IT Security
Security bloggers help keep you up to date on how to protect your network through news, updates, advice, and opinions on how you can stay ahead of hackers.
-
Breach Detection Systems take aim at targeted persistent attacks
You've just been told to get a Breach Detection System in place. Where do you start? How about a buyer's guide created by an independent test facility?
-
Freedom Hosting and 'torsploit': Troubles on the Onion router
The arrest of the Freedom Hosting CEO has set in motion a crisis for TOR and unleashed a java exploit designed to expose Freedom Hosting users.
-
Corporate espionage or fearmongering? The facts about hardware-level backdoors
Spying accusations against Chinese companies like Huawei have resulted in bans by US, UK, and Australian government agencies. Is there any technical merit to these charges?
-
New strain of ransomware evades detection by AV apps
Learn about a new type of ransomware that has the potential to snare many victims - and it's not even malware.
-
RiskRater: An IT-security test that no one fails
Three minutes. That's it. Take the RiskRater challenge. You could save yourself, your fellow employees, and family members from a costly Internet oops.
-
Worst IT fail ever? US agency spends millions in useless security
A branch of the U.S. Commerce Department recently trashed perfectly good computers and wasted millions on a bogus malware infection. How did this happen?
-
Why security metrics aren't helping prevent data loss
Security metrics are supposedly a way for upper management and IT departments to converse intelligently about in-house security programs. Why aren't the metrics working?
-
The emergence of enterprise risk compliance
At the intersection of IT compliance and risk, new solutions are helping security professionals to prioritize where limited resources need to be directed.
-
Android's very real 'Master Key' vulnerability
Android Master Key cryptography ensures applications are not tampered with. Michael P. Kassner interviews researchers who say the crypto process is severely flawed.
-
Email encryption: Using PGP and S/MIME
For those worried about the security and privacy of email communications, encryption is one layer to add, but using encryption software isn't terribly user-friendly.
-
Band of brothers: Vendor partnerships strengthen security for all
Security vendors who band together on solutions instead of persisting in adversarial relationships with one another should be the favored providers for IT departments.
-
Why 'Nothing to Hide' misrepresents online privacy
A legal research professor explains to Michael P. Kassner why we should think long and hard before subscribing to the "Nothing to Hide" defense of surveillance and data-gathering.
-
Cyberwarfare: Mounting a defense
Both private and public organizations are at risk for cyberwarfare attacks and must take responsibility for network defense. Tom Olzak outlines security best practices.
-
Does using encryption make you a bigger target for the NSA?
Fact: The U. S. government is capturing data from its citizens. Fact: Encrypted data is of more interest to the U.S. government. Michael P. Kassner asks two experts, one legal, one cryptographic, what our options are.
-
Everything you need to know about using TOR
TOR's anonymizing and encrypting features make it a very useful tool for privacy. Here's a quick look at the basics.
-
Botnets: They do have the option to self-destruct
Self-destruct code is often written into bot malware. Up until recently that wasn't considered an issue. So, what changed and what does it mean to us?
-
The case for national security
This Memorial Day evening, let us consider the security not of our corporate networks, but of our country, and of the men and women who serve in its armed forces as the shield against foreign aggressors.
-
China chooses FreeBSD as basis for secure OS
What OS would you choose as the basis for your security hardened software platforms? China has made a decision remarkably similar to my own, and it has U.S. officials worried that the Eastern power may be pulling ahead in the realm of information warfare preparedness.
-
The cyber czar: Hope or fear?
President Obama is poised to make good on his promise to appoint a security coordinator. Is hope or fear the more appropriate response from IT professionals?
-
Why are crime rates dropping?
Crime rates have dropped dramatically in major cities across the US, despite a worsening economy. What's behind this trend? Could improving technology have something to do with it?
-
Cybersecurity: It's our problem
Two law professors want a paradigm shift in how we approach cybersecurity. Michael Kassner discusses this new theory and wants to know what you think about it.
-
How anti-sec is Anti-sec?
Some person or organization, calling itself "Anti-sec", is waging war on full disclosure. What exactly does all this mean?
-
IPv6: Oops, it's on by default
Do you know whether your computers are actively using IPv6 or not? Better check, as the bad guys probably already know. Michael Kassner explains how that might be exploited.
-
Report: Americans dumber than a box of rocks about spam
When it comes to spam, we Americans are quick to point our fingers at Russia, China and eastern Europe as the regions responsible for the bulk of it. But a new report issued today found that Americans are largely to blame - not because we create it, but because we're too stupid to recognize that we're spreading it.
-
Open source crimebusting
Chad Perrin writes that we may start seeing the principles of open source development applied to law enforcement in the future.
-
IT Security News: So much to tell, yet so little time
There's so much going on in IT security, I don't know which topic to write about first. So, I'm going to lightly touch on most of them and let you decide which ones are important to you.
-
Hacker vs. cracker
The word "hacker" gets used in a pejorative sense by journalists an awful lot. Some people think this is perfectly reasonable; others find it offensive, and recommend an alternative term for that meaning. Read on to find out why.
-
The real solution to malware
The solution to malware is closer, and easier, than you probably realize.
-
Firefox: Some security tips
There are several reasons why Firefox is the Web browser of choice for many of us. Providing a safe Web surfing experience is one of the more important ones. I'd like to offer some tips that will make surfing the Web with Firefox even safer.