Follow this blog:: RSS; Email Alert

IT Security

Selena Frye

TechRepublic Staff

TechRepublic

Contact
Bio

Newest
Hottest

9

U.S. State Department switches to Chrome browser: Is it secure enough for you?

Ian Hardenburgh looks at how Google has shored up security for its Chrome browser. What sets it apart from other browsers?

Posted by Ian Hardenburgh | March 15, 2012, 11:03 AM PDT | Latest comment by Gisabun
0

Hack networks in style with the Transparency Grenade and the Pwn Plug

Patrick Lambert describes two innovative tools that can be used by pen testers -- but also by those with more nefarious plans. Here are two gadgets IT pros should know about.

Posted by Patrick Lambert | March 12, 2012, 9:36 AM PDT
27

Locating cell-phone owners the non-GPS way

Using GPS, a cell phone can be located within a few feet. So why are researchers concerned about locating a cell phone by its association with a specific cell tower?

Posted by Michael Kassner | March 12, 2012, 7:11 AM PDT | Latest comment by Leahhayhoe
0

Infographic: Safe coding

This infographic, courtesy of Veracode, shows a nifty snapshot of top application vulnerabilities, where they're found, and other interesting coding security nuggets.

Posted by Selena Frye | March 9, 2012, 7:47 AM PST

11

LulzSec member 'Sabu' turns on cohorts in FBI sting

LulzSec receives a body blow with the arrest of six individuals, most notably one core member, Hector Monsegur, who is said to have been turned by the FBI into assisting their investigation.

Posted by Selena Frye | March 6, 2012, 12:56 PM PST | Latest comment by micjackz@...
14

Chasing the elusive approval for an IT-security budget

There are always challenges selling upper management on an IT-security solution. Michael Kassner found some help -- risk management analysis. Here's how you can use it to help bolster your argument.

Posted by Michael Kassner | March 5, 2012, 7:20 AM PST | Latest comment by tonys3kur3
1

WikiLeaks publishes millions of Stratfor emails accessed by Anonymous

Patrick Lambert offers an overview of the latest Anonymous exploit -- publishing millions of emails it accessed from a company that has been called a "shadow CIA."

Posted by Patrick Lambert | March 5, 2012, 6:00 AM PST
1

IT security strategies for mitigating web-based risks

Dominic Vogel offers some tips on mitigating web-based threats. What works and what doesn't in the fight against malware?

Posted by Dominic Vogel | March 1, 2012, 6:00 AM PST
2

Cybercrime and the problem of online identity verification

Verifying online identity is an increasingly important consideration as more official business is conducted online. Deb Shinder writes about the related issues of loss of anonymity, privacy, and...

Posted by Deb Shinder | February 29, 2012, 11:56 AM PST | Latest comment by jamesbrown126
69

Online dating services: Risking more than a broken heart

People looking for companionship are trusting online services more than ever. Is that trust misplaced? Michael Kassner looks for the privacy and security gaps in online dating.

Posted by Michael Kassner | February 27, 2012, 7:02 AM PST | Latest comment by JCitizen
26

What to do when your security is breached by someone with a badge

Patrick Lambert looks at some high-profile cases of defendants being forced to give up passwords and encryption keys. What are your options when it happens to you outside of a court of law?

Posted by Patrick Lambert | February 27, 2012, 6:00 AM PST | Latest comment by terry_b
2

Infographic: Social media privacy

This infographic illustrates the general feelings that users have about their online privacy expectations in regards to participating in social media.

Posted by Selena Frye | February 24, 2012, 1:59 PM PST | Latest comment by JJMach
8

How much has cyber-spying changed since 1989? Not as much as you'd think

Bob Eisenhardt looks back at Clifford Stoll's classic cyber-spying true story from 1989 and poses the question, how much has really changed in the world of cyber-espionage? Not that much, as it...

Posted by Bob Eisenhardt | February 22, 2012, 12:40 PM PST | Latest comment by Robiisan
19

You still have domains registered on GoDaddy? Why?

Patrick Lambert discusses the numerous instances of GoDaddy.com turning off domains for questionable reasons and with very little notice. Would you trust GoDaddy with your domain name?

Posted by Patrick Lambert | February 21, 2012, 10:41 AM PST | Latest comment by Renaissance Havanese
8

Google Bouncer: Bad guys may have an app for that

What if malware was designed to pass inspection, then download the bad stuff? It appears "what if" is here and now.

Posted by Michael Kassner | February 20, 2012, 9:31 AM PST | Latest comment by JCitizen
0

Be careful not to incur security debt

Alfonso Barreiro explains the concept of security debt and how you can use this metaphor to raise awareness about security problems that might exist in your own organization.

Posted by Alfonso Barreiro | February 17, 2012, 12:52 PM PST
3

Sandboxing of Adobe Flash coming to Firefox

Patrick Lambert explains why Adobe Flash sandboxing for Firefox will help protect end users.

Posted by Patrick Lambert | February 13, 2012, 12:30 PM PST | Latest comment by mindilator@...
54

Do Not Track Plus: A tool to protect your online privacy

If you're concerned about privacy online, but find anti-tracking software difficult to understand, there's an app for that. Michael Kassner checks out DNT+.

Posted by Michael Kassner | February 13, 2012, 7:53 AM PST | Latest comment by Rilio
2

Infographic: Online payment security

This infographic provides a snapshot of consumer worries about shopping online.

Posted by Selena Frye | February 10, 2012, 9:43 AM PST | Latest comment by 131313ontanez-24472904060645141771750399938085
9

VeriSign repeatedly hacked in 2010

Verisign was repeatedly attacked in 2010 but the extent of what was stolen is unknown, and the company didn't even own up to it until late 2011.

Posted by Kara Reeder | February 7, 2012, 6:39 AM PST | Latest comment by JCitizen

Page 9 of 56

103

DropSmack: Using Dropbox to steal files and deliver malware

Michael P. Kassner interviews a digital forensic scientist who uses Dropbox to compromise targeted networks -- something the bad guys probably figured out as well.

Posted by Michael Kassner | April 15, 2013, 7:46 AM PDT | Latest comment by Michael Kassner
2

List open ports and listening services

You should turn off any services you don't actually need so that they will not become avenues of attack for security threats. Different systems will have different services running by default,...

Posted by Chad Perrin | April 15, 2008, 8:47 PM PDT | Latest comment by jackhard
151

Hackers: From innocent curiosity to illegal activity

Researchers asked why talented youth skilled in "computerese" evolve into criminal hackers. Michael P. Kassner explains their unexpected results.

Posted by Michael Kassner | May 6, 2013, 7:59 AM PDT | Latest comment by mattohare@...
36

Battling the Google Redirect virus

Consultant Bob Eisenhardt recounts his frustrating experience trying to track down and get rid of a client's search-redirect virus. Here's how he finally ditched it.

Posted by Bob Eisenhardt | January 2, 2013, 10:56 AM PST | Latest comment by Jane3344

36

Understanding what motivates Chinese hackers

Michael P. Kassner, with the help of a noted academic and author, looks at what motivates Chinese hackers. It may not be what you think.

Posted by Michael Kassner | April 22, 2013, 10:16 AM PDT | Latest comment by HAL 9000
15

BoxCryptor vs. DropSmack: The battle to secure Dropbox

Can DropSmack malware be stopped? Michael P. Kassner asks the creators of BoxCryptor if it is up to the task of securing the Dropbox file-synchronization service.

Posted by Michael Kassner | April 29, 2013, 10:30 AM PDT | Latest comment by Michael Kassner
63

How to spoof a MAC address

MAC address filtering for wireless networking isn't real "security". Anyone who pays any attention to current trends in wireless security at all should know that MAC filtering is less effective...

Posted by Chad Perrin | January 22, 2008, 1:28 PM PST | Latest comment by Doug Vitale
35

Cloud-service contracts and data protection: Unintended consequences

There are things your cloud-service (Facebook, Amazon, Google, Dropbox, etc.) contracts aren't telling you. Michael P. Kassner interviews an attorney concerned about what's not being said.

Posted by Michael Kassner | May 13, 2013, 11:52 AM PDT | Latest comment by clipperbird
3

Running the gauntlet: Tips for achieving your CISSP

One of the most highly regarded security certifications is the CISSP. Dominic Vogel offers these nine tips for becoming certified based on his own experience.

Posted by Dominic Vogel | April 23, 2013, 5:30 AM PDT | Latest comment by JCitizen
10

The basics of using a proxy server for privacy and security

Patrick Lambert goes over the basics of how proxy servers work and why they are used to add security and privacy.

Posted by Patrick Lambert | December 5, 2012, 6:30 AM PST | Latest comment by Tony Hopkinson
0

DDoS attack methods and how to prevent or mitigate them

Patrick Lambert covers the various methods attackers use to launch distributed denial of service attacks, and the precautions you can take to prevent or at least, mitigate these types of events.

Posted by Patrick Lambert | October 15, 2012, 11:24 AM PDT
21

Software-Defined Networking: How it affects network security

SDN technology is set to rewrite the book of networking. Michael P. Kassner looks into how SDN will improve security, and where it's vulnerable.

Posted by Michael Kassner | April 8, 2013, 7:13 AM PDT | Latest comment by Michael Kassner
64

Dropbox: Convenient? Absolutely, but is it secure?

A potential security lapse and possibly misleading statements are plaguing Dropbox, a hugely popular file-syncing app. What are the issues and is concern justified?

Posted by Michael Kassner | June 13, 2011, 8:03 AM PDT | Latest comment by kprivigyi@...
67

Use PuTTY as a secure proxy on Windows

Last month, I wrote about using OpenSSH as a secure Web proxy on UNIX and Linux systems. This time, I'll show you how to do the same thing on Microsoft Windows using PuTTY -- probably the single...

Posted by Chad Perrin | March 10, 2008, 4:30 PM PDT | Latest comment by abaabaa
101

Hacker vs. cracker

The word "hacker" gets used in a pejorative sense by journalists an awful lot. Some people think this is perfectly reasonable; others find it offensive, and recommend an alternative term for that...

Posted by Chad Perrin | April 17, 2009, 1:20 PM PDT | Latest comment by wizard57m-cnet
5

The future of IT security compliance: 201 CMR 17.00

Why should you be concerned about a security rule that is part of the State law of Massachusetts -- especially if you aren't in business there? Donovan Colbert explains how compliance regulations...

Posted by Donovan Colbert | April 30, 2013, 6:00 AM PDT | Latest comment by dcolbert@...
9

New McAfee patent hints at a more walled-off online world

A McAfee patent hints at content filtering at the user level in order to block sites that offer pirated content.

Posted by Patrick Lambert | May 3, 2013, 9:00 AM PDT | Latest comment by public_domain
74

10 services to turn off in MS Windows XP

As I pointed out on 19 October, in point number four of the article 10 security tips for all general-purposes OSes, an important step in the process of securing your system is to shut down...

Posted by Chad Perrin | November 7, 2007, 10:02 AM PST | Latest comment by JonB2008
89

The FBI locked your computer? Watch out for new spins on ransomware

The FBI locks your computer. Can they do that? Or is it fake? How does one know? Michael Kassner asks an expert for help with the latest forms of ransomware.

Posted by Michael Kassner | November 15, 2012, 7:18 AM PST | Latest comment by JCitizen
11

The CIA Triad

The CIA Triad is a venerable, well-known model for security policy development, used to identify problem areas and necessary solutions for information security. Read on for an introduction to the...

Posted by Chad Perrin | June 30, 2008, 3:13 PM PDT | Latest comment by white house