Home / Blogs
Follow this blog:
RSS
Email Alert

IT Security

Selena Frye

Selena Frye

TechRepublic Staff

Selena Frye

Selena Frye
Selena has been at TechRepublic since 2002. She is currently a Senior Editor with a background in technical writing, editing, and research. She edits Data Center, Linux and Open Source, Apple in the Enterprise, The Enterprise Cloud, Web Designer, and IT Security blogs.
  • 2

    Serious vulnerabilities in BT Home Hub router

    Multiple vulnerabilities in the BT Home Hub, one of the UK's most popular router is threatening to expose users to a host of eavesdropping, call spoofing and various other nasty attacks. All an...

    Posted by Paul Mah | October 8, 2007, 10:38 PM PDT | Latest comment by ben@...

  • 0

    SQL Power Injector 1.2 released

    In case you missed it, version 1.2 of SQL Power Injector has been released late last week. SQL Power Injector is a graphical application created using the .NET framework. As its name suggests,...

    Posted by Paul Mah | October 7, 2007, 11:59 PM PDT

  • 1

    Highly critical Java bugs patched

    Eleven vulnerabilities across Windows, Linux and Solaris based versions of its JRE (Java Runtime Environment) and Java Web have been patched by Sun. This includes several flaws rated as "highly...

    Posted by Paul Mah | October 6, 2007, 11:59 PM PDT

  • 23

    Why there's no such thing as a zero-day vulnerability

    The term "zero day" (or "0-day" or "0day") is getting a lot of use these days. Much of the time, it's being used incorrectly. Even in venues generally frequented by knowledgeable people --...

    Posted by Chad Perrin | October 6, 2007, 10:50 AM PDT | Latest comment by pgit

  • 2

    Spammers leveraging YouTube e-mail address

    Spammers are abusing the "Invite Your Friends" system to send out "massive quantities of spam", according to content security outfit Marshall.

    Posted by Paul Mah | October 5, 2007, 8:38 AM PDT | Latest comment by AnsuGisalas

  • 0

    Four critical security patches for October's Patch Tuesday

    Microsoft has announced that there will be seven security bulletins come October's Patch Tuesday on October 9, 2007. Four of the seven are rated “critical."

    Posted by Paul Mah | October 5, 2007, 8:04 AM PDT

  • 12

    Establish a patch management policy

    Given the current state of security, patch management can easily become overwhelming, which is why it's a good idea to establish a patch management policy to define the necessary procedures and...

    Posted by Mike Mullins | October 4, 2007, 1:36 PM PDT | Latest comment by jaytaylor5555

  • 0

    Multiple buffer overflows discovered in Check Point Firewall-1

    Spanish security firm Pentest have discovered ten buffer overflows in different applications in Check Point's flagship FireWall-1 security software.

    Posted by Paul Mah | October 4, 2007, 10:05 AM PDT

  • 0

    Apple finally fixes Windows QuickTime flaw

    Apple has finally updated the Windows version of Quicktime to fix a 13-month old flaw which affects Windows XP and Windows Vista.

    Posted by Paul Mah | October 4, 2007, 9:43 AM PDT

  • 50

    Linux phishing botnet statistics can be deceptive

    The Register reports today that eBay's new chief information security officer (CISO) has noted a surprising trend ("eBay: Botnets are Linux-happy"). Specifically, in his previous employment as...

    Posted by Chad Perrin | October 3, 2007, 3:56 PM PDT | Latest comment by Absolutely

  • 0

    Happy birthday, OpenSSH

    I'm sure some of you have noticed by now that this month marks Google's 9th birthday. It's something of a landmark event for a number of reasons, not least of which is the incredible impact Google...

    Posted by Chad Perrin | September 27, 2007, 4:54 PM PDT

  • 4

    Make sure security logs exhibit accurate time with NTP

    It's vital that organizations take steps to synchronize the time on their network and devices, but it's even more important to make sure the logs produced by security devices reflect the accurate...

    Posted by Mike Mullins | September 27, 2007, 2:07 PM PDT | Latest comment by bernalillo

  • 1

    Privacy is security

    People have an unfortunate tendency to think of security as a set of practices performed almost by rote, locking down known means of compromising security. A more comprehensive approach to...

    Posted by Chad Perrin | September 26, 2007, 11:13 AM PDT

  • 0

    Use the Fire.rb library to write port knocking scripts in Ruby

    Those of us who have been involved in network security professionally for a while should know something about port knocking. For those of you who aren't familiar with it, port knocking is a means...

    Posted by Chad Perrin | September 22, 2007, 7:29 PM PDT

  • 49

    Be aware of the threat of hidden keystroke-logging devices

    Keystroke loggers are a particularly dangerous security threat because users typically don't realize they're even there. Learn about the different versions of keystroke loggers, and get tips...

    Posted by Mike Mullins | September 20, 2007, 10:13 AM PDT | Latest comment by free keylogger

  • 9

    Work with end users -- not against them -- to improve security

    In his recent blog post, "The six consumer technologies that are destroying traditional IT," Jason Hiner comments on consumer technologies that are sneaking into the workplace and causing...

    Posted by Chad Perrin | September 18, 2007, 2:24 PM PDT | Latest comment by rw@...

  • 0

    Top 10 news items, September 15: What's interesting in IT security this week

    There's always a lot going on in the world of IT security. In any given week, I read about literally hundreds of vulnerability disclosures, high-profile security breaches, and changes in the...

    Posted by Chad Perrin | September 15, 2007, 6:38 AM PDT

  • 9

    Does VoIP make it easier for scammers?

    If you're considering switching from the traditional public switched telephone network (PSTN) service to VoIP, you might be wondering whether the change will make you more vulnerable to scammers,...

    Posted by Deb Shinder | September 14, 2007, 11:54 AM PDT | Latest comment by melvins-12449368

  • 23

    Defend your network from idle scanning

    Black hats employ several stealth scanning techniques, and one of those threats is the idle scan. Find out more about idle scanning, and learn best practices for protecting your network from this...

    Posted by Mike Mullins | September 13, 2007, 12:20 PM PDT | Latest comment by apotheon

  • 258

    The truth about viruses

    Once every couple months or so, I find myself explaining to someone that the flood of viruses everyone has come to expect is not an unavoidable side effect of an increasingly networked world....

    Posted by Chad Perrin | September 12, 2007, 10:45 AM PDT | Latest comment by apotheon

  • 2

    List open ports and listening services

    You should turn off any services you don't actually need so that they will not become avenues of attack for security threats. Different systems will have different services running by default,...

    Posted by Chad Perrin | April 15, 2008, 8:47 PM PDT | Latest comment by jackhard

  • 151

    Hackers: From innocent curiosity to illegal activity

    Researchers asked why talented youth skilled in "computerese" evolve into criminal hackers. Michael P. Kassner explains their unexpected results.

    Posted by Michael Kassner | May 6, 2013, 7:59 AM PDT | Latest comment by mattohare@...

  • 103

    DropSmack: Using Dropbox to steal files and deliver malware

    Michael P. Kassner interviews a digital forensic scientist who uses Dropbox to compromise targeted networks -- something the bad guys probably figured out as well.

    Posted by Michael Kassner | April 15, 2013, 7:46 AM PDT | Latest comment by Michael Kassner

  • 36

    Cloud-service contracts and data protection: Unintended consequences

    There are things your cloud-service (Facebook, Amazon, Google, Dropbox, etc.) contracts aren't telling you. Michael P. Kassner interviews an attorney concerned about what's not being said.

    Posted by Michael Kassner | May 13, 2013, 11:52 AM PDT | Latest comment by Michael Kassner

  • 36

    Battling the Google Redirect virus

    Consultant Bob Eisenhardt recounts his frustrating experience trying to track down and get rid of a client's search-redirect virus. Here's how he finally ditched it.

    Posted by Bob Eisenhardt | January 2, 2013, 10:56 AM PST | Latest comment by Jane3344

  • 36

    Understanding what motivates Chinese hackers

    Michael P. Kassner, with the help of a noted academic and author, looks at what motivates Chinese hackers. It may not be what you think.

    Posted by Michael Kassner | April 22, 2013, 10:16 AM PDT | Latest comment by HAL 9000

  • 15

    BoxCryptor vs. DropSmack: The battle to secure Dropbox

    Can DropSmack malware be stopped? Michael P. Kassner asks the creators of BoxCryptor if it is up to the task of securing the Dropbox file-synchronization service.

    Posted by Michael Kassner | April 29, 2013, 10:30 AM PDT | Latest comment by Michael Kassner

  • 63

    How to spoof a MAC address

    MAC address filtering for wireless networking isn't real "security". Anyone who pays any attention to current trends in wireless security at all should know that MAC filtering is less effective...

    Posted by Chad Perrin | January 22, 2008, 1:28 PM PST | Latest comment by Doug Vitale

  • 3

    Running the gauntlet: Tips for achieving your CISSP

    One of the most highly regarded security certifications is the CISSP. Dominic Vogel offers these nine tips for becoming certified based on his own experience.

    Posted by Dominic Vogel | April 23, 2013, 5:30 AM PDT | Latest comment by JCitizen

  • 10

    The basics of using a proxy server for privacy and security

    Patrick Lambert goes over the basics of how proxy servers work and why they are used to add security and privacy.

    Posted by Patrick Lambert | December 5, 2012, 6:30 AM PST | Latest comment by Tony Hopkinson

  • 0

    DDoS attack methods and how to prevent or mitigate them

    Patrick Lambert covers the various methods attackers use to launch distributed denial of service attacks, and the precautions you can take to prevent or at least, mitigate these types of events.

    Posted by Patrick Lambert | October 15, 2012, 11:24 AM PDT

  • 21

    Software-Defined Networking: How it affects network security

    SDN technology is set to rewrite the book of networking. Michael P. Kassner looks into how SDN will improve security, and where it's vulnerable.

    Posted by Michael Kassner | April 8, 2013, 7:13 AM PDT | Latest comment by Michael Kassner

  • 64

    Dropbox: Convenient? Absolutely, but is it secure?

    A potential security lapse and possibly misleading statements are plaguing Dropbox, a hugely popular file-syncing app. What are the issues and is concern justified?

    Posted by Michael Kassner | June 13, 2011, 8:03 AM PDT | Latest comment by kprivigyi@...

  • 67

    Use PuTTY as a secure proxy on Windows

    Last month, I wrote about using OpenSSH as a secure Web proxy on UNIX and Linux systems. This time, I'll show you how to do the same thing on Microsoft Windows using PuTTY -- probably the single...

    Posted by Chad Perrin | March 10, 2008, 4:30 PM PDT | Latest comment by abaabaa

  • 5

    The future of IT security compliance: 201 CMR 17.00

    Why should you be concerned about a security rule that is part of the State law of Massachusetts -- especially if you aren't in business there? Donovan Colbert explains how compliance regulations...

    Posted by Donovan Colbert | April 30, 2013, 6:00 AM PDT | Latest comment by dcolbert@...

  • 101

    Hacker vs. cracker

    The word "hacker" gets used in a pejorative sense by journalists an awful lot. Some people think this is perfectly reasonable; others find it offensive, and recommend an alternative term for that...

    Posted by Chad Perrin | April 17, 2009, 1:20 PM PDT | Latest comment by wizard57m-cnet

  • 9

    New McAfee patent hints at a more walled-off online world

    A McAfee patent hints at content filtering at the user level in order to block sites that offer pirated content.

    Posted by Patrick Lambert | May 3, 2013, 9:00 AM PDT | Latest comment by public_domain

  • 74

    10 services to turn off in MS Windows XP

    As I pointed out on 19 October, in point number four of the article 10 security tips for all general-purposes OSes, an important step in the process of securing your system is to shut down...

    Posted by Chad Perrin | November 7, 2007, 10:02 AM PST | Latest comment by JonB2008

  • 89

    The FBI locked your computer? Watch out for new spins on ransomware

    The FBI locks your computer. Can they do that? Or is it fake? How does one know? Michael Kassner asks an expert for help with the latest forms of ransomware.

    Posted by Michael Kassner | November 15, 2012, 7:18 AM PST | Latest comment by JCitizen

  • 11

    The CIA Triad

    The CIA Triad is a venerable, well-known model for security policy development, used to identify problem areas and necessary solutions for information security. Read on for an introduction to the...

    Posted by Chad Perrin | June 30, 2008, 3:13 PM PDT | Latest comment by white house

Keep Up with TechRepublic

Discover more newsletters

Follow us however you choose!

Media Gallery

View All

Hot Questions

Ask a Question
View All

Hot Discussions

Start a Discussion