- Follow this blog:
- RSS
- Email Alert
IT Security
Selena Frye
TechRepublic Staff
Selena Frye
-
What my grandmother taught me about IT security
The Identity Theft Enforcement and Restitution Act of 2007 passed the Senate by unanimous consent. As is often the case in our nation's legislature, the two houses of the federal legislature --...
Posted by Chad Perrin | November 28, 2007, 12:24 AM PST | Latest comment by ben@...
-
Teach a man to fish
There's an old saying, usually attributed to Confucius, that goes something like "Give a man a fish, and you'll feed him for a day. Teach a man to fish, and you've fed him for a lifetime."...
Posted by Chad Perrin | November 25, 2007, 8:26 PM PST | Latest comment by apotheon
-
The politics of phishing
In early October of this year, Indiana University graduate student Christopher Soghoian gave a presentation in Washington, DC about the potential risks of online political contributions. While I...
Posted by Chad Perrin | November 23, 2007, 11:41 AM PST | Latest comment by apotheon
-
Mind your USB
For all the latest in expensive security software and peripherals that money can acquire, enterprises inevitably still miss some security holes. It might surprise you, but one security hole often...
Posted by Paul Mah | November 20, 2007, 7:30 PM PST | Latest comment by The Listed 'G MAN'
-
10 Wi-Fi security tips
Wireless networking can be kind of scary from a security standpoint. It opens up whole new attack vectors that were not present with wired network infrastructures. That doesn't mean you can't do...
Posted by Chad Perrin | November 19, 2007, 11:18 AM PST | Latest comment by KevinMcJ
-
Radiohead knows more than Microsoft about security
Music fans, recording artists, journalists, the RIAA, and digital rights activists have at least one thing in common right now. I'm speaking of the intense interests some people from each group...
Posted by Chad Perrin | November 17, 2007, 10:24 PM PST | Latest comment by JackOfAllTech
-
Why encryption that doesn't trust the user isn't trustworthy
In the words of Wikipedia's article on pseudorandomness at the time of this writing, "a pseudorandom process is a process that appears to be random but is not." In programming, the term...
Posted by Chad Perrin | November 15, 2007, 2:11 PM PST | Latest comment by Justin James
-
Defend your network from slow scanning
Most serious attackers aren't going to advertise their intentions by performing a broad scan -- the smartest attackers will try to come in under your detection radar. Learn why attackers prefer...
Posted by Mike Mullins | November 15, 2007, 1:01 PM PST | Latest comment by ejhonda
-
Security news roundup: November 14
Here's a collection of recent security vulnerabilities and alerts, which covers a new social-engineering trick based on YouTube, a vulnerability in the Net::HTTPS module of the Ruby Scripting...
Posted by Paul Mah | November 14, 2007, 9:58 PM PST
-
Security news roundup: November 13
Here's a collection of recent security vulnerabilities and alerts, which covers a new firmware update for the iPhone and iPod Touch, a new version of Miranda IM that fixes certain security issues,...
Posted by Paul Mah | November 13, 2007, 7:50 PM PST
-
Security news roundup: November 12
Here's a collection of recent security vulnerabilities and alerts, which covers the release of PHP 5.2.5, multiple vulnerabilities discovered in phpMyAdmin, and various security updates released...
Posted by Paul Mah | November 12, 2007, 10:01 PM PST
-
Security news roundup: November 9
Here's a collection of recent security vulnerabilities and alerts, which covers vulnerabilities discovered in Sun Solaris, the availability of official documentation from Apple on Leopard's...
Posted by Paul Mah | November 9, 2007, 11:59 PM PST
-
Security news roundup: November 8
Here's a collection of recent security vulnerabilities and alerts, which covers the availability of a hotfix and patch for vulnerabilities in Plone CMS and Xpdf respectively, and a remotely...
Posted by Paul Mah | November 8, 2007, 10:26 PM PST
-
Security news roundup: November 7
Here's a collection of recent security vulnerabilities and alerts, which covers a priviledge escalation vulnerability in Microsoft's DebugView, a buffer overflow flaw in Oracle 10g R2, and also...
Posted by Paul Mah | November 7, 2007, 10:50 PM PST
-
10 services to turn off in MS Windows XP
As I pointed out on 19 October, in point number four of the article 10 security tips for all general-purposes OSes, an important step in the process of securing your system is to shut down...
Posted by Chad Perrin | November 7, 2007, 10:02 AM PST | Latest comment by JonB2008
-
Security news roundup: November 6
Here's a collection of recent security vulnerabilities and alerts, which covers an escalation of priviledge vulnerability found in the Macrovision driver on Windows, a new release of Apple's...
Posted by Paul Mah | November 6, 2007, 10:04 PM PST
-
Security news roundup: November 5
Here's a collection of recent security vulnerabilities and alerts, which covers a local escalation of priviledge in Symantec Antivirus for Mac, vulnerabilities discovered in ACDSee, and a...
Posted by Paul Mah | November 5, 2007, 9:52 PM PST
-
Security news roundup: November 1
Here's a collection of recent security vulnerabilities and alerts, which cover a vulnerability discovered in Novell's BorderManager 3.8 Client Trust, a memory corruption vulnerability in CUPS, and...
Posted by Paul Mah | November 1, 2007, 10:38 PM PDT
-
Protect IIS log files by moving them to a secure location
Internet Information Services (IIS) continues to be a favorite target for hackers. Make their job harder by moving IIS log files to a secure remote location.
Posted by Mike Mullins | November 1, 2007, 6:24 AM PDT | Latest comment by London Freelancer
-
Security news roundup: October 31
Here's a collection of recent security vulnerabilities and alerts, which covers the release of Wordprses 2.3.1 which is a bug-fix and security release, multiple vulnerabilities in AIX, and a code...
Posted by Paul Mah | October 31, 2007, 11:59 PM PDT
-
List open ports and listening services
You should turn off any services you don't actually need so that they will not become avenues of attack for security threats. Different systems will have different services running by default,...
Posted by Chad Perrin | April 15, 2008, 8:47 PM PDT | Latest comment by jackhard
-
Hackers: From innocent curiosity to illegal activity
Researchers asked why talented youth skilled in "computerese" evolve into criminal hackers. Michael P. Kassner explains their unexpected results.
Posted by Michael Kassner | May 6, 2013, 7:59 AM PDT | Latest comment by mattohare@...
-
Cloud-service contracts and data protection: Unintended consequences
There are things your cloud-service (Facebook, Amazon, Google, Dropbox, etc.) contracts aren't telling you. Michael P. Kassner interviews an attorney concerned about what's not being said.
Posted by Michael Kassner | May 13, 2013, 11:52 AM PDT | Latest comment by Michael Kassner
-
Battling the Google Redirect virus
Consultant Bob Eisenhardt recounts his frustrating experience trying to track down and get rid of a client's search-redirect virus. Here's how he finally ditched it.
Posted by Bob Eisenhardt | January 2, 2013, 10:56 AM PST | Latest comment by Jane3344
-
DropSmack: Using Dropbox to steal files and deliver malware
Michael P. Kassner interviews a digital forensic scientist who uses Dropbox to compromise targeted networks -- something the bad guys probably figured out as well.
Posted by Michael Kassner | April 15, 2013, 7:46 AM PDT | Latest comment by Michael Kassner
-
BoxCryptor vs. DropSmack: The battle to secure Dropbox
Can DropSmack malware be stopped? Michael P. Kassner asks the creators of BoxCryptor if it is up to the task of securing the Dropbox file-synchronization service.
Posted by Michael Kassner | April 29, 2013, 10:30 AM PDT | Latest comment by Michael Kassner
-
How to spoof a MAC address
MAC address filtering for wireless networking isn't real "security". Anyone who pays any attention to current trends in wireless security at all should know that MAC filtering is less effective...
Posted by Chad Perrin | January 22, 2008, 1:28 PM PST | Latest comment by Doug Vitale
-
Aaron Swartz legacy lives on with New Yorker's Strongbox: How it works
Strongbox was Aaron Swartz's final project. Michael P. Kassner explains why The New Yorker requested a way to keep sources and their information secret.
Posted by Michael Kassner | May 20, 2013, 7:17 AM PDT | Latest comment by tylerpitchford
-
The basics of using a proxy server for privacy and security
Patrick Lambert goes over the basics of how proxy servers work and why they are used to add security and privacy.
Posted by Patrick Lambert | December 5, 2012, 6:30 AM PST | Latest comment by Tony Hopkinson
-
DDoS attack methods and how to prevent or mitigate them
Patrick Lambert covers the various methods attackers use to launch distributed denial of service attacks, and the precautions you can take to prevent or at least, mitigate these types of events.
Posted by Patrick Lambert | October 15, 2012, 11:24 AM PDT
-
Use PuTTY as a secure proxy on Windows
Last month, I wrote about using OpenSSH as a secure Web proxy on UNIX and Linux systems. This time, I'll show you how to do the same thing on Microsoft Windows using PuTTY -- probably the single...
Posted by Chad Perrin | March 10, 2008, 4:30 PM PDT | Latest comment by abaabaa
-
Security lessons from the 2013 Verizon Data Breach Report
Verizon's latest report on data breach statistics offers security pros a guide to the most persistent threats and where attention should be focused to defend against them.
Posted by Alfonso Barreiro | May 15, 2013, 6:00 AM PDT
-
Dropbox: Convenient? Absolutely, but is it secure?
A potential security lapse and possibly misleading statements are plaguing Dropbox, a hugely popular file-syncing app. What are the issues and is concern justified?
Posted by Michael Kassner | June 13, 2011, 8:03 AM PDT | Latest comment by kprivigyi@...
-
Software-Defined Networking: How it affects network security
SDN technology is set to rewrite the book of networking. Michael P. Kassner looks into how SDN will improve security, and where it's vulnerable.
Posted by Michael Kassner | April 8, 2013, 7:13 AM PDT | Latest comment by Michael Kassner
-
The future of IT security compliance: 201 CMR 17.00
Why should you be concerned about a security rule that is part of the State law of Massachusetts -- especially if you aren't in business there? Donovan Colbert explains how compliance regulations...
Posted by Donovan Colbert | April 30, 2013, 6:00 AM PDT | Latest comment by dcolbert@...
-
New McAfee patent hints at a more walled-off online world
A McAfee patent hints at content filtering at the user level in order to block sites that offer pirated content.
Posted by Patrick Lambert | May 3, 2013, 9:00 AM PDT | Latest comment by public_domain
-
Understanding what motivates Chinese hackers
Michael P. Kassner, with the help of a noted academic and author, looks at what motivates Chinese hackers. It may not be what you think.
Posted by Michael Kassner | April 22, 2013, 10:16 AM PDT | Latest comment by HAL 9000
-
Hacker vs. cracker
The word "hacker" gets used in a pejorative sense by journalists an awful lot. Some people think this is perfectly reasonable; others find it offensive, and recommend an alternative term for that...
Posted by Chad Perrin | April 17, 2009, 1:20 PM PDT | Latest comment by wizard57m-cnet
-
10 services to turn off in MS Windows XP
As I pointed out on 19 October, in point number four of the article 10 security tips for all general-purposes OSes, an important step in the process of securing your system is to shut down...
Posted by Chad Perrin | November 7, 2007, 10:02 AM PST | Latest comment by JonB2008
-
The CIA Triad
The CIA Triad is a venerable, well-known model for security policy development, used to identify problem areas and necessary solutions for information security. Read on for an introduction to the...
Posted by Chad Perrin | June 30, 2008, 3:13 PM PDT | Latest comment by white house
