IT Security
Security bloggers help keep you up to date on how to protect your network through news, updates, advice, and opinions on how you can stay ahead of hackers.
-
How to respond to a malware incident
When malware is suspected don't jump the gun on diagnosis and countermeasures. Follow these best practice guidelines to ensure an appropriate and measured response.
-
Malcovery Security: The company spammers and phishers hate
When a start-up company helps take down several major online spam and phish operations, it's time to look at what they are doing right.
-
Changes to Google Chrome and Chrome OS certificate handling
Beefed up requirements for RSA keys and changes to the way Google Chrome handles certificates will benefit Internet security for end users.
-
National Computer Forensics Institute: Demystifying cybercrime
Knowing how to handle digital evidence and discovery correctly prevents costly mistakes. A federal facility in Birmingham, Alabama is working hard to improve that situation.
-
How facial recognition software can track you in the offline world
Patrick Lambert looks at the increased use of facial recognition software.
-
UAB takes aim at spammers, phishers, and purveyors of malware
Birmingham, Alabama, is fast becoming a hotspot for digital crime fighting. Together, let's learn what they're doing right.
-
Buffering SSL encryption to combat today's emerging threats
Next-generation firewalls should include intrusion prevention (IPS), the ability to decrypt and inspect SSL sessions in real time, and the ability to visualize and control application traffic as it crosses the network.
-
Researchers create nearly undetectable hardware backdoor
University of Massachusetts researchers have found a way to make hardware backdoors virtually undetectable.
-
Search engine bias: What search results are telling you (and what they're not)
Search-engine bias affects our perception of what online information is available, is that a good thing or not? Are there risks?
-
Apple Touch ID: Do security advantages outweigh risks?
Tom Olzak examines the security pros and cons associated with Apple's fingerprint authentication technology on the new iPhone 5s.
-
What’s better than creating your own DDoS? Renting one
Thanks to the cloud, anyone can now initiate a DDoS attack. Find out how booter services work.
-
What can IT do in the fight against government surveillance tactics?
Will the fight for privacy and freedom from government surveillance reach the grassroots of IT departments?
-
The insecurity of private email services
The Indian government wants to ban the use of Gmail for official use, due in part to leaks about NSA snooping, but the general insecurity of private email services makes this a sound policy.
-
Escaping the dragnet of surveillance: What the experts say about encryption
Just-released documents by the Guardian explain how intelligence agencies collude with technology companies to thwart Internet-based encryption protocols.
-
COBIT 5 for information security: The underlying principles
COBIT 5, a governance model for enterprise IT, introduces a framework that is better focused on information security.
-
The importance of being encrypted
People often complain that using encryption in email is too much work. Sometimes, it can be fraught with difficulty for the encryption novice. Managing public and private keys can be confusing at first, and getting someone at the other end to use encryption as well can sometimes be a challenge. Worse yet, it can be difficult to maintain an encryption key "identity" properly once you've gotten everything set up -- as things stand, good encryption practice is not a "fire-and-forget" proposition where you can just go through the hassle of setup once and be done with it. I can understand the desire to forget about it, and just ignore good encryption practice altogether. There's just one problem with that attitude.
-
Avoid the danger of forged digital images: Part 2 of 2
In Part 1, we examined the methods used to create forged digital images, images sometimes used to steal identities or misrepresent financial and background. Here we look at ways to help mitigate risk associated with acceptance of digital forgeries.
-
List open ports and listening services
You should turn off any services you don't actually need so that they will not become avenues of attack for security threats. Different systems will have different services running by default, even between different service pack versions of MS Windows XP, and if you're coming into a situation where you must assume responsibility for the security of computers that were already set up before you got there, there are certain to be different services running than on a default install of the system. What's needed is a tool for listing active services and open ports. I'll explain how such tools can be used on three types of systems: Linux distributions, FreeBSD, and MS Windows.
-
How to respond to a malware incident
When malware is suspected don't jump the gun on diagnosis and countermeasures. Follow these best practice guidelines to ensure an appropriate and measured response.
-
Malcovery Security: The company spammers and phishers hate
When a start-up company helps take down several major online spam and phish operations, it's time to look at what they are doing right.
-
National Computer Forensics Institute: Demystifying cybercrime
Knowing how to handle digital evidence and discovery correctly prevents costly mistakes. A federal facility in Birmingham, Alabama is working hard to improve that situation.
-
The basics of using a proxy server for privacy and security
Patrick Lambert goes over the basics of how proxy servers work and why they are used to add security and privacy.
-
Changes to Google Chrome and Chrome OS certificate handling
Beefed up requirements for RSA keys and changes to the way Google Chrome handles certificates will benefit Internet security for end users.
-
Battling the Google Redirect virus
Consultant Bob Eisenhardt recounts his frustrating experience trying to track down and get rid of a client's search-redirect virus. Here's how he finally ditched it.
-
Dropbox: Convenient? Absolutely, but is it secure?
A potential security lapse and possibly misleading statements are plaguing Dropbox, a hugely popular file-syncing app. What are the issues and is concern justified?
-
How facial recognition software can track you in the offline world
Patrick Lambert looks at the increased use of facial recognition software.