- Follow this blog:
- RSS
- Email Alert
IT Security
Selena Frye
TechRepublic Staff
Selena Frye
-
Protect SSH from brute force password-cracking attacks
In the midst of ensuring you don't have any unnecessary services running while securing a Unix-like system from outside attacks -- whether a proprietary UNIX system, a free BSD Unix system, or a...
Posted by Chad Perrin | October 30, 2007, 7:56 PM PDT | Latest comment by TG2
-
Security news roundup: October 30
Here's a collection of recent security vulnerabilities and alerts, which covers serious vulnerabilities found in Symantec Mail Security, the availability of TikiWiki 1.9.8.3 which resolves a...
Posted by Paul Mah | October 30, 2007, 10:11 AM PDT
-
Security news roundup: October 29
Here's a collection of recent security vulnerabilities and alerts, which covers the automatic installation of Windows Desktop Search on client PCs by WSUS in certain cases, and multiple...
Posted by Paul Mah | October 29, 2007, 12:01 AM PDT
-
Automating shutdown when your OS doesn't support your UPS
In the article, "Protect your computer and your data with a UPS," I made reference to the importance of protecting against file system corruption when the power goes out. If you leave computers...
Posted by Chad Perrin | October 28, 2007, 3:15 PM PDT | Latest comment by gjohnson@...
-
Security news roundup: October 26
Here's a collection of recent security vulnerabilities and alerts, which covers a new version of Apache Tomcat, a local privilege escalation in Trend Micro anti-virus products, and six new flaws...
Posted by Paul Mah | October 26, 2007, 9:04 PM PDT
-
Security news roundup: October 25
Here's a collection of recent security vulnerabilities and alerts, which covers vulnerabilities reported in components of HP OpenView, flaws in XScreenSaver locked screen functionality, and a...
Posted by Paul Mah | October 25, 2007, 10:59 PM PDT
-
A little more about passwords
By now, you've probably heard about ElcomSoft's patent application for a procedure used to crack passwords 25 times as fast using a GPU instead of a CPU. The parallelization that goes on in the...
Posted by Chad Perrin | October 25, 2007, 10:51 AM PDT | Latest comment by Jaqui
-
Eight daily steps to a more secure network
While many companies have a 9-to-5 security staff, hackers don't punch a clock. However, your network can still remain secure in the 16 hours in-between -- you just need to focus activities to...
Posted by Mike Mullins | October 25, 2007, 5:13 AM PDT | Latest comment by cd613@...
-
Security news roundup: October 24
Here's a collection of recent security vulnerabilities and alerts, which include vulnerabilities discovered in Lotus Notes and Domino as well as multiple SQL-injection vulnerabilities discovered...
Posted by Paul Mah | October 24, 2007, 10:51 PM PDT
-
Online World Series ticket sales hit by DoS attack
The most sought-after sports ticket in Colorado is for one of the three World Series games scheduled to be played at Coors Field, home to the hottest team in baseball, the Colorado Rockies. Upward...
Posted by Joseph Rosberg | October 24, 2007, 9:49 AM PDT | Latest comment by epasskv@...
-
Security news roundup: October 23
Here's a collection of recent security vulnerabilities and alerts, which include cross-platform flaws discovered in the Java Runtime Environment, vulnerabilities discovered in Thunderbird in...
Posted by Paul Mah | October 23, 2007, 10:43 PM PDT
-
Security news roundup: October 22
Here's a collection of recent security vulnerabilities and alerts, which include updates that address vulnerabilities found for Adobe Reader, Acrobat, and RealPlayer, the resurfacing of zlib...
Posted by Paul Mah | October 22, 2007, 11:00 PM PDT
-
10 security tips for all general-purpose OSes
There are key considerations for system security that apply no matter which general-purpose operating system platform you happen to be using. You should always consider the following precautions...
Posted by Chad Perrin | October 19, 2007, 11:42 AM PDT | Latest comment by Robbi_IA
-
Security news roundup: October 19
Here's a collection of recent security vulnerabilities and alerts, which include new versions of Miranda and Firefox which fix a number of security vulnerabilities as well as news of multiple...
Posted by Paul Mah | October 19, 2007, 8:28 AM PDT
-
Protect corporate data with these physical security precautions
Not all attacks on your organization's data come across the network. Once someone gains physical access to your data, you become vulnerable to further attacks, not to mention a lot of bad...
Posted by Mike Mullins | October 18, 2007, 2:13 PM PDT | Latest comment by jeenasmith
-
Security news roundup: October 18
Here is a collection of recent security vulnerabilities and alerts, which include the Opera browser, various vulnerabilities across multiple Avaya products, and a buffer overflow in the popular...
Posted by Paul Mah | October 18, 2007, 10:22 AM PDT
-
Protect your computer and your data with a UPS
One of the most important gadgets in the security arsenal -- and one of the most often overlooked as a tool for security -- is the uninterruptible power supply (UPS). A good UPS isn't just a...
Posted by Chad Perrin | October 17, 2007, 1:26 PM PDT | Latest comment by alexisgarcia72@...
-
Multiple vulnerabilities discovered in Sun Java WebStart
Multiple local file-access and information-disclosure vulnerabilities have been discovered in Sun Java WebStart. Multiple versions of Java and platforms, including Windows, Linux and Solaris are...
Posted by Paul Mah | October 15, 2007, 4:47 AM PDT
-
Vulnerabilities reported in SUSE Linux Enterprise Server, SUSE kernel
A vulnerability which could be exploited to cause a Denial of Service has been reported in SUSE Linux Enterprise Server. SUSE has also released an update for various vulnerabilities found in the...
Posted by Paul Mah | October 15, 2007, 12:01 AM PDT
-
OpenBSD DHCP vulnerability fixed
A vulnerability in the OpenBSD's DHCP has been patched. This vulnerability could allow attackers on the local network to successfully launch a Denial-of-Service attack.
Posted by Paul Mah | October 13, 2007, 8:55 PM PDT
-
List open ports and listening services
You should turn off any services you don't actually need so that they will not become avenues of attack for security threats. Different systems will have different services running by default,...
Posted by Chad Perrin | April 15, 2008, 8:47 PM PDT | Latest comment by jackhard
-
Hackers: From innocent curiosity to illegal activity
Researchers asked why talented youth skilled in "computerese" evolve into criminal hackers. Michael P. Kassner explains their unexpected results.
Posted by Michael Kassner | May 6, 2013, 7:59 AM PDT | Latest comment by mattohare@...
-
DropSmack: Using Dropbox to steal files and deliver malware
Michael P. Kassner interviews a digital forensic scientist who uses Dropbox to compromise targeted networks -- something the bad guys probably figured out as well.
Posted by Michael Kassner | April 15, 2013, 7:46 AM PDT | Latest comment by Michael Kassner
-
Cloud-service contracts and data protection: Unintended consequences
There are things your cloud-service (Facebook, Amazon, Google, Dropbox, etc.) contracts aren't telling you. Michael P. Kassner interviews an attorney concerned about what's not being said.
Posted by Michael Kassner | May 13, 2013, 11:52 AM PDT | Latest comment by Michael Kassner
-
Battling the Google Redirect virus
Consultant Bob Eisenhardt recounts his frustrating experience trying to track down and get rid of a client's search-redirect virus. Here's how he finally ditched it.
Posted by Bob Eisenhardt | January 2, 2013, 10:56 AM PST | Latest comment by Jane3344
-
Understanding what motivates Chinese hackers
Michael P. Kassner, with the help of a noted academic and author, looks at what motivates Chinese hackers. It may not be what you think.
Posted by Michael Kassner | April 22, 2013, 10:16 AM PDT | Latest comment by HAL 9000
-
BoxCryptor vs. DropSmack: The battle to secure Dropbox
Can DropSmack malware be stopped? Michael P. Kassner asks the creators of BoxCryptor if it is up to the task of securing the Dropbox file-synchronization service.
Posted by Michael Kassner | April 29, 2013, 10:30 AM PDT | Latest comment by Michael Kassner
-
How to spoof a MAC address
MAC address filtering for wireless networking isn't real "security". Anyone who pays any attention to current trends in wireless security at all should know that MAC filtering is less effective...
Posted by Chad Perrin | January 22, 2008, 1:28 PM PST | Latest comment by Doug Vitale
-
Running the gauntlet: Tips for achieving your CISSP
One of the most highly regarded security certifications is the CISSP. Dominic Vogel offers these nine tips for becoming certified based on his own experience.
Posted by Dominic Vogel | April 23, 2013, 5:30 AM PDT | Latest comment by JCitizen
-
The basics of using a proxy server for privacy and security
Patrick Lambert goes over the basics of how proxy servers work and why they are used to add security and privacy.
Posted by Patrick Lambert | December 5, 2012, 6:30 AM PST | Latest comment by Tony Hopkinson
-
DDoS attack methods and how to prevent or mitigate them
Patrick Lambert covers the various methods attackers use to launch distributed denial of service attacks, and the precautions you can take to prevent or at least, mitigate these types of events.
Posted by Patrick Lambert | October 15, 2012, 11:24 AM PDT
-
Aaron Swartz legacy lives on with New Yorker's Strongbox: How it works
Strongbox was Aaron Swartz's final project. Michael P. Kassner explains why The New Yorker requested a way to keep sources and their information secret.
Posted by Michael Kassner | May 20, 2013, 7:17 AM PDT | Latest comment by tylerpitchford
-
Software-Defined Networking: How it affects network security
SDN technology is set to rewrite the book of networking. Michael P. Kassner looks into how SDN will improve security, and where it's vulnerable.
Posted by Michael Kassner | April 8, 2013, 7:13 AM PDT | Latest comment by Michael Kassner
-
Use PuTTY as a secure proxy on Windows
Last month, I wrote about using OpenSSH as a secure Web proxy on UNIX and Linux systems. This time, I'll show you how to do the same thing on Microsoft Windows using PuTTY -- probably the single...
Posted by Chad Perrin | March 10, 2008, 4:30 PM PDT | Latest comment by abaabaa
-
Dropbox: Convenient? Absolutely, but is it secure?
A potential security lapse and possibly misleading statements are plaguing Dropbox, a hugely popular file-syncing app. What are the issues and is concern justified?
Posted by Michael Kassner | June 13, 2011, 8:03 AM PDT | Latest comment by kprivigyi@...
-
The future of IT security compliance: 201 CMR 17.00
Why should you be concerned about a security rule that is part of the State law of Massachusetts -- especially if you aren't in business there? Donovan Colbert explains how compliance regulations...
Posted by Donovan Colbert | April 30, 2013, 6:00 AM PDT | Latest comment by dcolbert@...
-
Security lessons from the 2013 Verizon Data Breach Report
Verizon's latest report on data breach statistics offers security pros a guide to the most persistent threats and where attention should be focused to defend against them.
Posted by Alfonso Barreiro | May 15, 2013, 6:00 AM PDT
-
Hacker vs. cracker
The word "hacker" gets used in a pejorative sense by journalists an awful lot. Some people think this is perfectly reasonable; others find it offensive, and recommend an alternative term for that...
Posted by Chad Perrin | April 17, 2009, 1:20 PM PDT | Latest comment by wizard57m-cnet
-
New McAfee patent hints at a more walled-off online world
A McAfee patent hints at content filtering at the user level in order to block sites that offer pirated content.
Posted by Patrick Lambert | May 3, 2013, 9:00 AM PDT | Latest comment by public_domain
-
10 services to turn off in MS Windows XP
As I pointed out on 19 October, in point number four of the article 10 security tips for all general-purposes OSes, an important step in the process of securing your system is to shut down...
Posted by Chad Perrin | November 7, 2007, 10:02 AM PST | Latest comment by JonB2008
