IT Security

Security bloggers help keep you up to date on how to protect your network through news, updates, advice, and opinions on how you can stay ahead of hackers.

  • Tom Olzak // August 19, 2008, 9:00 PM PST

    Not all data breaches are created equal

    Understanding the root cause of a breach is a better use of time and resources than chasing elusive causes, causes that arise because someone was quick to point a finger at security ignorance as the reason things fell apart.


  • Chad Perrin // August 21, 2008, 2:55 AM PST

    How do you interview security experts?

    Hiring a security expert is a very different challenge than hiring many other types of employee. Find out some of the concerns particular to choosing the best candidate for a security job.


  • Paul Mah // August 22, 2008, 4:59 PM PST

    Security news roundup: The security risks of SSDs

    This week's security events include news that servers belonging to Fedora and Red Hat have been broken into, the release of Opera 9.52, a vulnerability in Tomcat which could result in arbitrary file access, and the security risks of SSDs.


  • Tom Olzak // August 26, 2008, 9:00 PM PST

    Avoid the danger of forged digital images: Part 2 of 2

    In Part 1, we examined the methods used to create forged digital images, images sometimes used to steal identities or misrepresent financial and background. Here we look at ways to help mitigate risk associated with acceptance of digital forgeries.


  • Paul Mah // August 27, 2008, 4:56 AM PST

    New attack vectors challenge IT security pros

    Like IT in general, the security arena is in a constant flux. New esoteric hacks can appear overnight, leaving the onus on managers and security folks to scramble to patch or mitigate the new threat. Today, I'll highlight a few of these potential attack vectors.


  • Paul Mah // August 27, 2008, 1:55 AM PST

    Security news roundup: Mozilla Firefox gets security boost

    This week's security events include news of a moderately critical flaw discovered in some Trend Micro products, a free add-on for Mozilla Firefox 3.0 that helps give it a security boost, and news of a major security fix for popular Linux distribution Ubuntu.


  • Chad Perrin // August 28, 2008, 8:36 AM PST

    Functional programming techniques can improve software security

    A key concern in software security is avoiding security flaws in a program's source code. Employing a functional programming style can help.


  • Paul Mah // September 6, 2008, 4:59 PM PST

    Security news roundup: Webcam voyeur gets 90 days

    This week's security events include news of a vulnerability in the 64-bit edition of OpenOffice, a privilege escalation flaw in Samba, a virus infection on the International Space Station, and the arrest of yet another webcam voyeur.


  • Tom Olzak // August 31, 2008, 9:00 PM PST

    How do you keep your sys admins from stealing company secrets?

    Administrators of your network resources are valuable assets, assets that keep services flowing to your business users. But proper oversight of these critical employees, and their network rights and permissions, is an important part of security management.


  • Tom Olzak // September 2, 2008, 9:00 PM PST

    Three security investigation pitfalls to avoid

    Investigations are powerful tools for improving compliance. They should strengthen security controls and help nurture employee perception that the security team is a partner instead of the company's secret police. So investigators must avoid three common mistakes.


  • Chad Perrin // September 2, 2008, 6:01 AM PST

    Perspectives: better than CAs?

    Check out the Perspectives extension for Firefox to improve validation of HTTPS encrypted session certificates.


  • Chad Perrin // September 4, 2008, 9:10 AM PST

    What are the security implications for Google Chrome?

    Google has announced the beta test release of its new Web browser, Chrome, and everybody's talking about it. It's time to talk about the implications this new browser may have for Web browsing security.


  • Tom Olzak // September 7, 2008, 9:00 PM PST

    The Tornado Plus encrypted USB drive: Good idea, bad design

    Not all encrypted drives are actually safe repositories for sensitive information -- even if a bunch of Internet articles point consumers and businesses in their direction. Here is just one example.


  • Chad Perrin // September 9, 2008, 6:46 AM PST

    The trouble with test versions

    Alpha and beta test releases of applications provide an easy way to get early, free access to new software. Google Chrome serves as an excellent example of how important it is to be very careful with testing versions of applications.


  • Paul Mah // September 10, 2008, 1:02 AM PST

    Security news roundup: Japan generates the most Internet attack traffic

    This week's security events include news of the WordPress Development team releasing a patch to fix a serious security vulnerability, Microsoft patching eight critical vulnerabilities, an update for QuickTime from Apple, and a report that pegs Japan at the forefront of... Internet attack traffic.