Home / Blogs
Follow this blog:
RSS
Email Alert

IT Security

Selena Frye

Selena Frye

TechRepublic Staff

Selena Frye

Selena Frye
Selena has been at TechRepublic since 2002. She is currently a Senior Editor with a background in technical writing, editing, and research. She edits Data Center, Linux and Open Source, Apple in the Enterprise, The Enterprise Cloud, Web Designer, and IT Security blogs.
  • 0

    TikiWiki vulnerability reported

    A "highly critical" vulnerability has been reported in the popular TikiWiki software. It can be exploited by malicious parties to compromise vulnerable systems.

    Posted by Paul Mah | October 12, 2007, 2:38 PM PDT

  • 0

    iPhone, iPod touch image-processing vulnerability reported

    A new image file processing-related flaw has been reported in Apple's iPhone and iPod touch. This can potentially be exploited to compromise a vulnerable device.

    Posted by Paul Mah | October 12, 2007, 2:25 PM PDT

  • 0

    Security updates released for Adobe GoLive 9 and Illustrator CS3

    Adobe has released updates for critical vulnerabilities found in GoLive 9 and Illustrator CS3. An attacker who successfully exploits these could take control of the affected system. Excerpt from...

    Posted by Paul Mah | October 12, 2007, 2:16 PM PDT

  • 0

    Highly critical FCKEditor vulnerability reported

    A "highly critical" vulnerability of the popular Web-based FCKEditor has been reported on Secunia. It can potentially be exploited by malicious parties to compromise a vulnerable system.

    Posted by Paul Mah | October 12, 2007, 1:55 PM PDT

  • 21

    Lock down Cisco switch port security

    One way to boost network security is to use Cisco's Port Security feature to lock down switch ports. Learn the basics of port security, and find out how to configure this feature.

    Posted by David Davis | October 11, 2007, 12:50 PM PDT | Latest comment by nabaruma

  • 13

    Restrict users' access on Linux systems

    In a recent article, I told you how to force Windows users to log off at a specific time by using a third-party utility. Here's how to implement a similar solution for Linux users.

    Posted by Mike Mullins | October 11, 2007, 12:31 PM PDT | Latest comment by seanferd

  • 0

    Multiple vulnerabilities reported for Solaris X Font Server

    Sun has acknowledged some vulnerabilities in Sun Solaris, which can be exploited by malicious people to execute arbitrary code and compromise a vulnerable server.

    Posted by Paul Mah | October 11, 2007, 10:13 AM PDT

  • 0

    Microsoft to fix URI vulnerability

    After three months, Microsoft has finally announced that it will be fixing what has been known in security circles as the URI (Uniform Resource Identifier) flaw, or vulnerability.

    Posted by Paul Mah | October 11, 2007, 9:38 AM PDT

  • 0

    Security spending topped 20 percent of IT budgets in 2006

    A report released by The Computing Technology Industry Association (CompTIA) notes that organizations are using an average of 20% of their total IT budgets on security-related spending in 2006.

    Posted by Paul Mah | October 11, 2007, 9:19 AM PDT

  • 0

    Microsoft Word exploit spotted right after Patch Tuesday

    It seems that the trend for exploiting vulnerabilities around the same time as Patch Tuesday continues. "Exploit Wednesday" this week saw an exploit targeting a just-patched Word vulnerability...

    Posted by Paul Mah | October 11, 2007, 9:04 AM PDT

  • 3

    Critical vulnerability affecting Microsoft Word 2000, 2002 discovered

    A new remote code-execution vulnerability in Microsoft Word has been found. It can be triggered simply by opening a malicious Word file. A successful exploit would allow an attacker to execute...

    Posted by Paul Mah | October 10, 2007, 8:12 AM PDT | Latest comment by Lost Cause?

  • 0

    Security monitoring product announced for Mainframe DB2

    Database security firm Guardium and mainframe software firm Neon Enterprise Software have announced a new database security monitoring product designed for the DB2 mainframe database.

    Posted by Paul Mah | October 10, 2007, 7:47 AM PDT

  • 38

    Windows XP SP3 released for testing

    Microsoft has released service pack 3 for Windows XP to selected beta testers, according to multiple sources around the Net.

    Posted by Paul Mah | October 10, 2007, 7:31 AM PDT | Latest comment by mikeholli

  • 0

    Vulnerability fix for Mac Office 2004 released

    Microsoft has issued an update for Office 2004 for the Mac. This critical patch fixes a bug involving a malformed string that could allow an attacker to overwrite the contents of your machine's...

    Posted by Paul Mah | October 10, 2007, 7:19 AM PDT

  • 4

    Network monitoring for fun and profit

    In network security, there are a few important tasks you just can't ignore. They include things such as perimeter security (firewalls and proxies), disaster recovery (backups and redundant...

    Posted by Chad Perrin | October 9, 2007, 3:06 PM PDT | Latest comment by JCitizen

  • 0

    Local util-linux vulnerability reported

    A vulnerability affected the util-linux package have been reported on Secunai. It can potentially be exploited by malicious local users to perform certain actions with escalated privileges.

    Posted by Paul Mah | October 8, 2007, 11:59 PM PDT

  • 1

    Adobe issues security advisory on PDF flaw -- finally

    Adobe has issued a security advisory on Friday pertaining to a code execution vulnerability affecting PDF files. This comes almost three weeks after a public disclosure which I covered.

    Posted by Paul Mah | October 8, 2007, 11:58 PM PDT | Latest comment by drivenn

  • 0

    eBay server hacked via old administrative functions

    A malicious hacker broke into an eBay server on Friday, temporarily suspending the accounts of a "very small" number of members.

    Posted by Paul Mah | October 8, 2007, 10:58 PM PDT

  • 2

    Serious vulnerabilities in BT Home Hub router

    Multiple vulnerabilities in the BT Home Hub, one of the UK's most popular router is threatening to expose users to a host of eavesdropping, call spoofing and various other nasty attacks. All an...

    Posted by Paul Mah | October 8, 2007, 10:38 PM PDT | Latest comment by ben@...

  • 0

    SQL Power Injector 1.2 released

    In case you missed it, version 1.2 of SQL Power Injector has been released late last week. SQL Power Injector is a graphical application created using the .NET framework. As its name suggests,...

    Posted by Paul Mah | October 7, 2007, 11:59 PM PDT

  • 103

    DropSmack: Using Dropbox to steal files and deliver malware

    Michael P. Kassner interviews a digital forensic scientist who uses Dropbox to compromise targeted networks -- something the bad guys probably figured out as well.

    Posted by Michael Kassner | April 15, 2013, 7:46 AM PDT | Latest comment by Michael Kassner

  • 2

    List open ports and listening services

    You should turn off any services you don't actually need so that they will not become avenues of attack for security threats. Different systems will have different services running by default,...

    Posted by Chad Perrin | April 15, 2008, 8:47 PM PDT | Latest comment by jackhard

  • 151

    Hackers: From innocent curiosity to illegal activity

    Researchers asked why talented youth skilled in "computerese" evolve into criminal hackers. Michael P. Kassner explains their unexpected results.

    Posted by Michael Kassner | May 6, 2013, 7:59 AM PDT | Latest comment by mattohare@...

  • 36

    Battling the Google Redirect virus

    Consultant Bob Eisenhardt recounts his frustrating experience trying to track down and get rid of a client's search-redirect virus. Here's how he finally ditched it.

    Posted by Bob Eisenhardt | January 2, 2013, 10:56 AM PST | Latest comment by Jane3344

  • 36

    Cloud-service contracts and data protection: Unintended consequences

    There are things your cloud-service (Facebook, Amazon, Google, Dropbox, etc.) contracts aren't telling you. Michael P. Kassner interviews an attorney concerned about what's not being said.

    Posted by Michael Kassner | May 13, 2013, 11:52 AM PDT | Latest comment by Michael Kassner

  • 36

    Understanding what motivates Chinese hackers

    Michael P. Kassner, with the help of a noted academic and author, looks at what motivates Chinese hackers. It may not be what you think.

    Posted by Michael Kassner | April 22, 2013, 10:16 AM PDT | Latest comment by HAL 9000

  • 15

    BoxCryptor vs. DropSmack: The battle to secure Dropbox

    Can DropSmack malware be stopped? Michael P. Kassner asks the creators of BoxCryptor if it is up to the task of securing the Dropbox file-synchronization service.

    Posted by Michael Kassner | April 29, 2013, 10:30 AM PDT | Latest comment by Michael Kassner

  • 63

    How to spoof a MAC address

    MAC address filtering for wireless networking isn't real "security". Anyone who pays any attention to current trends in wireless security at all should know that MAC filtering is less effective...

    Posted by Chad Perrin | January 22, 2008, 1:28 PM PST | Latest comment by Doug Vitale

  • 3

    Running the gauntlet: Tips for achieving your CISSP

    One of the most highly regarded security certifications is the CISSP. Dominic Vogel offers these nine tips for becoming certified based on his own experience.

    Posted by Dominic Vogel | April 23, 2013, 5:30 AM PDT | Latest comment by JCitizen

  • 10

    The basics of using a proxy server for privacy and security

    Patrick Lambert goes over the basics of how proxy servers work and why they are used to add security and privacy.

    Posted by Patrick Lambert | December 5, 2012, 6:30 AM PST | Latest comment by Tony Hopkinson

  • 0

    DDoS attack methods and how to prevent or mitigate them

    Patrick Lambert covers the various methods attackers use to launch distributed denial of service attacks, and the precautions you can take to prevent or at least, mitigate these types of events.

    Posted by Patrick Lambert | October 15, 2012, 11:24 AM PDT

  • 21

    Software-Defined Networking: How it affects network security

    SDN technology is set to rewrite the book of networking. Michael P. Kassner looks into how SDN will improve security, and where it's vulnerable.

    Posted by Michael Kassner | April 8, 2013, 7:13 AM PDT | Latest comment by Michael Kassner

  • 64

    Dropbox: Convenient? Absolutely, but is it secure?

    A potential security lapse and possibly misleading statements are plaguing Dropbox, a hugely popular file-syncing app. What are the issues and is concern justified?

    Posted by Michael Kassner | June 13, 2011, 8:03 AM PDT | Latest comment by kprivigyi@...

  • 67

    Use PuTTY as a secure proxy on Windows

    Last month, I wrote about using OpenSSH as a secure Web proxy on UNIX and Linux systems. This time, I'll show you how to do the same thing on Microsoft Windows using PuTTY -- probably the single...

    Posted by Chad Perrin | March 10, 2008, 4:30 PM PDT | Latest comment by abaabaa

  • 101

    Hacker vs. cracker

    The word "hacker" gets used in a pejorative sense by journalists an awful lot. Some people think this is perfectly reasonable; others find it offensive, and recommend an alternative term for that...

    Posted by Chad Perrin | April 17, 2009, 1:20 PM PDT | Latest comment by wizard57m-cnet

  • 5

    The future of IT security compliance: 201 CMR 17.00

    Why should you be concerned about a security rule that is part of the State law of Massachusetts -- especially if you aren't in business there? Donovan Colbert explains how compliance regulations...

    Posted by Donovan Colbert | April 30, 2013, 6:00 AM PDT | Latest comment by dcolbert@...

  • 74

    10 services to turn off in MS Windows XP

    As I pointed out on 19 October, in point number four of the article 10 security tips for all general-purposes OSes, an important step in the process of securing your system is to shut down...

    Posted by Chad Perrin | November 7, 2007, 10:02 AM PST | Latest comment by JonB2008

  • 9

    New McAfee patent hints at a more walled-off online world

    A McAfee patent hints at content filtering at the user level in order to block sites that offer pirated content.

    Posted by Patrick Lambert | May 3, 2013, 9:00 AM PDT | Latest comment by public_domain

  • 89

    The FBI locked your computer? Watch out for new spins on ransomware

    The FBI locks your computer. Can they do that? Or is it fake? How does one know? Michael Kassner asks an expert for help with the latest forms of ransomware.

    Posted by Michael Kassner | November 15, 2012, 7:18 AM PST | Latest comment by JCitizen

  • 11

    The CIA Triad

    The CIA Triad is a venerable, well-known model for security policy development, used to identify problem areas and necessary solutions for information security. Read on for an introduction to the...

    Posted by Chad Perrin | June 30, 2008, 3:13 PM PDT | Latest comment by white house

Keep Up with TechRepublic

Discover more newsletters

Follow us however you choose!

Media Gallery

View All

Hot Questions

Ask a Question
View All

Hot Discussions

Start a Discussion