IT Security

Archive: 09-2011

• Companies change their Terms of Service to limit their liability against hacks

  Patrick Lambert points out the changes to Terms of Service that big companies like Sony enacted after its hacking fiasco to limit their liability.

  Posted by Patrick Lambert | September 28, 2011, 8:01 AM PDT

• A log review process for detecting security incidents

  Alfonso Barreiro details the requirements for implementing a log review process that will help your organization detect and respond to security incidents more promptly.

  Posted by Alfonso Barreiro | September 26, 2011, 9:00 AM PDT

• Google hacking: It's all about the dorks

  Google Search shows no bias. It will help anyone find anything, including vulnerable Internet-connected devices. You just need to know what to ask.

  Posted by Michael Kassner | September 26, 2011, 7:04 AM PDT

• How the TOR Project defeated Iran filters inside 24 hours

  When Iran detected and shut down TOR connections recently, the project’s developers reacted quickly to defeat Iran’s filters and enable Iran’s users to continue to protect their...

  Posted by Patrick Lambert | September 21, 2011, 9:48 AM PDT

• Online anonymity: Balancing the needs to protect privacy and prevent cybercrime

  It’s no coincidence that the name of one of today’s most notorious groups of criminal hackers is “Anonymous.” Whether you agree or disagree with their philosophies and...

  Posted by Deb Shinder | September 20, 2011, 9:00 AM PDT

• Android security apps playing catch-up to malcode

  There are numerous reviews about Android security apps. But, Michael Kassner does not remember any mention of actual testing. Why is that?

  Posted by Michael Kassner | September 19, 2011, 8:13 AM PDT

• Detect and mitigate a DDoS attack against your DNS server

  John Joyner recently observed a real-world DDoS attack against an on-site DNS server. Here’s how you can protect yourself against these types of attacks or at least mitigate the threat.

  Posted by John Joyner | September 19, 2011, 6:00 AM PDT

• Don't leak service and version info to would-be hackers: How to hide it

  Christopher Patterson shows an easy tweak that removes some of the information potential hackers are looking for in order to try to gain access to your systems.

  Posted by Christopher Patterson | September 15, 2011, 7:00 AM PDT

• Compromised certificate authorities: How to protect yourself

  Patrick Lambert looks at certificate authority hacks like the most recent DigiNotar exploit and suggests several ways to protect your organization from compromised CAs.

  Posted by Patrick Lambert | September 13, 2011, 7:52 AM PDT

• Morto: Not your average creepy-crawly worm

  As malware goes, Morto has something new to offer. It’s conversant in DNS-speak. Michael Kassner describes how it works.

  Posted by Michael Kassner | September 12, 2011, 6:59 AM PDT