a 13-page letter (document) to several Congress members, Google explained its decision for changing its privacy policy, and answered a host of questions posed by the lawmakers after the search giant announced its plans.

“Last week we heard from members of Congress about Google’s plans to update our privacy policies by consolidating them into a single document on March 1,” Google director of public policy Pablo Chavez wrote today in a blog post accompanying the letter. “Protecting people’s privacy is something we think about all day across the company, and we welcome discussions about our approach. We hope this letter, in which we respond to the members’ questions, clears up the confusion about these changes.”

Google announced plans to rewrite its privacy policy last week. The revision will give the company explicit rights to “combine personal information” across the many products and services it currently offers.

“We’re not collecting more data about you. Our new policy simply makes it clear that we use data to refine and improve your experience on Google–whichever products or services you use,” Google said at the time. “This is something we have already been doing for a long time. We’re making things simpler and we’re trying to be upfront about it. Period.”

Read the full article here.

SecurityOrb_Staff

A List of Top WordPress Security Plugins by EUKHOST.com

/0 Comments/in /by

The ratio of websites running on CMS’s can be assumed to be more than the custom designed sites built from scratch. Quite understandably, there are more number of users using WordPress than any other CMS, hence it becomes crucial to have enhanced security measures for your site. Due to a large volume of users using WordPress as a platform, an increasing number of hackers and fraudsters try to compromise the security of such sites. In majority of the instances sites running on WordPress are compromised due to outdated files and/or plug-ins. Such outdated versions of the associated scripts act as an easy meal for fraudsters.

So what measures should an individual adopt to keep a WordPress installation safe and secure from being compromised ?
Primarily, it is crucial to have a latest version of WordPress. In-addition, there are couple of useful WordPress plug-ins that can help you safeguard your website hosted on an affordable web hosting server.

Top List of WordPress Plugins For Enhanced Security

BulletProof Security
Average Rating : 4.5 || Total Downloads : 143,241

This plugin in particular has been considered to be one of the reliable security plug-ins for WordPress. It helps in protecting a WordPress based site against XSS, RFI, CRLF, CSRF, Base64, Code Injection and SQL Injection hacking attempts. Moreover, it offers a single click .htaccess WordPress security protection.
The files that are protected with this plugin are wp-config.php, bb-config.php, php.ini, php5.ini, install.php and readme.html with .htaccess security protection. Moreover, it holds the capability to check DB errors off, file and folder permissions check.

6Scan Security
Average Rating : 4 || Total Downloads : 3,844

The plugin is claimed to offer protection against the SQL Injection, Cross-Site Scripting (XSS), Directory traversals, Remote file inclusion, including the one’s listed in OWASP Top Ten security vulnerabilities.
It has been developed in a way that there is no adverse effect on the site’s performance.

Ultimate Security Checker
Average Rating : 4 || Total Downloads : 35,851

This too similar to couple of other plugins seems to be quite appreciated by users. It a common scenario where a hacker manages to get access to the WordPress installations and delete the data it contains. The Ultimate Security Checker is capable of identifying security issues on your site. It scans the installation for known vulnerabilities and grades it accordingly. It suggests the vulnerabilities which you may either fix on your own or do it automatically.

Better WP Security
Average Rating : 4 || Total Downloads : 41,417

The plugin ensures that multiple security holes are patched without the need to bother about conflicting features. It comes with a built-in feature that bans troublesome bots, switches off the ability to login for a given time period, bans the users trying to login too many times with incorrect information and more importantly it enforces strong passwords for all accounts.

WP Plugin Security Check
Average Rating : 5 || Total Downloads : 4,168

It may at-times happen that due to an outdated security plugin a hacker manages to breach in, this plugin searches for plugins for bad practices and possible security holes limiting the risk of a compromised website.

Secure WordPress
Average Rating : 4 || Total Downloads : 611,889

This plugin removes the error information on login pages, adds index.html to plugin directories, hides the WordPress version (except from the admin area) hides the plugin-update information for non-admins, it blocks any bad queries that pose harm to your WordPress installation.

WP DB Backup
Average Rating : 4 || Total Downloads : 1,238,595

We all are aware about the importance of website backup, this plugin allow users backup the core WordPress database tables with minimum clicks. Looking at the number of downloads one can imagine its popularity amongst webmasters.

Read more on the EUKHOST.com Blog Site.

SecurityOrb_Staff

Cybersecurity Receives Emphasis in State of the Union Address

/0 Comments/in /by

An interesting article by Mickey McCarter of Homeland Security Today.com about President Obama take on the cybersecurity issue in the State of the Union address.

President Barack Obama called for cybersecurity legislation to provide incentives to businesses to protect their information systems from attacks or intrusions in the course of his State of the Union address Tuesday night.

Obama noted that the White House sent a cybersecurity legislative proposal to Congress last year and called on Congress to pass cybersecurity legislation.

“To stay one step ahead of our adversaries, I’ve already sent this Congress legislation that will secure our country from the growing dangers of cyber-threats,” Obama stated.

The president cast cybersecurity legislation as a necessity to protect American businesses from foreign adversaries, be they enemy states or individual malicious actors or terrorist networks.

In response to the Obama cybersecurity legislative proposals, House Republicans convened a task force to study their options. On Oct. 5, 2011, the task force issued recommendations to guide individual bills that would address various aspects of cybersecurity nationally. Private experts have told Homeland Security Today that many of those recommendations line up with proposals set forth by Obama in his proposal.

 

Read the rest at HomelandSecurityToday.com

 

admin

ShmooCon Begins with LobbyCon

/0 Comments/in , /by

 

ShmooCon officially kicks off today Friday January 27, 2012, but yesterday was LobbyCon at the Hilton Hotel at 1919 Connecticut Ave, NW in Washington, DC.

The Lobby became a mini conference where conversations, newly forged relationships and ideas were shared in every corner of the hallways by attendees of ShmooCon and those who simply showed up to be part of the action and fellowship.

Someone stated, LobbyCons are where we come up with ideas, where the deals are made, where the projects are talked about and where the real learning is done.  After an hour LobbyConning, I would have to agree.

In the Lobby yesterday, many notable individuals were present and among such were Dual Core, Marco & Kevin Figueroa also known as the Figueroa Brothers as well as Johnny Long of HackersforCharity.org.  Johnny talked about his project in Uganda as well as a recent task participated in.  A very approachable and pleasant individual, we wish him great success and as always SecurityOrb.com continues to support his effort.

Overall, if LobbyCon is an indication of what is in store for ShmooCon, then let get it started.

admin

Counter Terror Expo US Forms Advisory Board to Expand Community Reach and Involvement

/0 Comments/in /by

ARLINGTON, VA – January 24, 2012 – The Counter Terror Expo US , being held May 16-17, 2012 at the Walter E. Washington Convention Center , has formed an advisory board of industry experts from leading organizations to help guide and shape the educational programming and conference content. The advisory board includes individuals from government, academia, law enforcement, media, and the private sector with knowledge ranging from cyber security to border and critical infrastructure protection.

Counter Terror Expo US is the first-of-its-kind expo and conference that will bring together our nation’s complete counter-terror community including: federal and state agencies, Department of Defense (DoD), police and first responders along with those responsible for securing the nation’s vital infrastructure in both the private and public sector to bolster collaboration in counter terror efforts.

To represent this vast counter terror community, Counter Terror Expo US has assembled an advisory board which will help position and advise show leaders on the most critical content that will benefit the industry.  The advisory board will continue to expand as additional industry leaders as identified so that it truly represents a cross-section of the counter terror community. The current list of advisory board members includes:

  • David Cullin, Chief Technology Officer, FLIR Systems, Inc.
  • Ed Hammersla, Chief Operating Officer, Raytheon Trusted Computer Solutions.
  • Lisa Kaiser, Department of Homeland Security, Control Systems Security Program, National Cyber Security Division.
  • Rodrigo Nieto-Gomez, Assistant Professor at the Center for Homeland Defense and Security, National Security Affairs Department at Naval Postgraduate School, Monterey, CA.
  • David Silverberg, Editor, Homeland Security Today.

“With the threat of terrorism spanning across many industries, countries and through countless mediums, it was imperative to create an advisory board as diverse as the threats that we face,” explained Wayne Crawford, vice president, North America, Clarion Events. “The group that we have assembled will help us to identify the issues and concerns that are most critical to such a vast counter terror community and the best way to address those during the conference. Our hope is that this conference will serve as a platform to not only boost collaboration but also public/private partnerships.”

For more information on exhibiting, please click here. To receive additional details and event updates, sign up for the Counter Terror Expo US newsletter.

Counter Terror Expo US is being organized by the Arlington, VA-based US division of Clarion Events, the UK’s largest independent event organizer.

About Counter Terror Expo US:

Counter Terror Expo is a unique expo and conference designed specifically to address the issues facing all of the disparate groups responsible for countering terrorism in the United States: the DoD, DHS, police, government and state agencies, along with those responsible for securing the nation’s vital infrastructure in both the private and public sectors. Counter Terror Expo US is based on the highly successful and award-winning Counter Terror Expo staged annually in London. For more information visit www.counterterrorUS.com.