Follow this blog:: RSS; Email Alert

IT Security

Selena Frye

TechRepublic Staff

TechRepublic

Contact
Bio

Newest
Hottest

30

Uncloaking invisible iFrames

Mention drive-by malware to nefarious types and they smile, silently thanking the invisible iFrame. Ever wonder why?

Posted by Michael Kassner | August 20, 2012, 7:26 AM PDT | Latest comment by JCitizen
0

Microsoft Attack Surface Analyzer gives IT pros risk assessment tool

Patrick Lambert gives an overview of the Microsoft Attack Surface Analyzer, which helps IT pros assess the risks of new applications and deployments on their systems.

Posted by Patrick Lambert | August 20, 2012, 6:00 AM PDT
3

Infographic: Spam Olympiad

Spammers and "slammers" took advantage of world-wide attention on the London 2012 Olympics to flood us with junk and fill the social media streams with abuse. Here's a snapshot of their activity.

Posted by Selena Frye | August 17, 2012, 11:13 AM PDT | Latest comment by BetsyJoKellum
17

What Windows 8 has done to improve security

Windows 8 is getting mixed reviews but there's no doubt that Microsoft has taken significant steps to improve security. Patrick Lambert describes the new features.

Posted by Patrick Lambert | August 14, 2012, 6:00 AM PDT | Latest comment by Deadly Ernest

24

Survey says: People do care about their privacy

Finally, someone asked users how important it was to remain private while online. Michael Kassner shares what the research team found, including some surprises.

Posted by Michael Kassner | August 13, 2012, 7:44 AM PDT | Latest comment by Michael Kassner
8

Five ways to protect yourself in a multi-device, multi-platform world

In the wake of Wired reporter Mat Honan's digital disaster, you should revisit your security strategy for "living online." Here are best practices for repairing the weakest links in your personal...

Posted by Deb Shinder | August 9, 2012, 12:32 PM PDT | Latest comment by Tgneg
3

Beyond passwords: Biometrics continue to evolve

Patrick Lambert looks at the current state of biometrics in security systems.

Posted by Patrick Lambert | August 6, 2012, 10:00 AM PDT | Latest comment by anil_g
83

Traditional antivirus software is useless against military malware

Antivirus programs are obsolete. In that case, what are we supposed to do? Learn what the security community has to say.

Posted by Michael Kassner | August 6, 2012, 7:13 AM PDT | Latest comment by a1computers.ie
3

Scariest stuff from BlackHat 2012

NFC hacking, ultra-stealthy malware, and hotel room lock and keycard weaknesses made this list of some of the scariest demonstrated exploits at BlackHat 2012.

Posted by Selena Frye | August 2, 2012, 12:40 PM PDT | Latest comment by JCitizen
3

Around the world in IP attacks

Bob Eisenhardt recently had to lock down a server that was vulnerable to IP attacks. Here is what he found out about them and his steps to resolve the problem.

Posted by Bob Eisenhardt | August 1, 2012, 9:00 AM PDT | Latest comment by magic8ball
0

Bromium: Newcomer to the periodic table of security elements

Dominic Vogel looks into a new security solution that relies on micro-virtualization to isolate untrustworthy desktop tasks from enterprise networks.

Posted by Dominic Vogel | July 30, 2012, 12:18 PM PDT
97

The truth behind those Nigerian 419 scammers

Why would 419 scammers say they're Nigerian, even if they are as American as apple pie? Michael Kassner provides some insight as to why.

Posted by Michael Kassner | July 30, 2012, 8:57 AM PDT | Latest comment by anxious lady
22

Microsoft to block keys less than 1024 bits in August software update

This is your last chance to prepare for an August update from Microsoft that will reject cryptographic keys less than 1024 bits.

Posted by Patrick Lambert | July 23, 2012, 2:11 PM PDT | Latest comment by mark1408
10

A new way to X-Ray your Android device for privilege escalation threats

Your Android device might have vulnerabilities you can't see, but help is on the way today with X-Ray. Michael Kassner introduces this new security tool and gets the inside scoop from its creators.

Posted by Michael Kassner | July 23, 2012, 6:54 AM PDT | Latest comment by Michael Kassner
1

Covering all the bases: Threats to the corporate network

Sophisticated attacks against the most highly critical systems are a real threat, but we shouldn't forget that most security breaches are more mundane in character and much closer to home.

Posted by Patrick Lambert | July 18, 2012, 1:26 PM PDT
0

Extra protection for Windows PCs with EMET

Alfonso Barreiro offers an overview of EMET -- Microsoft's free Enhanced Mitigation Experience Toolkit -- that applies anti-exploit tech to vulnerable applications and processes.

Posted by Alfonso Barreiro | July 17, 2012, 8:20 AM PDT
14

PGP's creator extends security to mobile communications with Silent Circle

Seen the news? It seems your phone data is free for the asking. Michael Kassner interviews Phil Zimmermann -- the man behind PGP -- about Silent Circle, an encryption system for portable devices.

Posted by Michael Kassner | July 16, 2012, 8:14 AM PDT | Latest comment by Michael Kassner
3

450K Yahoo passwords online now: Is yours?

Hackers have posted 450K Yahoo email addresses and passwords online, and hint Gmail, Hotmail, other services are next. How can you check if your users' accounts are among them?

Posted by Gina Smith | July 13, 2012, 5:34 AM PDT | Latest comment by don.brandt@...
13

From the trenches: Troubleshooting and securing SonicWall

Consultant Bob Eisenhardt recounts a recent experience working with a small office's SonicWall V200. If you've ever tangled with one of these devices, these tips might help.

Posted by Bob Eisenhardt | July 11, 2012, 1:18 PM PDT | Latest comment by JCitizen
5

Are you checking privacy policies frequently?

Online companies collect our private information as payment for using their site. Michael Kassner looks at how changes to previously agreed upon privacy conditions are reported -- or not.

Posted by Michael Kassner | July 9, 2012, 7:31 AM PDT | Latest comment by bboyd@...

Page 6 of 56

2

List open ports and listening services

You should turn off any services you don't actually need so that they will not become avenues of attack for security threats. Different systems will have different services running by default,...

Posted by Chad Perrin | April 15, 2008, 8:47 PM PDT | Latest comment by jackhard
151

Hackers: From innocent curiosity to illegal activity

Researchers asked why talented youth skilled in "computerese" evolve into criminal hackers. Michael P. Kassner explains their unexpected results.

Posted by Michael Kassner | May 6, 2013, 7:59 AM PDT | Latest comment by mattohare@...
103

DropSmack: Using Dropbox to steal files and deliver malware

Michael P. Kassner interviews a digital forensic scientist who uses Dropbox to compromise targeted networks -- something the bad guys probably figured out as well.

Posted by Michael Kassner | April 15, 2013, 7:46 AM PDT | Latest comment by Michael Kassner
36

Cloud-service contracts and data protection: Unintended consequences

There are things your cloud-service (Facebook, Amazon, Google, Dropbox, etc.) contracts aren't telling you. Michael P. Kassner interviews an attorney concerned about what's not being said.

Posted by Michael Kassner | May 13, 2013, 11:52 AM PDT | Latest comment by Michael Kassner

36

Battling the Google Redirect virus

Consultant Bob Eisenhardt recounts his frustrating experience trying to track down and get rid of a client's search-redirect virus. Here's how he finally ditched it.

Posted by Bob Eisenhardt | January 2, 2013, 10:56 AM PST | Latest comment by Jane3344
36

Understanding what motivates Chinese hackers

Michael P. Kassner, with the help of a noted academic and author, looks at what motivates Chinese hackers. It may not be what you think.

Posted by Michael Kassner | April 22, 2013, 10:16 AM PDT | Latest comment by HAL 9000
15

BoxCryptor vs. DropSmack: The battle to secure Dropbox

Can DropSmack malware be stopped? Michael P. Kassner asks the creators of BoxCryptor if it is up to the task of securing the Dropbox file-synchronization service.

Posted by Michael Kassner | April 29, 2013, 10:30 AM PDT | Latest comment by Michael Kassner
63

How to spoof a MAC address

MAC address filtering for wireless networking isn't real "security". Anyone who pays any attention to current trends in wireless security at all should know that MAC filtering is less effective...

Posted by Chad Perrin | January 22, 2008, 1:28 PM PST | Latest comment by Doug Vitale
3

Running the gauntlet: Tips for achieving your CISSP

One of the most highly regarded security certifications is the CISSP. Dominic Vogel offers these nine tips for becoming certified based on his own experience.

Posted by Dominic Vogel | April 23, 2013, 5:30 AM PDT | Latest comment by JCitizen
10

The basics of using a proxy server for privacy and security

Patrick Lambert goes over the basics of how proxy servers work and why they are used to add security and privacy.

Posted by Patrick Lambert | December 5, 2012, 6:30 AM PST | Latest comment by Tony Hopkinson
0

DDoS attack methods and how to prevent or mitigate them

Patrick Lambert covers the various methods attackers use to launch distributed denial of service attacks, and the precautions you can take to prevent or at least, mitigate these types of events.

Posted by Patrick Lambert | October 15, 2012, 11:24 AM PDT
21

Software-Defined Networking: How it affects network security

SDN technology is set to rewrite the book of networking. Michael P. Kassner looks into how SDN will improve security, and where it's vulnerable.

Posted by Michael Kassner | April 8, 2013, 7:13 AM PDT | Latest comment by Michael Kassner
64

Dropbox: Convenient? Absolutely, but is it secure?

A potential security lapse and possibly misleading statements are plaguing Dropbox, a hugely popular file-syncing app. What are the issues and is concern justified?

Posted by Michael Kassner | June 13, 2011, 8:03 AM PDT | Latest comment by kprivigyi@...
67

Use PuTTY as a secure proxy on Windows

Last month, I wrote about using OpenSSH as a secure Web proxy on UNIX and Linux systems. This time, I'll show you how to do the same thing on Microsoft Windows using PuTTY -- probably the single...

Posted by Chad Perrin | March 10, 2008, 4:30 PM PDT | Latest comment by abaabaa
5

The future of IT security compliance: 201 CMR 17.00

Why should you be concerned about a security rule that is part of the State law of Massachusetts -- especially if you aren't in business there? Donovan Colbert explains how compliance regulations...

Posted by Donovan Colbert | April 30, 2013, 6:00 AM PDT | Latest comment by dcolbert@...
101

Hacker vs. cracker

The word "hacker" gets used in a pejorative sense by journalists an awful lot. Some people think this is perfectly reasonable; others find it offensive, and recommend an alternative term for that...

Posted by Chad Perrin | April 17, 2009, 1:20 PM PDT | Latest comment by wizard57m-cnet
9

New McAfee patent hints at a more walled-off online world

A McAfee patent hints at content filtering at the user level in order to block sites that offer pirated content.

Posted by Patrick Lambert | May 3, 2013, 9:00 AM PDT | Latest comment by public_domain
74

10 services to turn off in MS Windows XP

As I pointed out on 19 October, in point number four of the article 10 security tips for all general-purposes OSes, an important step in the process of securing your system is to shut down...

Posted by Chad Perrin | November 7, 2007, 10:02 AM PST | Latest comment by JonB2008
0

Security lessons from the 2013 Verizon Data Breach Report

Verizon's latest report on data breach statistics offers security pros a guide to the most persistent threats and where attention should be focused to defend against them.

Posted by Alfonso Barreiro | May 15, 2013, 6:00 AM PDT
89

The FBI locked your computer? Watch out for new spins on ransomware

The FBI locks your computer. Can they do that? Or is it fake? How does one know? Michael Kassner asks an expert for help with the latest forms of ransomware.

Posted by Michael Kassner | November 15, 2012, 7:18 AM PST | Latest comment by JCitizen