Follow this blog:: RSS; Email Alert

IT Security

Selena Frye

TechRepublic Staff

TechRepublic

Contact
Bio

Newest
Hottest

3

SpyEye banking malware learns to cover its tracks

SpyEye banking malware has added a new feature to its arsenal that takes advantage of "paperless" statements by hiding the fact that your bank account has been compromised.

Posted by Kara Reeder | January 9, 2012, 12:30 PM PST | Latest comment by JCitizen
7

2012: The year of cyber-espionage?

Kara Reeder highlights some of the reports that are warning about the rising threat of cyber-espionage exploits in 2012.

Posted by Kara Reeder | January 9, 2012, 8:13 AM PST | Latest comment by JCitizen
72

Beware of QR codes

QR codes are a disruptive technology. Find out why bad guys are happy about that.

Posted by Michael Kassner | January 9, 2012, 6:58 AM PST | Latest comment by joinakimbra
1

Six information security lessons from 2011

Alfonso Barreiro lists the most important security lessons from 2011 that the security-conscious should heed in order to plan accordingly for 2012.

Posted by Alfonso Barreiro | January 6, 2012, 1:00 PM PST

5

Controlling your network using Network Access Control

Alfonso Barreiro looks at the various methods of implementing network access control (NAC) in order to keep unauthorized and non-compliant devices off your network.

Posted by Alfonso Barreiro | January 3, 2012, 6:00 AM PST | Latest comment by wcb111@...
24

Android OS: Malicious apps can steal permissions

It's common knowledge that Android has issues with permission leaks, albeit minor ones. However, Michael Kassner finds that this issue with third-party apps still has the potential to do a lot of...

Posted by Michael Kassner | January 2, 2012, 5:50 PM PST | Latest comment by Michael Kassner
17

Carrier IQ's MSIP: Spyware according to some

Carrier IQ's MSIP client is on millions of smart phones. More than a few people are wondering why, and what to do about it.

Posted by Michael Kassner | December 26, 2011, 7:12 AM PST | Latest comment by BALTHOR
1

Top 10 IT Security posts of 2011

Here are the topics that made the Top 10 list of most-read security posts in 2011.

Posted by Selena Frye | December 22, 2011, 9:00 AM PST
23

Selling or donating equipment? Don't forget to wipe it clean

Patrick Lambert reminds IT pros about the importance of securely wiping hard disks clean, especially if you're in the process of disposing, selling, or donating old computers and other devices.

Posted by Patrick Lambert | December 20, 2011, 10:25 AM PST | Latest comment by Doug Vitale
5

REMnux: Reverse-engineering malware

"Know thy enemy" is a well-worn phrase. No matter; the saying is germane when it comes to malicious code. Michael Kassner looks at a toolkit that reverse-engineers malware.

Posted by Michael Kassner | December 19, 2011, 8:03 AM PST | Latest comment by Michael Kassner
3

Bitdefender's cloud-based security tools worth investigating for SMBs

Steven Trippe describes Bitdefender's cloud security services and points out issues to consider for SMBs weighing security solutions.

Posted by Steven Trippe | December 19, 2011, 6:00 AM PST | Latest comment by LigiaAdam
9

A look into Microsoft Security Essentials 2012

Scott Lowe takes a detailed view into the Microsoft Security Essentials latest build, still in beta, noting some of the changes and performing some basic testing.

Posted by Scott Lowe | December 14, 2011, 6:00 AM PST | Latest comment by arion30
6

Email fraud threatens even the savviest users: Don't get complacent

Email-based cybercrime continues to thrive, but even the savviest users might fall for a clever scheme. Deb Shinder offers tips to help you and your users remain vigilant.

Posted by Deb Shinder | December 12, 2011, 12:00 PM PST | Latest comment by blaineclrk
1

Warn users of Yahoo Instant Messenger security risk

BitDefender researchers discovered a Yahoo! Messenger flaw that could be exploited to send users to malicious spam links. Make sure your users are aware of the threat.

Posted by Kara Reeder | December 12, 2011, 8:57 AM PST
26

DNSCrypt: Encrypting DNS communications, simply

Numerous are the ways DNS can be subverted -- one of which, OpenDNS is trying to fix. Michael Kassner investigates this solution.

Posted by Michael Kassner | December 12, 2011, 7:20 AM PST | Latest comment by JCitizen
7

Implementing multi-factor authentication: What to consider

Alfonso Barreiro points out the main issues you'll have to consider when implementing multi-factor authentication. These solutions can strengthen security, but only if you design them effectively.

Posted by Alfonso Barreiro | December 6, 2011, 7:30 AM PST | Latest comment by multifactorguru
1

Infographic: Holiday shopping security tips

Online shopping spikes in November and December. Remind your users, friends, and family to be vigilant by sharing this infographic of holiday shopping security tips.

Posted by Selena Frye | December 5, 2011, 8:56 AM PST
23

Android apps and advertising: A bit too cozy

Did you know marketing companies supplying ads to Android apps are privy to the same user information supplied to the app developer?

Posted by Michael Kassner | December 5, 2011, 8:12 AM PST | Latest comment by Michael Kassner
14

Carrier IQ snooping: Another good reason to root your phone

Get the basics on the Carrier IQ snooping software that has privacy-minded people up in arms and watch researcher Trevor Eckhart's video illustrating his findings.

Posted by Selena Frye | December 1, 2011, 2:34 PM PST | Latest comment by kfields
76

Next Generation Firewalls: It's all about tuples

Next-generation firewalls have been around for several years, but garnered little interest. That's changing as first-generation firewalls aren't keeping up.

Posted by Michael Kassner | November 28, 2011, 11:23 AM PST | Latest comment by JCitizen

Page 11 of 56

2

List open ports and listening services

You should turn off any services you don't actually need so that they will not become avenues of attack for security threats. Different systems will have different services running by default,...

Posted by Chad Perrin | April 15, 2008, 8:47 PM PDT | Latest comment by jackhard
151

Hackers: From innocent curiosity to illegal activity

Researchers asked why talented youth skilled in "computerese" evolve into criminal hackers. Michael P. Kassner explains their unexpected results.

Posted by Michael Kassner | May 6, 2013, 7:59 AM PDT | Latest comment by mattohare@...
36

Cloud-service contracts and data protection: Unintended consequences

There are things your cloud-service (Facebook, Amazon, Google, Dropbox, etc.) contracts aren't telling you. Michael P. Kassner interviews an attorney concerned about what's not being said.

Posted by Michael Kassner | May 13, 2013, 11:52 AM PDT | Latest comment by Michael Kassner
103

DropSmack: Using Dropbox to steal files and deliver malware

Michael P. Kassner interviews a digital forensic scientist who uses Dropbox to compromise targeted networks -- something the bad guys probably figured out as well.

Posted by Michael Kassner | April 15, 2013, 7:46 AM PDT | Latest comment by Michael Kassner

36

Battling the Google Redirect virus

Consultant Bob Eisenhardt recounts his frustrating experience trying to track down and get rid of a client's search-redirect virus. Here's how he finally ditched it.

Posted by Bob Eisenhardt | January 2, 2013, 10:56 AM PST | Latest comment by Jane3344
36

Understanding what motivates Chinese hackers

Michael P. Kassner, with the help of a noted academic and author, looks at what motivates Chinese hackers. It may not be what you think.

Posted by Michael Kassner | April 22, 2013, 10:16 AM PDT | Latest comment by HAL 9000
15

BoxCryptor vs. DropSmack: The battle to secure Dropbox

Can DropSmack malware be stopped? Michael P. Kassner asks the creators of BoxCryptor if it is up to the task of securing the Dropbox file-synchronization service.

Posted by Michael Kassner | April 29, 2013, 10:30 AM PDT | Latest comment by Michael Kassner
63

How to spoof a MAC address

MAC address filtering for wireless networking isn't real "security". Anyone who pays any attention to current trends in wireless security at all should know that MAC filtering is less effective...

Posted by Chad Perrin | January 22, 2008, 1:28 PM PST | Latest comment by Doug Vitale
3

Running the gauntlet: Tips for achieving your CISSP

One of the most highly regarded security certifications is the CISSP. Dominic Vogel offers these nine tips for becoming certified based on his own experience.

Posted by Dominic Vogel | April 23, 2013, 5:30 AM PDT | Latest comment by JCitizen
10

The basics of using a proxy server for privacy and security

Patrick Lambert goes over the basics of how proxy servers work and why they are used to add security and privacy.

Posted by Patrick Lambert | December 5, 2012, 6:30 AM PST | Latest comment by Tony Hopkinson
8

Aaron Swartz legacy lives on with New Yorker's Strongbox: How it works

Strongbox was Aaron Swartz's final project. Michael P. Kassner explains why The New Yorker requested a way to keep sources and their information secret.

Posted by Michael Kassner | May 20, 2013, 7:17 AM PDT | Latest comment by tylerpitchford
0

DDoS attack methods and how to prevent or mitigate them

Patrick Lambert covers the various methods attackers use to launch distributed denial of service attacks, and the precautions you can take to prevent or at least, mitigate these types of events.

Posted by Patrick Lambert | October 15, 2012, 11:24 AM PDT
21

Software-Defined Networking: How it affects network security

SDN technology is set to rewrite the book of networking. Michael P. Kassner looks into how SDN will improve security, and where it's vulnerable.

Posted by Michael Kassner | April 8, 2013, 7:13 AM PDT | Latest comment by Michael Kassner
67

Use PuTTY as a secure proxy on Windows

Last month, I wrote about using OpenSSH as a secure Web proxy on UNIX and Linux systems. This time, I'll show you how to do the same thing on Microsoft Windows using PuTTY -- probably the single...

Posted by Chad Perrin | March 10, 2008, 4:30 PM PDT | Latest comment by abaabaa
64

Dropbox: Convenient? Absolutely, but is it secure?

A potential security lapse and possibly misleading statements are plaguing Dropbox, a hugely popular file-syncing app. What are the issues and is concern justified?

Posted by Michael Kassner | June 13, 2011, 8:03 AM PDT | Latest comment by kprivigyi@...
0

Security lessons from the 2013 Verizon Data Breach Report

Verizon's latest report on data breach statistics offers security pros a guide to the most persistent threats and where attention should be focused to defend against them.

Posted by Alfonso Barreiro | May 15, 2013, 6:00 AM PDT
5

The future of IT security compliance: 201 CMR 17.00

Why should you be concerned about a security rule that is part of the State law of Massachusetts -- especially if you aren't in business there? Donovan Colbert explains how compliance regulations...

Posted by Donovan Colbert | April 30, 2013, 6:00 AM PDT | Latest comment by dcolbert@...
101

Hacker vs. cracker

The word "hacker" gets used in a pejorative sense by journalists an awful lot. Some people think this is perfectly reasonable; others find it offensive, and recommend an alternative term for that...

Posted by Chad Perrin | April 17, 2009, 1:20 PM PDT | Latest comment by wizard57m-cnet
9

New McAfee patent hints at a more walled-off online world

A McAfee patent hints at content filtering at the user level in order to block sites that offer pirated content.

Posted by Patrick Lambert | May 3, 2013, 9:00 AM PDT | Latest comment by public_domain
74

10 services to turn off in MS Windows XP

As I pointed out on 19 October, in point number four of the article 10 security tips for all general-purposes OSes, an important step in the process of securing your system is to shut down...

Posted by Chad Perrin | November 7, 2007, 10:02 AM PST | Latest comment by JonB2008