Follow this blog:: RSS; Email Alert

IT Security

Selena Frye

TechRepublic Staff

TechRepublic

Contact
Bio

Newest
Hottest

7

ScriptNo: A preemptive strike against script attacks for Chrome

Google's Chrome browser has a powerful ally in ScriptNo. Michael Kassner talks to the developer about his efforts to curtail scripting attacks.

Posted by Michael Kassner | June 4, 2012, 7:02 AM PDT | Latest comment by Ocie3
3

Infographic: Is free Wi-Fi a friend or foe?

This infographic provides some current usage numbers for Wi-Fi connected devices and offers basic tips and security precautions for those using public Wi-Fi networks.

Posted by Selena Frye | May 30, 2012, 6:00 AM PDT | Latest comment by yodi.collins
4

Security pros: Knowing when it's time to move on (and how to do it)

Dominic Vogel draws on his recent experience to offer advice on job-changing strategies to security pros and others in IT when you realize it's time to recharge your career.

Posted by Dominic Vogel | May 29, 2012, 9:50 AM PDT | Latest comment by mvcandido
20

Chrome extensions are vulnerable: Advantage, bad guys

Chrome may be secure, but if the extensions aren't, it doesn't matter. Michael Kassner asks the experts why extensions are vulnerable and what's being done about it.

Posted by Michael Kassner | May 29, 2012, 6:24 AM PDT | Latest comment by Michael Kassner

78

Reading online privacy policies cost us $781 billion per year

Michael Kassner interviews two privacy researchers who feel we are spending too much to understand privacy policies.

Posted by Michael Kassner | May 21, 2012, 7:12 AM PDT | Latest comment by nwallette
5

DNSCrypt for Windows released: Does DNSSEC make it obsolete?

OpenDNS just released a Windows version of DNSCrypt, but does the implementation of the DNSSEC protocol make it obsolete? Patrick Lambert takes a look at what the critics are saying.

Posted by Patrick Lambert | May 16, 2012, 12:50 PM PDT | Latest comment by seanferd
59

Malware poses as software updates: Why the FBI is warning travelers

Those "critical update" notices you get, especially while traveling, may not be what you think. Michael Kassner gets the low-down on this serious threat as well as the Evilgrade platform.

Posted by Michael Kassner | May 14, 2012, 7:55 AM PDT | Latest comment by Who Am I Really
2

Infographic: How cyber-secure are public companies?

This infographic presents some less-than-stellar numbers illustrating how well public companies are securing their web applications.

Posted by Selena Frye | May 9, 2012, 9:00 AM PDT | Latest comment by JJMach
14

Preparing for the DNSChanger Internet outage

Alfonso Barreiro tells all you need to know to clean up the DNSChanger malware that has affected millions of users. Make sure your organization is prepared for the July 9, 2012 deadline that the...

Posted by Alfonso Barreiro | May 8, 2012, 6:42 AM PDT | Latest comment by Kenton.R
0

How user-behavior monitoring helps reduce risk

Dominic Vogel asks a researcher and a vendor to explain what behavioral monitoring adds to an organization's security strategy.

Posted by Dominic Vogel | May 7, 2012, 11:39 AM PDT
9

Ashkan Soltani introduces MobileScope, an innovative approach to online privacy

There's a lot of debate taking place on how to guarantee online privacy -- but few user-ready solutions. Michael Kassner talks to Ashkan Soltani about a new tool called MobileScope that may change...

Posted by Michael Kassner | May 7, 2012, 7:38 AM PDT | Latest comment by OldGuru
0

Facebook adds Antivirus Marketplace: Security or marketing?

Patrick Lambert looks at the additional security measures that Facebook put in place for its users, including free antivirus options.

Posted by Patrick Lambert | May 3, 2012, 6:00 AM PDT
7

How quantum cryptography works: And by the way, it's breakable

Quantum cryptography is not infallible. But before getting to how it can be compromised, Michael Kassner calls on some experts to explain how Quantum Key Distribution works.

Posted by Michael Kassner | May 1, 2012, 7:26 AM PDT | Latest comment by pgit
1

2012 Sophos security report: The threat landscape

Patrick Lambert breaks down the threat types that the Sophos 2012 security report identified in their annual survey. What's still around and what threats are on the rise?

Posted by Patrick Lambert | April 24, 2012, 7:29 AM PDT
2

Government task force seeks to eradicate insider threats: Practical recommendations

Is the President's new task force, launched last fall, really going to deal with the insidious role of the insider threat? Paul Kenyon, Avecto COO, recommends some security industry best practices.

Posted by Guest Contributor | April 24, 2012, 6:00 AM PDT | Latest comment by Tinman57
13

TaintDroid: Warns about Android apps leaking sensitive data

Unfortunately, there is no simple way to determine what personal data is leaking from your smartphone. Michael Kassner interviews members of a research team that want to change that.

Posted by Michael Kassner | April 22, 2012, 8:04 PM PDT | Latest comment by 1ronman
2

Security vs. convenience: Will users embrace the opt-in?

Patrick Lambert looks at Mozilla's recent decision to make Flash and other plugins an opt-in feature for users instead of a default. Will users regard it as a nuisance or a safeguard?

Posted by Patrick Lambert | April 19, 2012, 6:00 AM PDT | Latest comment by Fairbs
29

Defending against Advanced Persistent Threats

Alfonso Barreiro defines the security class known as Advanced Persistent Threats (APTs) and describes the security view you should take of your organization to combat them.

Posted by Alfonso Barreiro | April 16, 2012, 1:30 PM PDT | Latest comment by bvergara@...
44

Does your flashlight app know where you are? Probing Android permissions

Android permissions are difficult to understand. Michael Kassner interviews a research team using the "wisdom of the crowd" to clarify what a permission actually does.

Posted by Michael Kassner | April 16, 2012, 7:16 AM PDT | Latest comment by JohnMcGrew@...
2

Does your cloud storage provider hold the keys to your data?

Patrick Lambert looks at some recent cloud data breaches and our approach to safeguarding data that is trusted to cloud providers. Take the poll about what data, if any, you trust to the cloud.

Posted by Patrick Lambert | April 10, 2012, 6:20 AM PDT | Latest comment by HAL 9000

Page 8 of 57

2

List open ports and listening services

You should turn off any services you don't actually need so that they will not become avenues of attack for security threats. Different systems will have different services running by default,...

Posted by Chad Perrin | April 15, 2008, 8:47 PM PDT | Latest comment by jackhard
36

Battling the Google Redirect virus

Consultant Bob Eisenhardt recounts his frustrating experience trying to track down and get rid of a client's search-redirect virus. Here's how he finally ditched it.

Posted by Bob Eisenhardt | January 2, 2013, 10:56 AM PST | Latest comment by Jane3344
7

BGP and Internet security: Is it better to be lucky or good?

Does "it's not a problem until it actually happens" apply to Internet security? Michael P. Kassner interviews a networking expert who's wondering about the same thing.

Posted by Michael Kassner | June 10, 2013, 9:11 AM PDT | Latest comment by wdewey@...
105

DropSmack: Using Dropbox to steal files and deliver malware

Michael P. Kassner interviews a digital forensic scientist who uses Dropbox to compromise targeted networks -- something the bad guys probably figured out as well.

Posted by Michael Kassner | April 15, 2013, 7:46 AM PDT | Latest comment by Michael Kassner

10

New Android malware should be wake-up call for security admins

Security firm Kaspersky reported on a new malware threat that it calls the most sophisticated it has seen in targeting Android phones.

Posted by Patrick Lambert | June 12, 2013, 10:29 AM PDT | Latest comment by Michael Kassner
27

The anatomy of a phishing operation

There are far better things than being phished, like writing about how not to get phished. Michael P. Kassner reviews a research paper that provides amazing insight into a successful phishing...

Posted by Michael Kassner | June 3, 2013, 7:04 AM PDT | Latest comment by JCitizen
63

How to spoof a MAC address

MAC address filtering for wireless networking isn't real "security". Anyone who pays any attention to current trends in wireless security at all should know that MAC filtering is less effective...

Posted by Chad Perrin | January 22, 2008, 1:28 PM PST | Latest comment by Doug Vitale
8

Aaron Swartz legacy lives on with New Yorker's Strongbox: How it works

Strongbox was Aaron Swartz's final project. Michael P. Kassner explains why The New Yorker requested a way to keep sources and their information secret.

Posted by Michael Kassner | May 20, 2013, 7:17 AM PDT | Latest comment by tylerpitchford
10

The basics of using a proxy server for privacy and security

Patrick Lambert goes over the basics of how proxy servers work and why they are used to add security and privacy.

Posted by Patrick Lambert | December 5, 2012, 6:30 AM PST | Latest comment by Tony Hopkinson
15

BoxCryptor vs. DropSmack: The battle to secure Dropbox

Can DropSmack malware be stopped? Michael P. Kassner asks the creators of BoxCryptor if it is up to the task of securing the Dropbox file-synchronization service.

Posted by Michael Kassner | April 29, 2013, 10:30 AM PDT | Latest comment by Michael Kassner
11

Virtualizing apps could be the bridge over the BYOD security gap

Allowing BYOD has unfavorable implications for both the company and employees. Michael P. Kassner explores what businesses are doing to mitigate the risk.

Posted by Michael Kassner | May 28, 2013, 6:33 AM PDT | Latest comment by Michael Kassner
6

How to successfully implement the principle of least privilege

Least privilege is a core security principle, but it's one that often meets with resistance by users. Here are tips for how to implement it and get the point across to others.

Posted by Dominic Vogel | May 29, 2013, 9:27 AM PDT | Latest comment by o_p_i
0

DARPA's Plan X and the future of the U.S. cyber defense infrastructure

Plan X sounds like a summer sci-fi movie, but it's actually one of DARPA's latest projects, aimed at improving the nation's defense of critical infrastructure targets.

Posted by Patrick Lambert | June 4, 2013, 5:30 AM PDT
36

Cloud-service contracts and data protection: Unintended consequences

There are things your cloud-service (Facebook, Amazon, Google, Dropbox, etc.) contracts aren't telling you. Michael P. Kassner interviews an attorney concerned about what's not being said.

Posted by Michael Kassner | May 13, 2013, 11:52 AM PDT | Latest comment by Michael Kassner
0

DDoS attack methods and how to prevent or mitigate them

Patrick Lambert covers the various methods attackers use to launch distributed denial of service attacks, and the precautions you can take to prevent or at least, mitigate these types of events.

Posted by Patrick Lambert | October 15, 2012, 11:24 AM PDT
297

Is uncovering digital vulnerabilities doing more harm than good?

A noted virtual-reality technologist and author views "security through obscurity" as the only true way security can exist. Michael P. Kassner looks at what this uniquely divergent viewpoint means.

Posted by Michael Kassner | March 25, 2013, 8:48 AM PDT | Latest comment by mla_ca520@...
64

Dropbox: Convenient? Absolutely, but is it secure?

A potential security lapse and possibly misleading statements are plaguing Dropbox, a hugely popular file-syncing app. What are the issues and is concern justified?

Posted by Michael Kassner | June 13, 2011, 8:03 AM PDT | Latest comment by kprivigyi@...
67

Use PuTTY as a secure proxy on Windows

Last month, I wrote about using OpenSSH as a secure Web proxy on UNIX and Linux systems. This time, I'll show you how to do the same thing on Microsoft Windows using PuTTY -- probably the single...

Posted by Chad Perrin | March 10, 2008, 4:30 PM PDT | Latest comment by abaabaa
89

The FBI locked your computer? Watch out for new spins on ransomware

The FBI locks your computer. Can they do that? Or is it fake? How does one know? Michael Kassner asks an expert for help with the latest forms of ransomware.

Posted by Michael Kassner | November 15, 2012, 7:18 AM PST | Latest comment by JCitizen
74

10 services to turn off in MS Windows XP

As I pointed out on 19 October, in point number four of the article 10 security tips for all general-purposes OSes, an important step in the process of securing your system is to shut down...

Posted by Chad Perrin | November 7, 2007, 10:02 AM PST | Latest comment by JonB2008