- Follow this blog:
- RSS
- Email Alert
IT Security
Selena Frye
TechRepublic Staff
Selena Frye
-
A new way to X-Ray your Android device for privilege escalation threats
Your Android device might have vulnerabilities you can't see, but help is on the way today with X-Ray. Michael Kassner introduces this new security tool and gets the inside scoop from its creators.
Posted by Michael Kassner | July 23, 2012, 6:54 AM PDT | Latest comment by Michael Kassner
-
Covering all the bases: Threats to the corporate network
Sophisticated attacks against the most highly critical systems are a real threat, but we shouldn't forget that most security breaches are more mundane in character and much closer to home.
Posted by Patrick Lambert | July 18, 2012, 1:26 PM PDT
-
Extra protection for Windows PCs with EMET
Alfonso Barreiro offers an overview of EMET -- Microsoft's free Enhanced Mitigation Experience Toolkit -- that applies anti-exploit tech to vulnerable applications and processes.
Posted by Alfonso Barreiro | July 17, 2012, 8:20 AM PDT
-
PGP's creator extends security to mobile communications with Silent Circle
Seen the news? It seems your phone data is free for the asking. Michael Kassner interviews Phil Zimmermann -- the man behind PGP -- about Silent Circle, an encryption system for portable devices.
Posted by Michael Kassner | July 16, 2012, 8:14 AM PDT | Latest comment by Michael Kassner
-
450K Yahoo passwords online now: Is yours?
Hackers have posted 450K Yahoo email addresses and passwords online, and hint Gmail, Hotmail, other services are next. How can you check if your users' accounts are among them?
Posted by Gina Smith | July 13, 2012, 5:34 AM PDT | Latest comment by don.brandt@...
-
From the trenches: Troubleshooting and securing SonicWall
Consultant Bob Eisenhardt recounts a recent experience working with a small office's SonicWall V200. If you've ever tangled with one of these devices, these tips might help.
Posted by Bob Eisenhardt | July 11, 2012, 1:18 PM PDT | Latest comment by JCitizen
-
Are you checking privacy policies frequently?
Online companies collect our private information as payment for using their site. Michael Kassner looks at how changes to previously agreed upon privacy conditions are reported -- or not.
Posted by Michael Kassner | July 9, 2012, 7:31 AM PDT | Latest comment by bboyd@...
-
How to start your career as a security pro
Dominic Vogel offers some tips for getting starting in the information security field whether you're just starting out or looking to make a career change.
Posted by Dominic Vogel | July 5, 2012, 7:02 AM PDT | Latest comment by Professor8
-
Microsoft security competition: A model for the future?
Patrick Lambert shares his perspective on Microsoft's BlueHat security competition and its $200,000 prize.
Posted by Patrick Lambert | July 3, 2012, 12:30 PM PDT | Latest comment by Deadly Ernest
-
Google Play: Android's Bouncer can be pwned
Deciding whether to trust apps or not just got more complicated. Michael Kassner asked a pair of researchers why that is.
Posted by Michael Kassner | July 3, 2012, 5:30 AM PDT | Latest comment by jeslurkin
-
Infographic: Generation gap in computer security
This infographic shows a generation gap in the attitudes of Gen Y users and Baby Boomers in their attitudes toward computer security.
Posted by Selena Frye | June 26, 2012, 12:26 PM PDT
-
Use MS Security Compliance Manager to secure your Windows environment
Alfonso Barreiro recommends Microsoft's Security Compliance Manager tool to help you create and maintain security baselines using Group Policy Objects.
Posted by Alfonso Barreiro | June 25, 2012, 11:14 AM PDT
-
An interview with Giorgio Maone, creator of NoScript
We know all about NoScript, but not much about its developer. Michael Kassner thought it was time to change that.
Posted by Michael Kassner | June 25, 2012, 10:10 AM PDT | Latest comment by jeslurkin
-
Security beyond passwords: What's next?
Patrick Lambert looks at the rash of stolen password exploits and how websites are trying to move beyond passwords only as a security check.
Posted by Patrick Lambert | June 21, 2012, 9:00 AM PDT | Latest comment by jamesbrown126
-
Guess who's buying zero-day vulnerabilities?
Finding vulnerabilities in software has become a thriving business. Michael Kassner reports on what that means to users.
Posted by Michael Kassner | June 18, 2012, 7:29 AM PDT | Latest comment by JCitizen
-
Back to basics: Defending against phishing attacks
Alfonso Barreiro notes that phishing attempts are still duping unwary targets. Here are some tips to share with your users to help protect your organization from compromise.
Posted by Alfonso Barreiro | June 12, 2012, 6:00 AM PDT
-
Why we give away our Internet privacy, according to Cory Doctorow
Many bemoan giving up our online privacy, but few provide explanations of why we accept it. Learn what Michael Kassner found out from one who offers answers and a solution.
Posted by Michael Kassner | June 11, 2012, 7:04 AM PDT | Latest comment by pgit
-
Infographic: Online threats 101
This infographic is a nice educational tool if you do basic user training as either part of your job or if you are often teaching beginners about computer safety.
Posted by Selena Frye | June 7, 2012, 6:00 AM PDT
-
Security vs. convenience: The case of case-insensitive passwords
Patrick Lambert considers the recent decision by Blizzard to ignore case-sensitivity in user passwords from the perspective of the security vs. convenience debate.
Posted by Patrick Lambert | June 5, 2012, 6:00 AM PDT | Latest comment by Kenton.R
-
Flame malware targets Microsoft Update system: Patch now
Microsoft released a security alert and patch due to the disturbing news that the hugely complex Flame malware has spoofed MS-signed certificates, potentially making Microsoft Update a malware...
Posted by Selena Frye | June 4, 2012, 10:59 AM PDT | Latest comment by sightsandsounds
-
List open ports and listening services
You should turn off any services you don't actually need so that they will not become avenues of attack for security threats. Different systems will have different services running by default,...
Posted by Chad Perrin | April 15, 2008, 8:47 PM PDT | Latest comment by jackhard
-
Battling the Google Redirect virus
Consultant Bob Eisenhardt recounts his frustrating experience trying to track down and get rid of a client's search-redirect virus. Here's how he finally ditched it.
Posted by Bob Eisenhardt | January 2, 2013, 10:56 AM PST | Latest comment by Jane3344
-
BGP and Internet security: Is it better to be lucky or good?
Does "it's not a problem until it actually happens" apply to Internet security? Michael P. Kassner interviews a networking expert who's wondering about the same thing.
Posted by Michael Kassner | June 10, 2013, 9:11 AM PDT | Latest comment by wdewey@...
-
DropSmack: Using Dropbox to steal files and deliver malware
Michael P. Kassner interviews a digital forensic scientist who uses Dropbox to compromise targeted networks -- something the bad guys probably figured out as well.
Posted by Michael Kassner | April 15, 2013, 7:46 AM PDT | Latest comment by Michael Kassner
-
New Android malware should be wake-up call for security admins
Security firm Kaspersky reported on a new malware threat that it calls the most sophisticated it has seen in targeting Android phones.
Posted by Patrick Lambert | June 12, 2013, 10:29 AM PDT | Latest comment by Michael Kassner
-
The anatomy of a phishing operation
There are far better things than being phished, like writing about how not to get phished. Michael P. Kassner reviews a research paper that provides amazing insight into a successful phishing...
Posted by Michael Kassner | June 3, 2013, 7:04 AM PDT | Latest comment by JCitizen
-
How to spoof a MAC address
MAC address filtering for wireless networking isn't real "security". Anyone who pays any attention to current trends in wireless security at all should know that MAC filtering is less effective...
Posted by Chad Perrin | January 22, 2008, 1:28 PM PST | Latest comment by Doug Vitale
-
Aaron Swartz legacy lives on with New Yorker's Strongbox: How it works
Strongbox was Aaron Swartz's final project. Michael P. Kassner explains why The New Yorker requested a way to keep sources and their information secret.
Posted by Michael Kassner | May 20, 2013, 7:17 AM PDT | Latest comment by tylerpitchford
-
The basics of using a proxy server for privacy and security
Patrick Lambert goes over the basics of how proxy servers work and why they are used to add security and privacy.
Posted by Patrick Lambert | December 5, 2012, 6:30 AM PST | Latest comment by Tony Hopkinson
-
BoxCryptor vs. DropSmack: The battle to secure Dropbox
Can DropSmack malware be stopped? Michael P. Kassner asks the creators of BoxCryptor if it is up to the task of securing the Dropbox file-synchronization service.
Posted by Michael Kassner | April 29, 2013, 10:30 AM PDT | Latest comment by Michael Kassner
-
Virtualizing apps could be the bridge over the BYOD security gap
Allowing BYOD has unfavorable implications for both the company and employees. Michael P. Kassner explores what businesses are doing to mitigate the risk.
Posted by Michael Kassner | May 28, 2013, 6:33 AM PDT | Latest comment by Michael Kassner
-
How to successfully implement the principle of least privilege
Least privilege is a core security principle, but it's one that often meets with resistance by users. Here are tips for how to implement it and get the point across to others.
Posted by Dominic Vogel | May 29, 2013, 9:27 AM PDT | Latest comment by o_p_i
-
DARPA's Plan X and the future of the U.S. cyber defense infrastructure
Plan X sounds like a summer sci-fi movie, but it's actually one of DARPA's latest projects, aimed at improving the nation's defense of critical infrastructure targets.
Posted by Patrick Lambert | June 4, 2013, 5:30 AM PDT
-
Cloud-service contracts and data protection: Unintended consequences
There are things your cloud-service (Facebook, Amazon, Google, Dropbox, etc.) contracts aren't telling you. Michael P. Kassner interviews an attorney concerned about what's not being said.
Posted by Michael Kassner | May 13, 2013, 11:52 AM PDT | Latest comment by Michael Kassner
-
DDoS attack methods and how to prevent or mitigate them
Patrick Lambert covers the various methods attackers use to launch distributed denial of service attacks, and the precautions you can take to prevent or at least, mitigate these types of events.
Posted by Patrick Lambert | October 15, 2012, 11:24 AM PDT
-
Is uncovering digital vulnerabilities doing more harm than good?
A noted virtual-reality technologist and author views "security through obscurity" as the only true way security can exist. Michael P. Kassner looks at what this uniquely divergent viewpoint means.
Posted by Michael Kassner | March 25, 2013, 8:48 AM PDT | Latest comment by mla_ca520@...
-
Dropbox: Convenient? Absolutely, but is it secure?
A potential security lapse and possibly misleading statements are plaguing Dropbox, a hugely popular file-syncing app. What are the issues and is concern justified?
Posted by Michael Kassner | June 13, 2011, 8:03 AM PDT | Latest comment by kprivigyi@...
-
Use PuTTY as a secure proxy on Windows
Last month, I wrote about using OpenSSH as a secure Web proxy on UNIX and Linux systems. This time, I'll show you how to do the same thing on Microsoft Windows using PuTTY -- probably the single...
Posted by Chad Perrin | March 10, 2008, 4:30 PM PDT | Latest comment by abaabaa
-
The FBI locked your computer? Watch out for new spins on ransomware
The FBI locks your computer. Can they do that? Or is it fake? How does one know? Michael Kassner asks an expert for help with the latest forms of ransomware.
Posted by Michael Kassner | November 15, 2012, 7:18 AM PST | Latest comment by JCitizen
-
10 services to turn off in MS Windows XP
As I pointed out on 19 October, in point number four of the article 10 security tips for all general-purposes OSes, an important step in the process of securing your system is to shut down...
Posted by Chad Perrin | November 7, 2007, 10:02 AM PST | Latest comment by JonB2008
