IT Security

Security bloggers help keep you up to date on how to protect your network through news, updates, advice, and opinions on how you can stay ahead of hackers.

  • Chad Perrin // June 24, 2008, 4:51 AM PST

    How FreeBSD makes vulnerability auditing easy: portaudit

    Find out how FreeBSD's portaudit tool goes a long way toward helping you maintain a secure system, simply and easily.


  • Tom Olzak // June 25, 2008, 5:28 AM PST

    Free security tools: Secunia Personal Software Inspector

    Making sure applications in new or existing endpoint system images are free from unpatched vulnerabilities is not an easy task. Secunia provides a free utility to help identify and quickly remediate out-of-date or EOL programs.


  • Chad Perrin // June 27, 2008, 5:55 AM PST

    Knowing the superficial side of security is important, too

    Maybe you're a sole proprietor or a home computer user, answerable to nobody but yourself for security policy. If you have to answer to others, though, you need to know more than good security practice; you also need to know the good, bad, and ugly of industry best practices.


  • Paul Mah // June 28, 2008, 3:53 PM PST

    Security news roundup: Hackers crack London Tube's Oyster Cards

    This week's security events include a vulnerability in the multicast filter of an unpatched Solaris 10 system, Trojans targeting the ARDAgent flaw in Mac OS X, hacks of the London Tube's Oyster Card, and an IT manager who got 63 months for causing massive data loss at his former employer.


  • Tom Olzak // June 29, 2008, 11:00 PM PST

    Ethics vs. Whitewash

    Security doesn't happen by wishful thinking. It takes hard work, commitment, and management support. Doing the right thing isn't always easy, but we should expect it from those to whom we entrust our information.


  • Tom Olzak // July 1, 2008, 9:30 PM PST

    Security Management Tip: Inspect what you expect

    Never assume your security team is focused on the same things you are. Take every opportunity to ensure they are following the path you laid out. If not, course correct, course correct, course correct...


  • Tom Olzak // July 6, 2008, 9:00 PM PST

    Forensics: Text messaging privacy

    A recent U.S. Federal court ruling seems to prohibit employer access to employee text message content. But that's not entirely true.


  • Chad Perrin // July 3, 2008, 3:57 AM PST

    Google opens up RatProxy

    RatProxy, Google's own proxy-based Web vulnerability testing tool, is now available to the public under an open source license.


  • Paul Mah // July 6, 2008, 4:59 PM PST

    Security news roundup: 7-Eleven's Citibank ATMs hacked

    This week's security events includes news of the most spammed man in Britain, and a compromise involving Citibank's network of ATMs in 7-Elevens nationwide, and yet another patch Tuesday coming up -- but with no "important" updates this time round.


  • Tom Olzak // July 8, 2008, 5:00 AM PST

    Employees want to do the right thing... so help them

    Your employees want to do the right thing, but their humanity often gets in the way. Technical safeguards can help them, and your network, stay safe.


  • Chad Perrin // July 9, 2008, 7:49 AM PST

    5 easy ways to compromise your own security

    Maybe you've effectively secured your IT resources against malicious security crackers, as much as reasonably possible. Perhaps it's even secured against "acts of God." There's always at least one more danger: that you'll accidentally compromise security yourself.


  • Tom Olzak // July 13, 2008, 9:00 PM PST

    Security Tools: Sun's VirtualBox

    Using Sun Microsystems' VirtualBox, Linux security tools and threat testing can be executed on a Windows platform. And the cost is right. VirtualBox is an open-source solution.


  • Chad Perrin // July 13, 2008, 10:19 AM PST

    The reason I talk about security

    Security isn't just for professionals any longer -- it's important for everyone to maintain a basic level of security awareness. Find out why.


  • Paul Mah // July 13, 2008, 4:59 PM PST

    Security news roundup: Google ordered to hand over YouTube records

    This week's security events includes news of Google being ordered to turn over YouTube records to Viacom, security updates released for Drupal CMS, and news of legal action taken by chip maker NXP against the security researchers that cracked its Mifare chip.


  • Tom Olzak // July 15, 2008, 9:00 PM PST

    Does IT security really need more whistle-blowers?

    The fact you disagree with management's interpretation of risk, and the security controls they refuse to implement, does not necessarily constitute corporate negligence. Weigh your options carefully if you're inclined to report your boss to an outside agency.