- Follow this blog:
- RSS
- Email Alert
IT Security
Selena Frye
TechRepublic Staff
Selena Frye
-
Transform your security awareness programs: Focus on people and risk management
Dominic Vogel points out that security pros need an attitude adjustment about how to approach security awareness in their organizations. Here's his advice for making security relevant to all.
Posted by Dominic Vogel | October 10, 2011, 1:43 PM PDT
-
Identity theft ring maxes out: Biggest bust in U.S. history
Law enforcement scored a big win recently, busting up an identity theft ring involving more than 100 people.
Posted by Kara Reeder | October 10, 2011, 10:11 AM PDT | Latest comment by JCitizen
-
Digital forensics: The science behind 'who done it'
Forensics comes of the Latin word "forens" -- "belonging to the public". Michael Kassner decided to find out what that means in the digital world.
Posted by Michael Kassner | October 10, 2011, 6:36 AM PDT | Latest comment by Michael Kassner
-
Survey shows upper management weak on understanding security issues
Patrick Lambert takes a look at a recent McAfee survey that concluded that many in upper management have a poor understanding of their organization's own security policies.
Posted by Patrick Lambert | October 6, 2011, 9:44 AM PDT
-
Endpoint security solutions: What you should consider when comparing vendors
Dominic Vogel identifies several key areas to evaluate when your organization is comparing solutions for an endpoint protection suite.
Posted by Dominic Vogel | October 3, 2011, 9:00 AM PDT | Latest comment by robo_dev
-
Proving it's hard to prevent stupid: Military medical records stolen from car
The records of military service members were stolen through sheer carelessness. Read Bob Eisenhardt's sobering take on the data security lapses committed in this major breach.
Posted by Bob Eisenhardt | October 3, 2011, 8:32 AM PDT | Latest comment by SHOCK77777
-
Why isn't everyone hacked every day?
Trouble befalls only a fraction of all who ply the Internet. Why is that? Michael Kassner explores the answer with a security researcher.
Posted by Michael Kassner | October 3, 2011, 7:44 AM PDT | Latest comment by apotheon
-
Companies change their Terms of Service to limit their liability against hacks
Patrick Lambert points out the changes to Terms of Service that big companies like Sony enacted after its hacking fiasco to limit their liability.
Posted by Patrick Lambert | September 28, 2011, 8:01 AM PDT | Latest comment by SilentWolf
-
A log review process for detecting security incidents
Alfonso Barreiro details the requirements for implementing a log review process that will help your organization detect and respond to security incidents more promptly.
Posted by Alfonso Barreiro | September 26, 2011, 9:00 AM PDT
-
Google hacking: It's all about the dorks
Google Search shows no bias. It will help anyone find anything, including vulnerable Internet-connected devices. You just need to know what to ask.
Posted by Michael Kassner | September 26, 2011, 7:04 AM PDT | Latest comment by AnsuGisalas
-
How the TOR Project defeated Iran filters inside 24 hours
When Iran detected and shut down TOR connections recently, the project's developers reacted quickly to defeat Iran's filters and enable Iran's users to continue to protect their identities.
Posted by Patrick Lambert | September 21, 2011, 9:48 AM PDT | Latest comment by Doug Vitale
-
Online anonymity: Balancing the needs to protect privacy and prevent cybercrime
It's no coincidence that the name of one of today's most notorious groups of criminal hackers is "Anonymous." Whether you agree or disagree with their philosophies and agenda and the positions...
Posted by Deb Shinder | September 20, 2011, 9:00 AM PDT | Latest comment by apotheon
-
Android security apps playing catch-up to malcode
There are numerous reviews about Android security apps. But, Michael Kassner does not remember any mention of actual testing. Why is that?
Posted by Michael Kassner | September 19, 2011, 8:13 AM PDT | Latest comment by bestquality1111
-
Detect and mitigate a DDoS attack against your DNS server
John Joyner recently observed a real-world DDoS attack against an on-site DNS server. Here's how you can protect yourself against these types of attacks or at least mitigate the threat.
Posted by John Joyner | September 19, 2011, 6:00 AM PDT | Latest comment by Jufflan
-
Don't leak service and version info to would-be hackers: How to hide it
Christopher Patterson shows an easy tweak that removes some of the information potential hackers are looking for in order to try to gain access to your systems.
Posted by Christopher Patterson | September 15, 2011, 7:00 AM PDT | Latest comment by JCitizen
-
Compromised certificate authorities: How to protect yourself
Patrick Lambert looks at certificate authority hacks like the most recent DigiNotar exploit and suggests several ways to protect your organization from compromised CAs.
Posted by Patrick Lambert | September 13, 2011, 7:52 AM PDT | Latest comment by apotheon
-
Morto: Not your average creepy-crawly worm
As malware goes, Morto has something new to offer. It's conversant in DNS-speak. Michael Kassner describes how it works.
Posted by Michael Kassner | September 12, 2011, 6:59 AM PDT | Latest comment by ejhonda
-
How to track down malware from your firewall with basic tools
Alfonso Barreiro covers the basics of detecting a malware threat and investigating it with freely available tools like netstat and procmon. Here is an example of the process.
Posted by Alfonso Barreiro | September 12, 2011, 6:00 AM PDT | Latest comment by leo8888
-
Don't get stung by SQL Injection attacks
SQL Injection is no new arrival on the scene, yet high-profile attacks still occur. Alfonso Barreiro lists the basic measures to take to help mitigate the threat.
Posted by Alfonso Barreiro | September 6, 2011, 12:48 PM PDT | Latest comment by DLClark
-
Search-query hijacks and redirection: What you need to know
Do you trust the results returned from your chosen search engine? Michael Kassner looks into search engine hijacking and redirection.
Posted by Michael Kassner | September 6, 2011, 6:12 AM PDT | Latest comment by JCitizen
-
DropSmack: Using Dropbox to steal files and deliver malware
Michael P. Kassner interviews a digital forensic scientist who uses Dropbox to compromise targeted networks -- something the bad guys probably figured out as well.
Posted by Michael Kassner | April 15, 2013, 7:46 AM PDT | Latest comment by Michael Kassner
-
List open ports and listening services
You should turn off any services you don't actually need so that they will not become avenues of attack for security threats. Different systems will have different services running by default,...
Posted by Chad Perrin | April 15, 2008, 8:47 PM PDT | Latest comment by jackhard
-
Hackers: From innocent curiosity to illegal activity
Researchers asked why talented youth skilled in "computerese" evolve into criminal hackers. Michael P. Kassner explains their unexpected results.
Posted by Michael Kassner | May 6, 2013, 7:59 AM PDT | Latest comment by mattohare@...
-
Cloud-service contracts and data protection: Unintended consequences
There are things your cloud-service (Facebook, Amazon, Google, Dropbox, etc.) contracts aren't telling you. Michael P. Kassner interviews an attorney concerned about what's not being said.
Posted by Michael Kassner | May 13, 2013, 11:52 AM PDT | Latest comment by Michael Kassner
-
Battling the Google Redirect virus
Consultant Bob Eisenhardt recounts his frustrating experience trying to track down and get rid of a client's search-redirect virus. Here's how he finally ditched it.
Posted by Bob Eisenhardt | January 2, 2013, 10:56 AM PST | Latest comment by Jane3344
-
Understanding what motivates Chinese hackers
Michael P. Kassner, with the help of a noted academic and author, looks at what motivates Chinese hackers. It may not be what you think.
Posted by Michael Kassner | April 22, 2013, 10:16 AM PDT | Latest comment by HAL 9000
-
BoxCryptor vs. DropSmack: The battle to secure Dropbox
Can DropSmack malware be stopped? Michael P. Kassner asks the creators of BoxCryptor if it is up to the task of securing the Dropbox file-synchronization service.
Posted by Michael Kassner | April 29, 2013, 10:30 AM PDT | Latest comment by Michael Kassner
-
How to spoof a MAC address
MAC address filtering for wireless networking isn't real "security". Anyone who pays any attention to current trends in wireless security at all should know that MAC filtering is less effective...
Posted by Chad Perrin | January 22, 2008, 1:28 PM PST | Latest comment by Doug Vitale
-
Running the gauntlet: Tips for achieving your CISSP
One of the most highly regarded security certifications is the CISSP. Dominic Vogel offers these nine tips for becoming certified based on his own experience.
Posted by Dominic Vogel | April 23, 2013, 5:30 AM PDT | Latest comment by JCitizen
-
The basics of using a proxy server for privacy and security
Patrick Lambert goes over the basics of how proxy servers work and why they are used to add security and privacy.
Posted by Patrick Lambert | December 5, 2012, 6:30 AM PST | Latest comment by Tony Hopkinson
-
DDoS attack methods and how to prevent or mitigate them
Patrick Lambert covers the various methods attackers use to launch distributed denial of service attacks, and the precautions you can take to prevent or at least, mitigate these types of events.
Posted by Patrick Lambert | October 15, 2012, 11:24 AM PDT
-
Software-Defined Networking: How it affects network security
SDN technology is set to rewrite the book of networking. Michael P. Kassner looks into how SDN will improve security, and where it's vulnerable.
Posted by Michael Kassner | April 8, 2013, 7:13 AM PDT | Latest comment by Michael Kassner
-
Dropbox: Convenient? Absolutely, but is it secure?
A potential security lapse and possibly misleading statements are plaguing Dropbox, a hugely popular file-syncing app. What are the issues and is concern justified?
Posted by Michael Kassner | June 13, 2011, 8:03 AM PDT | Latest comment by kprivigyi@...
-
Use PuTTY as a secure proxy on Windows
Last month, I wrote about using OpenSSH as a secure Web proxy on UNIX and Linux systems. This time, I'll show you how to do the same thing on Microsoft Windows using PuTTY -- probably the single...
Posted by Chad Perrin | March 10, 2008, 4:30 PM PDT | Latest comment by abaabaa
-
The future of IT security compliance: 201 CMR 17.00
Why should you be concerned about a security rule that is part of the State law of Massachusetts -- especially if you aren't in business there? Donovan Colbert explains how compliance regulations...
Posted by Donovan Colbert | April 30, 2013, 6:00 AM PDT | Latest comment by dcolbert@...
-
Hacker vs. cracker
The word "hacker" gets used in a pejorative sense by journalists an awful lot. Some people think this is perfectly reasonable; others find it offensive, and recommend an alternative term for that...
Posted by Chad Perrin | April 17, 2009, 1:20 PM PDT | Latest comment by wizard57m-cnet
-
New McAfee patent hints at a more walled-off online world
A McAfee patent hints at content filtering at the user level in order to block sites that offer pirated content.
Posted by Patrick Lambert | May 3, 2013, 9:00 AM PDT | Latest comment by public_domain
-
10 services to turn off in MS Windows XP
As I pointed out on 19 October, in point number four of the article 10 security tips for all general-purposes OSes, an important step in the process of securing your system is to shut down...
Posted by Chad Perrin | November 7, 2007, 10:02 AM PST | Latest comment by JonB2008
-
The FBI locked your computer? Watch out for new spins on ransomware
The FBI locks your computer. Can they do that? Or is it fake? How does one know? Michael Kassner asks an expert for help with the latest forms of ransomware.
Posted by Michael Kassner | November 15, 2012, 7:18 AM PST | Latest comment by JCitizen
-
The CIA Triad
The CIA Triad is a venerable, well-known model for security policy development, used to identify problem areas and necessary solutions for information security. Read on for an introduction to the...
Posted by Chad Perrin | June 30, 2008, 3:13 PM PDT | Latest comment by white house
