The Definitive Fraud Encyclopedia

Reading Time: 1 minuteThis unique guide provides step-by-step instructions on how to commit fraud. From buying the correct hardware and software, to spoofing the personal details of your victims, to actually using stolen cards effectively. Originally published by an...

How Do Vulnerabilities Get Into Software?

Reading Time: 1 minuteThis paper, by application security platform Veracode, addresses the four main causes of vulnerabilities in software today. The authors investigate: insecure coding practises; the ever-shifting threat landscape; the reuse of vulnerable components...

Cyber security: a failure of Imagination by CEOs

Reading Time: 1 minuteThis paper discusses the involvement of CEOs in cyber security. Backed up by strong research, it explores the current state of CEO involvement, addresses some of the challenges involved in CEO involvement and offers four golden rules of cyber...

Predicting Privacy and Security Attitudes

Reading Time: 1 minuteWhile individual differences in decision-making have been examined within the social sciences for several decades, this research has only recently begun to be applied by computer scientists to examine privacy and security attitudes (and...

An Extended Perspective on Individual Security Behaviors

Reading Time: 1 minuteSecurity threats regularly affect users of home computers. As such, it is important to understand the practices of users for protecting their computers and networks, and to identify determinants of these practices. Several recent studies utilize...

The Effect of Social Influence on Security Sensitivity

Reading Time: 1 minuteEven though there has been an increased effort to increase security sensitivity amongst the population, most individuals ignore security advice. This paper found a few social influence processes – processes that influence the behaviours of...

Comprehensive Study on Cybercrime

Reading Time: 1 minuteAn in-depth and thorough study into the world of global cybercrime which highlights lessons learned from current and past cyber efforts. The study explores the global state of cybercrime, the challenges we face as we move into a digitally...

On The Security of Password Manager Database Formats

Reading Time: 1 minuteFindings from this paper show that most password managers are easily broken and use storage formats that are easily accessible, even to weak adversaries. The work does, however, show that it is possible to theoretically construct a format that is...

Teaching Johnny Not to Fall for Phish

Reading Time: 1 minuteResearch focusing on educating users about phishing and identifying phishing emails, as opposed to using technology for prevention and detection. The research identified multiple problems, namely: that people were not motivated to learn about...

A large-scale study of web password habits

Reading Time: 1 minuteWe report the results of a large scale study of password use and password re-use habits. The study involved half a million users over a three month period. A client component on users’ machines recorded a variety of password strength, usage and...

Behavioral Response to Phishing Risk

Reading Time: 1 minuteTools that aim to combat phishing attacks must take into account how and why people fall for them in order to be effective. This study reports a pilot survey of 232 computer users to reveal predictors of falling for phishing emails, as well as...

Decision Strategies and Susceptibility to Phishing

Reading Time: 1 minutePhishing emails are semantic attacks that con people into divulging sensitive information using techniques to make the user believe that information is being requested by a legitimate source. In order to develop tools that will be effective in...

Analysis of end user security behaviors

Reading Time: 1 minuteFrom writing down a password on a sticky note to undertaking a Denial of Service attack using company computers, the research in this paper helps to categorise and differentiate between the different security-related behaviours of end users....

The Economics of Information Security Investment

Reading Time: 1 minuteAn article exploring the optimal amount of money to invest to protect information. This model looks at the extent to which a piece of information is vulnerable and the potential loss that would occur if it was breached, and notes that companies...