-
List open ports and listening services
If you're looking for a way to discover which ports are standing wide open on network machines, read about a powerful cross-platform solution that will do the trick.
-
25,000 co-opted Linux servers spread spam, drop malware and steal credentials
A new report details how 25,000 servers were compromised. The attacks would have failed if more than single-factor login (username/password) had been required.
-
User education drops down ASD strategies to prevent security intrusions
An increase in intrusions using techniques that an educated user would not detect has led Australia's signals intelligence unit to place user education as the 28th most effective strategy for mitigati...
-
How mid-to-large companies can optimize security budgets
These tips will help medium-to-large businesses learn to make the most of their IT security budgets.
-
SMB penny stretching 101: Making the most of your security budget
SMBs can learn how to deal with limited IT security budgets and scarce resources by prioritizing security controls and needs.
-
Droidpak: A sneak attack on Android devices via PC malware
New Android banking malware leverages vulnerable PCs to install itself on Android mobile devices. Learn how to foil this latest exploit.
-
Malicious intent can turn Chrome speech recognition into spying device
A speech recognition expert contends malicious players can turn Google's Chrome web browser into a remote listening device.
-
Researchers describe tool that manipulates RAM, misleads cybercrime investigators
At Shmoocon 2014, Jacob Williams and Alissa Torres described a concept tool that would allow cybercriminals to cover their tracks by altering the contents of a computer's memory.
-
Internet of Things botnet may include TVs and a fridge
Security firm Proofpoint believes they've detected a spam-sending botnet that includes internet-connected televisions and a refrigerator.
-
Fake security messages more believable than real warnings research shows
Cambridge University researchers reveal why people believe malicious, fake security messages and ignore real warnings.
-
Target data breach exposes serious threat of POS malware and botnets
In the wake of Target's massive data breach, Michael Kassner explores the rise of POS malware and botnets.
-
Technology can't stop phishing perhaps common sense can
Despite the warning, phishing attacks are still the favored attack vector of bad guys. It's time to forget technology and rely on good old common sense.
-
Neverquest banking malware more dangerous than Zeus trojan
New Neverquest malware steals bank account logins and lets attackers access accounts through victims' computers.
-
Target data breach: What you should tell non-IT folks right now
Help your friends, family, and coworkers understand the Target security breach, protect their accounts, and stay calm.
-
Android flashlight app tracks users via GPS, FTC says hold on
Buried deep in the Brightest Flashlight Free app's EULA is language that let's the maker collect and resell user location data. An FTC complaint leads to better user notification and deletion of all e...
-
Target data breach exposes serious threat of POS malware and botnets
In the wake of Target's massive data breach, Michael Kassner explores the rise of POS malware and botnets.
-
Be wary of WordPress plugin vulnerabilities
WordPress plugins are highly vulnerable, according to a recent report.
-
Apple Touch ID: Do security advantages outweigh risks?
Tom Olzak examines the security pros and cons associated with Apple's fingerprint authentication technology on the new iPhone 5s.
-
A bridge too far: Assessing the current state of application security
A recent report finds that applying security procedures to application development is severely lacking in many organizations.
-
Gender gap: Why information security needs more women
A new report on infosec spotted significant differences in how men and women prioritize needed skills. Here's why greater diversity in the field matters.
-
Why security metrics aren't helping prevent data loss
Security metrics are supposedly a way for upper management and IT departments to converse intelligently about in-house security programs. Why aren't the metrics working?
-
RiskRater: An IT-security test that no one fails
Three minutes. That's it. Take the RiskRater challenge. You could save yourself, your fellow employees, and family members from a costly Internet oops.
-
Why 'Nothing to Hide' misrepresents online privacy
A legal research professor explains to Michael P. Kassner why we should think long and hard before subscribing to the "Nothing to Hide" defense of surveillance and data-gathering.
-
User education drops down ASD strategies to prevent security intrusions
An increase in intrusions using techniques that an educated user would not detect has led Australia's signals intelligence unit to place user education as the 28th most effective strategy for mitigati...
-
Malwarebytes Anti-Malware Mobile now protects Android devices
Malwarebytes, a malware search and destroy company, has extended their reach. Learn how they intend to protect the mobile-device space.
-
Does using encryption make you a bigger target for the NSA?
Fact: The U. S. government is capturing data from its citizens. Fact: Encrypted data is of more interest to the U.S. government. Michael P. Kassner asks two experts, one legal, one cryptographic, what...
-
Cyberwarfare: Mounting a defense
Both private and public organizations are at risk for cyberwarfare attacks and must take responsibility for network defense. Tom Olzak outlines security best practices.
-
Corporate espionage or fearmongering? The facts about hardware-level backdoors
Spying accusations against Chinese companies like Huawei have resulted in bans by US, UK, and Australian government agencies. Is there any technical merit to these charges?
-
Band of brothers: Vendor partnerships strengthen security for all
Security vendors who band together on solutions instead of persisting in adversarial relationships with one another should be the favored providers for IT departments.
-
AutoCAD malware: Rare but malignant
There's no better way for thieves to steal design secrets than straight from the engineers and designers who create them. CAD software programs are ripe for exploit.