-
List open ports and listening services
If you're looking for a way to discover which ports are standing wide open on network machines, read about a powerful cross-platform solution that will do the trick.
-
25,000 co-opted Linux servers spread spam, drop malware and steal credentials
A new report details how 25,000 servers were compromised. The attacks would have failed if more than single-factor login (username/password) had been required.
-
User education drops down ASD strategies to prevent security intrusions
An increase in intrusions using techniques that an educated user would not detect has led Australia's signals intelligence unit to place user education as the 28th most effective strategy for mitigati...
-
How mid-to-large companies can optimize security budgets
These tips will help medium-to-large businesses learn to make the most of their IT security budgets.
-
![]()
SMB penny stretching 101: Making the most of your security budget
SMBs can learn how to deal with limited IT security budgets and scarce resources by prioritizing security controls and needs.
-
![]()
Droidpak: A sneak attack on Android devices via PC malware
New Android banking malware leverages vulnerable PCs to install itself on Android mobile devices. Learn how to foil this latest exploit.
-
![]()
Malicious intent can turn Chrome speech recognition into spying device
A speech recognition expert contends malicious players can turn Google's Chrome web browser into a remote listening device.
-
![]()
Researchers describe tool that manipulates RAM, misleads cybercrime investigators
At Shmoocon 2014, Jacob Williams and Alissa Torres described a concept tool that would allow cybercriminals to cover their tracks by altering the contents of a computer's memory.
-
![]()
Internet of Things botnet may include TVs and a fridge
Security firm Proofpoint believes they've detected a spam-sending botnet that includes internet-connected televisions and a refrigerator.
-
![]()
Fake security messages more believable than real warnings research shows
Cambridge University researchers reveal why people believe malicious, fake security messages and ignore real warnings.
-
![]()
Target data breach exposes serious threat of POS malware and botnets
In the wake of Target's massive data breach, Michael Kassner explores the rise of POS malware and botnets.
-
![]()
Technology can't stop phishing perhaps common sense can
Despite the warning, phishing attacks are still the favored attack vector of bad guys. It's time to forget technology and rely on good old common sense.
-
![]()
Neverquest banking malware more dangerous than Zeus trojan
New Neverquest malware steals bank account logins and lets attackers access accounts through victims' computers.
-
![]()
Target data breach: What you should tell non-IT folks right now
Help your friends, family, and coworkers understand the Target security breach, protect their accounts, and stay calm.
-
![]()
Android flashlight app tracks users via GPS, FTC says hold on
Buried deep in the Brightest Flashlight Free app's EULA is language that let's the maker collect and resell user location data. An FTC complaint leads to better user notification and deletion of all e...
-
National Computer Forensics Institute: Demystifying cybercrime
Knowing how to handle digital evidence and discovery correctly prevents costly mistakes. A federal facility in Birmingham, Alabama is working hard to improve that situation.
-
What’s better than creating your own DDoS? Renting one
Thanks to the cloud, anyone can now initiate a DDoS attack. Find out how booter services work.
-
UAB takes aim at spammers, phishers, and purveyors of malware
Birmingham, Alabama, is fast becoming a hotspot for digital crime fighting. Together, let's learn what they're doing right.
-
Freedom Hosting and 'torsploit': Troubles on the Onion router
The arrest of the Freedom Hosting CEO has set in motion a crisis for TOR and unleashed a java exploit designed to expose Freedom Hosting users.
-
![]()
Escaping the dragnet of surveillance: What the experts say about encryption
Just-released documents by the Guardian explain how intelligence agencies collude with technology companies to thwart Internet-based encryption protocols.
-
![]()
Continuous security monitoring: Wave of the future
The new wave of continuous security monitoring solutions bring together views of security-related data that are often in different silos throughout the organization.
-
![]()
Breach Detection Systems take aim at targeted persistent attacks
You've just been told to get a Breach Detection System in place. Where do you start? How about a buyer's guide created by an independent test facility?
-
How to successfully implement the principle of least privilege
Least privilege is a core security principle, but it's one that often meets with resistance by users. Here are tips for how to implement it and get the point across to others.
-
Virtualizing apps could be the bridge over the BYOD security gap
Allowing BYOD has unfavorable implications for both the company and employees. Michael P. Kassner explores what businesses are doing to mitigate the risk.
-
The next battlefield: Cyberspace and military readiness
Last week, the Pentagon announced a plan for "operating in cyberspace," clearly marking out a new terrain in the world of national defense. John Joyner breaks down the document and what it means for f...
-
FBI arrests alleged Anonymous members in wide-ranging raids: Are you next?
There's more than one "heat wave" going on in the U.S. right now as the FBI conducts numerous raids targeting the group Anonymous, resulting in over a dozen arrests across the country.
-
Taking cybercrime seriously: Rapidly changing laws could trip up the unwary
Deb Shinder offers a word of caution to those who might not think some types of cybercrime are "serious." Not understanding the tangle of computer-related laws is no defense, and the laws vary widely...
-
Attack of the Apple laptop battery: Vulnerability could be used to install malware
A security researcher has uncovered a potentially serious vulnerability in Apple laptop batteries that could result in altering the firmware, allowing a malicious cracker to plant malware.
-
Scroogle: Adding privacy to Google Search
Google Search is an amazing tool. Even so, to many, it has a dark side. Scroogle may be able to help.
-
Unpatched servers and other insurgents: Antisec vs. Booz Allen Hamilton
Mark Underwood takes a closer look at Antisec's attack on Booz Allen Hamilton. Meanwhile, arrests targeting the so-called hacktivists continue: UK police arrest alleged LulzSec spokesman "Topiary."