Follow this blog:: RSS; Email Alert

IT Security

Selena Frye

TechRepublic Staff

TechRepublic

Contact
Bio

Newest
Hottest

3

Microsoft security competition: A model for the future?

Patrick Lambert shares his perspective on Microsoft's BlueHat security competition and its $200,000 prize.

Posted by Patrick Lambert | July 3, 2012, 12:30 PM PDT | Latest comment by Deadly Ernest
22

Google Play: Android's Bouncer can be pwned

Deciding whether to trust apps or not just got more complicated. Michael Kassner asked a pair of researchers why that is.

Posted by Michael Kassner | July 3, 2012, 5:30 AM PDT | Latest comment by jeslurkin
1

Infographic: Generation gap in computer security

This infographic shows a generation gap in the attitudes of Gen Y users and Baby Boomers in their attitudes toward computer security.

Posted by Selena Frye | June 26, 2012, 12:26 PM PDT
0

Use MS Security Compliance Manager to secure your Windows environment

Alfonso Barreiro recommends Microsoft's Security Compliance Manager tool to help you create and maintain security baselines using Group Policy Objects.

Posted by Alfonso Barreiro | June 25, 2012, 11:14 AM PDT

25

An interview with Giorgio Maone, creator of NoScript

We know all about NoScript, but not much about its developer. Michael Kassner thought it was time to change that.

Posted by Michael Kassner | June 25, 2012, 10:10 AM PDT | Latest comment by jeslurkin
17

Security beyond passwords: What's next?

Patrick Lambert looks at the rash of stolen password exploits and how websites are trying to move beyond passwords only as a security check.

Posted by Patrick Lambert | June 21, 2012, 9:00 AM PDT | Latest comment by jamesbrown126
82

Guess who's buying zero-day vulnerabilities?

Finding vulnerabilities in software has become a thriving business. Michael Kassner reports on what that means to users.

Posted by Michael Kassner | June 18, 2012, 7:29 AM PDT | Latest comment by JCitizen
1

Back to basics: Defending against phishing attacks

Alfonso Barreiro notes that phishing attempts are still duping unwary targets. Here are some tips to share with your users to help protect your organization from compromise.

Posted by Alfonso Barreiro | June 12, 2012, 6:00 AM PDT
95

Why we give away our Internet privacy, according to Cory Doctorow

Many bemoan giving up our online privacy, but few provide explanations of why we accept it. Learn what Michael Kassner found out from one who offers answers and a solution.

Posted by Michael Kassner | June 11, 2012, 7:04 AM PDT | Latest comment by pgit
1

Infographic: Online threats 101

This infographic is a nice educational tool if you do basic user training as either part of your job or if you are often teaching beginners about computer safety.

Posted by Selena Frye | June 7, 2012, 6:00 AM PDT
4

Security vs. convenience: The case of case-insensitive passwords

Patrick Lambert considers the recent decision by Blizzard to ignore case-sensitivity in user passwords from the perspective of the security vs. convenience debate.

Posted by Patrick Lambert | June 5, 2012, 6:00 AM PDT | Latest comment by Kenton.R
22

Flame malware targets Microsoft Update system: Patch now

Microsoft released a security alert and patch due to the disturbing news that the hugely complex Flame malware has spoofed MS-signed certificates, potentially making Microsoft Update a malware...

Posted by Selena Frye | June 4, 2012, 10:59 AM PDT | Latest comment by sightsandsounds
7

ScriptNo: A preemptive strike against script attacks for Chrome

Google's Chrome browser has a powerful ally in ScriptNo. Michael Kassner talks to the developer about his efforts to curtail scripting attacks.

Posted by Michael Kassner | June 4, 2012, 7:02 AM PDT | Latest comment by Ocie3
3

Infographic: Is free Wi-Fi a friend or foe?

This infographic provides some current usage numbers for Wi-Fi connected devices and offers basic tips and security precautions for those using public Wi-Fi networks.

Posted by Selena Frye | May 30, 2012, 6:00 AM PDT | Latest comment by yodi.collins
4

Security pros: Knowing when it's time to move on (and how to do it)

Dominic Vogel draws on his recent experience to offer advice on job-changing strategies to security pros and others in IT when you realize it's time to recharge your career.

Posted by Dominic Vogel | May 29, 2012, 9:50 AM PDT | Latest comment by mvcandido
20

Chrome extensions are vulnerable: Advantage, bad guys

Chrome may be secure, but if the extensions aren't, it doesn't matter. Michael Kassner asks the experts why extensions are vulnerable and what's being done about it.

Posted by Michael Kassner | May 29, 2012, 6:24 AM PDT | Latest comment by Michael Kassner
78

Reading online privacy policies cost us $781 billion per year

Michael Kassner interviews two privacy researchers who feel we are spending too much to understand privacy policies.

Posted by Michael Kassner | May 21, 2012, 7:12 AM PDT | Latest comment by nwallette
5

DNSCrypt for Windows released: Does DNSSEC make it obsolete?

OpenDNS just released a Windows version of DNSCrypt, but does the implementation of the DNSSEC protocol make it obsolete? Patrick Lambert takes a look at what the critics are saying.

Posted by Patrick Lambert | May 16, 2012, 12:50 PM PDT | Latest comment by seanferd
59

Malware poses as software updates: Why the FBI is warning travelers

Those "critical update" notices you get, especially while traveling, may not be what you think. Michael Kassner gets the low-down on this serious threat as well as the Evilgrade platform.

Posted by Michael Kassner | May 14, 2012, 7:55 AM PDT | Latest comment by Who Am I Really
2

Infographic: How cyber-secure are public companies?

This infographic presents some less-than-stellar numbers illustrating how well public companies are securing their web applications.

Posted by Selena Frye | May 9, 2012, 9:00 AM PDT | Latest comment by JJMach

Page 7 of 56

2

List open ports and listening services

You should turn off any services you don't actually need so that they will not become avenues of attack for security threats. Different systems will have different services running by default,...

Posted by Chad Perrin | April 15, 2008, 8:47 PM PDT | Latest comment by jackhard
151

Hackers: From innocent curiosity to illegal activity

Researchers asked why talented youth skilled in "computerese" evolve into criminal hackers. Michael P. Kassner explains their unexpected results.

Posted by Michael Kassner | May 6, 2013, 7:59 AM PDT | Latest comment by mattohare@...
103

DropSmack: Using Dropbox to steal files and deliver malware

Michael P. Kassner interviews a digital forensic scientist who uses Dropbox to compromise targeted networks -- something the bad guys probably figured out as well.

Posted by Michael Kassner | April 15, 2013, 7:46 AM PDT | Latest comment by Michael Kassner
36

Cloud-service contracts and data protection: Unintended consequences

There are things your cloud-service (Facebook, Amazon, Google, Dropbox, etc.) contracts aren't telling you. Michael P. Kassner interviews an attorney concerned about what's not being said.

Posted by Michael Kassner | May 13, 2013, 11:52 AM PDT | Latest comment by Michael Kassner

36

Battling the Google Redirect virus

Consultant Bob Eisenhardt recounts his frustrating experience trying to track down and get rid of a client's search-redirect virus. Here's how he finally ditched it.

Posted by Bob Eisenhardt | January 2, 2013, 10:56 AM PST | Latest comment by Jane3344
36

Understanding what motivates Chinese hackers

Michael P. Kassner, with the help of a noted academic and author, looks at what motivates Chinese hackers. It may not be what you think.

Posted by Michael Kassner | April 22, 2013, 10:16 AM PDT | Latest comment by HAL 9000
15

BoxCryptor vs. DropSmack: The battle to secure Dropbox

Can DropSmack malware be stopped? Michael P. Kassner asks the creators of BoxCryptor if it is up to the task of securing the Dropbox file-synchronization service.

Posted by Michael Kassner | April 29, 2013, 10:30 AM PDT | Latest comment by Michael Kassner
63

How to spoof a MAC address

MAC address filtering for wireless networking isn't real "security". Anyone who pays any attention to current trends in wireless security at all should know that MAC filtering is less effective...

Posted by Chad Perrin | January 22, 2008, 1:28 PM PST | Latest comment by Doug Vitale
3

Running the gauntlet: Tips for achieving your CISSP

One of the most highly regarded security certifications is the CISSP. Dominic Vogel offers these nine tips for becoming certified based on his own experience.

Posted by Dominic Vogel | April 23, 2013, 5:30 AM PDT | Latest comment by JCitizen
10

The basics of using a proxy server for privacy and security

Patrick Lambert goes over the basics of how proxy servers work and why they are used to add security and privacy.

Posted by Patrick Lambert | December 5, 2012, 6:30 AM PST | Latest comment by Tony Hopkinson
0

DDoS attack methods and how to prevent or mitigate them

Patrick Lambert covers the various methods attackers use to launch distributed denial of service attacks, and the precautions you can take to prevent or at least, mitigate these types of events.

Posted by Patrick Lambert | October 15, 2012, 11:24 AM PDT
21

Software-Defined Networking: How it affects network security

SDN technology is set to rewrite the book of networking. Michael P. Kassner looks into how SDN will improve security, and where it's vulnerable.

Posted by Michael Kassner | April 8, 2013, 7:13 AM PDT | Latest comment by Michael Kassner
64

Dropbox: Convenient? Absolutely, but is it secure?

A potential security lapse and possibly misleading statements are plaguing Dropbox, a hugely popular file-syncing app. What are the issues and is concern justified?

Posted by Michael Kassner | June 13, 2011, 8:03 AM PDT | Latest comment by kprivigyi@...
67

Use PuTTY as a secure proxy on Windows

Last month, I wrote about using OpenSSH as a secure Web proxy on UNIX and Linux systems. This time, I'll show you how to do the same thing on Microsoft Windows using PuTTY -- probably the single...

Posted by Chad Perrin | March 10, 2008, 4:30 PM PDT | Latest comment by abaabaa
101

Hacker vs. cracker

The word "hacker" gets used in a pejorative sense by journalists an awful lot. Some people think this is perfectly reasonable; others find it offensive, and recommend an alternative term for that...

Posted by Chad Perrin | April 17, 2009, 1:20 PM PDT | Latest comment by wizard57m-cnet
5

The future of IT security compliance: 201 CMR 17.00

Why should you be concerned about a security rule that is part of the State law of Massachusetts -- especially if you aren't in business there? Donovan Colbert explains how compliance regulations...

Posted by Donovan Colbert | April 30, 2013, 6:00 AM PDT | Latest comment by dcolbert@...
9

New McAfee patent hints at a more walled-off online world

A McAfee patent hints at content filtering at the user level in order to block sites that offer pirated content.

Posted by Patrick Lambert | May 3, 2013, 9:00 AM PDT | Latest comment by public_domain
74

10 services to turn off in MS Windows XP

As I pointed out on 19 October, in point number four of the article 10 security tips for all general-purposes OSes, an important step in the process of securing your system is to shut down...

Posted by Chad Perrin | November 7, 2007, 10:02 AM PST | Latest comment by JonB2008
89

The FBI locked your computer? Watch out for new spins on ransomware

The FBI locks your computer. Can they do that? Or is it fake? How does one know? Michael Kassner asks an expert for help with the latest forms of ransomware.

Posted by Michael Kassner | November 15, 2012, 7:18 AM PST | Latest comment by JCitizen
11

The CIA Triad

The CIA Triad is a venerable, well-known model for security policy development, used to identify problem areas and necessary solutions for information security. Read on for an introduction to the...

Posted by Chad Perrin | June 30, 2008, 3:13 PM PDT | Latest comment by white house