IT Security
Security bloggers help keep you up to date on how to protect your network through news, updates, advice, and opinions on how you can stay ahead of hackers.
-
How to test Firefox 23 change on unsecured content before it happens
Mozilla announced that the next version of its browser, Firefox 23, will automatically block unsecured content on encrypted web pages. You can check how that change will affect your own or other websites now.
-
DropSmack: Using Dropbox to steal files and deliver malware
Michael P. Kassner interviews a digital forensic scientist who uses Dropbox to compromise targeted networks -- something the bad guys probably figured out as well.
-
Securing Bitcoins: Barrage of attacks undermines value
Patrick Lambert looks into the tumultuous world of Bitcoins and recent threats to the virtual currency system.
-
Software-Defined Networking: How it affects network security
SDN technology is set to rewrite the book of networking. Michael P. Kassner looks into how SDN will improve security, and where it's vulnerable.
-
DDoS strike on Spamhaus highlights need to close DNS open resolvers
Patrick Lambert breaks down the Spamhaus DDoS attack and some of the controversies that have ensued. What isn't up for debate -- fixing the open resolver flaw on DNS servers.
-
Security policies must address legal implications of BYOD
BYOD is controversial, particularly when it comes to security and privacy. Michael P. Kassner learns from an expert there is a legal can of worms as well.
-
The security implications of 420,000 vulnerable hosts
Patrick Lambert presents a case of security findings that could get its researcher jail time. Is there such as thing as a "benevolent" botnet?
-
Is uncovering digital vulnerabilities doing more harm than good?
A noted virtual-reality technologist and author views "security through obscurity" as the only true way security can exist. Michael P. Kassner looks at what this uniquely divergent viewpoint means.
-
Stolen credit reports: What you can do to protect yourself
Patrick Lambert follows up on the stolen celebrity credit reports. You don't have to be famous to be at risk. What can individuals and businesses do for protection?
-
Rootkit coders beware: Malwarebytes is in hot pursuit
Anti-malware heavy-hitter Malwarebytes is now laser-focused on eliminating rootkits. Michael P. Kassner asks the creators of MBAM how they approach this particular threat.
-
Making online payments safe from fraud: Conversion rate vs. security
Patrick Lambert looks at the vulnerable area of online payment fraud. Is there a way to make payment forms both convenient and secure?
-
Ask potential cloud vendors these 10 security questions
Dominic Vogel offers his list of ten questions you should be asking cloud vendors about their security practices. Make sure you get the proof to back up their claims.
-
CISPA pits privacy against security: A closer look at the issues
The United States Congress is once again considering a bill that could forever change how we as individuals use the internet. Michael P. Kassner looks at what those changes are.
-
How passwords can wreck your two-factor authentication
Patrick Lambert shares a friend's experience with having his iCloud and Gmail accounts compromised. Make sure you know the gaps in two-factor authentication and app-specific passwords.
-
High-tech home security products: Who are they really helping?
Easy and convenient, wireless home security will keep your home safe. Michael P. Kassner looks at why bad guys might like them as well.
-
The Chinese Domain Scam
If you have any domain names registered, you should keep an eye out for the Chinese Domain Scam, a ploy based on fear of domain-name squatting.
-
Software-Defined Networking: How it affects network security
SDN technology is set to rewrite the book of networking. Michael P. Kassner looks into how SDN will improve security, and where it's vulnerable.
-
UAB takes aim at spammers, phishers, and purveyors of malware
Birmingham, Alabama, is fast becoming a hotspot for digital crime fighting. Together, let's learn what they're doing right.
-
Buffering SSL encryption to combat today's emerging threats
Next-generation firewalls should include intrusion prevention (IPS), the ability to decrypt and inspect SSL sessions in real time, and the ability to visualize and control application traffic as it crosses the network.
-
Corporate espionage or fearmongering? The facts about hardware-level backdoors
Spying accusations against Chinese companies like Huawei have resulted in bans by US, UK, and Australian government agencies. Is there any technical merit to these charges?
-
How to choose a SIEM solution: An overview
Alfonso Barreiro offers some tips on choosing a Security Information and Event Management (SIEM) solution and addresses the question of whether you need one.
-
Apple Touch ID: Do security advantages outweigh risks?
Tom Olzak examines the security pros and cons associated with Apple's fingerprint authentication technology on the new iPhone 5s.
-
Rooting your Android phone: Balancing risk with freedom
Ask about rooting Android phones and opinions abound. So it shouldn't be a surprise that this Android Investigative Team has a few of their own.
-
Cybersecurity challenges in 2013
Dmitriv Ayrapetov describes the threats that Dell SonicWall has identified as the top challenges for companies to prepare for in 2013.
-
How to start your career as a security pro
Dominic Vogel offers some tips for getting starting in the information security field whether you're just starting out or looking to make a career change.
-
Is metadata collected by the government a threat to your privacy?
Seemingly unobtrusive digital bytes known as metadata have been vaulted to the tech media limelight. What is metadata, and why all of a sudden is it so interesting to so many?
-
KeyScrambler: How keystroke encryption works to thwart keylogging threats
If you make any kind of financial transaction online, there needs to be a keystroke-encrypting app on your computer. Find out why.
-
Use MS Security Compliance Manager to secure your Windows environment
Alfonso Barreiro recommends Microsoft's Security Compliance Manager tool to help you create and maintain security baselines using Group Policy Objects.
-
Encrypt calls on your Android device with RedPhone
Whisper Systems offers call encryption on Android with RedPhone. Chad Perrin describes how it works and where the potential security questions exist.
-
Why are websites getting your mobile-phone number?
Are mobile-service providers leaking data into traffic destined for web servers? That's what a research analyst set out to prove.