IT Security

Security bloggers help keep you up to date on how to protect your network through news, updates, advice, and opinions on how you can stay ahead of hackers.

  • Chad Perrin // July 30, 2008, 2:23 PM PST

    How does bad password policy like this even happen?

    Just when you think you've seen the worst case of bad authentication policy you'll ever see, you'll stumble across something even more surprising and unfathomable.


  • Chad Perrin // July 25, 2008, 7:39 AM PST

    Use tcpdump for traffic analysis

    The tcpdump tool is powerful and flexible, but compared with graphical tools like Wireshark its effective use may appear to be a dark art. It really isn't that difficult to use once you pick up the basics, though.


  • Chad Perrin // July 17, 2008, 3:28 AM PST

    Five good security reads

    Check out a list of five security related books Chad Perrin has read in the past year that he thinks you should read, too.


  • Chad Perrin // July 13, 2008, 10:19 AM PST

    The reason I talk about security

    Security isn't just for professionals any longer -- it's important for everyone to maintain a basic level of security awareness. Find out why.


  • Chad Perrin // July 9, 2008, 7:49 AM PST

    5 easy ways to compromise your own security

    Maybe you've effectively secured your IT resources against malicious security crackers, as much as reasonably possible. Perhaps it's even secured against "acts of God." There's always at least one more danger: that you'll accidentally compromise security yourself.


  • Tom Olzak // July 1, 2008, 9:30 PM PST

    Security Management Tip: Inspect what you expect

    Never assume your security team is focused on the same things you are. Take every opportunity to ensure they are following the path you laid out. If not, course correct, course correct, course correct...


  • Chad Perrin // July 3, 2008, 3:57 AM PST

    Google opens up RatProxy

    RatProxy, Google's own proxy-based Web vulnerability testing tool, is now available to the public under an open source license.


  • Paul Mah // July 6, 2008, 4:59 PM PST

    Security news roundup: 7-Eleven's Citibank ATMs hacked

    This week's security events includes news of the most spammed man in Britain, and a compromise involving Citibank's network of ATMs in 7-Elevens nationwide, and yet another patch Tuesday coming up -- but with no "important" updates this time round.


  • Tom Olzak // July 6, 2008, 9:00 PM PST

    Forensics: Text messaging privacy

    A recent U.S. Federal court ruling seems to prohibit employer access to employee text message content. But that's not entirely true.


  • Paul Mah // June 22, 2008, 2:21 PM PST

    AV industry sucks, says CEO of leading antivirus firm

    The chief executive of leading antivirus firm Trend Micro, has thrown down the gauntlet by declaring that the antivirus industry "sucks."


  • Tom Olzak // July 29, 2008, 9:00 PM PST

    Write information owner responsibility into policy

    The information owner is a key player in protecting sensitive data and systems. His or her role must be clearly defined in policies. However, security personnel should review information owner decisions to ensure regulatory and policy compliance.


  • Paul Mah // July 13, 2008, 4:59 PM PST

    Security news roundup: Google ordered to hand over YouTube records

    This week's security events includes news of Google being ordered to turn over YouTube records to Viacom, security updates released for Drupal CMS, and news of legal action taken by chip maker NXP against the security researchers that cracked its Mifare chip.


  • Tom Olzak // July 13, 2008, 9:00 PM PST

    Security Tools: Sun's VirtualBox

    Using Sun Microsystems' VirtualBox, Linux security tools and threat testing can be executed on a Windows platform. And the cost is right. VirtualBox is an open-source solution.


  • Tom Olzak // July 15, 2008, 9:00 PM PST

    Does IT security really need more whistle-blowers?

    The fact you disagree with management's interpretation of risk, and the security controls they refuse to implement, does not necessarily constitute corporate negligence. Weigh your options carefully if you're inclined to report your boss to an outside agency.


  • Chad Perrin // July 19, 2008, 10:13 AM PST

    Who is really to blame for the San Fran network lockout?

    A strange sort of techno-drama is playing out in the city of San Francisco, California right now. The blame for the fiasco may not be as easily assigned as it first appeared.