IT Security

Security bloggers help keep you up to date on how to protect your network through news, updates, advice, and opinions on how you can stay ahead of hackers.

Latest Posts
Most popular

Michael Kassner // March 19, 2014, 6:59 AM PST

25,000 co-opted Linux servers spread spam, drop malware and steal credentials

A new report details how 25,000 servers were compromised. The attacks would have failed if more than single-factor login (username/password) had been required.

0
Chris Duckett // February 19, 2014, 9:58 PM PST

User education drops down ASD strategies to prevent security intrusions

An increase in intrusions using techniques that an educated user would not detect has led Australia's signals intelligence unit to place user education as the 28th most effective strategy for mitigating a cyber-intrusion.

0
Dominic Vogel // February 7, 2014, 6:26 AM PST

How mid-to-large companies can optimize security budgets

These tips will help medium-to-large businesses learn to make the most of their IT security budgets.

0
Dominic Vogel // February 6, 2014, 7:34 AM PST

SMB penny stretching 101: Making the most of your security budget

SMBs can learn how to deal with limited IT security budgets and scarce resources by prioritizing security controls and needs.

0
Michael Kassner // February 3, 2014, 1:29 PM PST

Droidpak: A sneak attack on Android devices via PC malware

New Android banking malware leverages vulnerable PCs to install itself on Android mobile devices. Learn how to foil this latest exploit.

0
Michael Kassner // January 29, 2014, 11:43 AM PST

Malicious intent can turn Chrome speech recognition into spying device

A speech recognition expert contends malicious players can turn Google's Chrome web browser into a remote listening device.

0
Michael Kassner // January 27, 2014, 12:55 PM PST

Researchers describe tool that manipulates RAM, misleads cybercrime investigators

At Shmoocon 2014, Jacob Williams and Alissa Torres described a concept tool that would allow cybercriminals to cover their tracks by altering the contents of a computer's memory.

0
Michael Kassner // January 21, 2014, 9:44 AM PST

Internet of Things botnet may include TVs and a fridge

Security firm Proofpoint believes they've detected a spam-sending botnet that includes internet-connected televisions and a refrigerator.

0

Michael Kassner // January 14, 2014, 12:53 PM PST

Fake security messages more believable than real warnings research shows

Cambridge University researchers reveal why people believe malicious, fake security messages and ignore real warnings.

0
Michael Kassner // January 9, 2014, 6:49 PM PST

Target data breach exposes serious threat of POS malware and botnets

In the wake of Target's massive data breach, Michael Kassner explores the rise of POS malware and botnets.

0
Michael Kassner // January 5, 2014, 12:24 PM PST

Technology can't stop phishing perhaps common sense can

Despite the warning, phishing attacks are still the favored attack vector of bad guys. It's time to forget technology and rely on good old common sense.

0
Michael Kassner // December 30, 2013, 8:30 AM PST

Neverquest banking malware more dangerous than Zeus trojan

New Neverquest malware steals bank account logins and lets attackers access accounts through victims' computers.

0
Michael Kassner // December 23, 2013, 9:31 AM PST

Target data breach: What you should tell non-IT folks right now

Help your friends, family, and coworkers understand the Target security breach, protect their accounts, and stay calm.

0
Michael Kassner // December 11, 2013, 9:49 PM PST

Android flashlight app tracks users via GPS, FTC says hold on

Buried deep in the Brightest Flashlight Free app's EULA is language that let's the maker collect and resell user location data. An FTC complaint leads to better user notification and deletion of all exiting data.

0
Michael Kassner // December 5, 2013, 10:38 AM PST

AutoCAD malware: Rare but malignant

There's no better way for thieves to steal design secrets than straight from the engineers and designers who create them. CAD software programs are ripe for exploit.

0

1 2 3 4 5 ... 95 Next

Michael Kassner // August 5, 2013, 8:23 AM PST

New strain of ransomware evades detection by AV apps

Learn about a new type of ransomware that has the potential to snare many victims - and it's not even malware.

0
James Sanders // September 12, 2013, 8:00 AM PST

The insecurity of private email services

The Indian government wants to ban the use of Gmail for official use, due in part to leaks about NSA snooping, but the general insecurity of private email services makes this a sound policy.

0
Patrick Lambert // October 18, 2013, 9:00 AM PST

Defense in depth: How phishing emails make it to the inbox

Phishing and spam emails have to defeat a series of barriers to get to the inbox. Are all the defenses in place?

0
Dominic Vogel // February 7, 2014, 6:26 AM PST

How mid-to-large companies can optimize security budgets

These tips will help medium-to-large businesses learn to make the most of their IT security budgets.

0
Michael Kassner // September 23, 2013, 10:23 AM PST

Search engine bias: What search results are telling you (and what they're not)

Search-engine bias affects our perception of what online information is available, is that a good thing or not? Are there risks?

0
Michael Kassner // July 15, 2013, 11:52 AM PST

Android's very real 'Master Key' vulnerability

Android Master Key cryptography ensures applications are not tampered with. Michael P. Kassner interviews researchers who say the crypto process is severely flawed.

0
Patrick Lambert // September 25, 2013, 6:00 AM PST

Researchers create nearly undetectable hardware backdoor

University of Massachusetts researchers have found a way to make hardware backdoors virtually undetectable.

0
Patrick Lambert // May 3, 2013, 2:00 AM PST

New McAfee patent hints at a more walled-off online world

A McAfee patent hints at content filtering at the user level in order to block sites that offer pirated content.

0

Duane Craig // May 6, 2013, 11:00 PM PST

Google's Inactive Account Manager heightens enterprise awareness for securing data

Preventing the commingling of company and personal data means focusing on securing the company data.

0
Michael Kassner // August 26, 2013, 10:54 AM PST

Researchers reverse-engineer the Dropbox client: What it means

There were doubts about being able to reverse engineer heavily-obfuscated applications written in Python. Two researchers have removed all doubt by reverse engineering the immensely popular Dropbox client.

0
Michael Kassner // November 21, 2013, 6:00 AM PST

Encryption for the paranoid: Verifying TrueCrypt source code and binaries

TrueCrypt is open source and verifiable, but until someone actually does the verification, recent events have taught us to be skeptical.

0
Patrick Lambert // July 25, 2013, 7:00 PM PST

Worst IT fail ever? US agency spends millions in useless security

A branch of the U.S. Commerce Department recently trashed perfectly good computers and wasted millions on a bogus malware infection. How did this happen?

0
Patrick Lambert // November 26, 2013, 8:29 AM PST

Social engineering red flags and tips for training users

Social engineering leads to dangerous security lapses and is notoriously difficult to prevent. Make sure your organization's users can spot the most obvious red flags.

0
Michael Kassner // October 14, 2013, 12:04 PM PST

Malcovery Security: The company spammers and phishers hate

When a start-up company helps take down several major online spam and phish operations, it's time to look at what they are doing right.

0
Michael Kassner // June 17, 2013, 12:58 AM PST

Ignoring security advice from the pros: The IT-user disconnect

IT pros and the general population of users have seemingly different agendas when it comes to security. Michael P. Kassner interviews a noted researcher about the psychology of these two groups.

0

1 2 3 4 5 ... 95 Next