Security

Online advertising is so pervasive that most people barely glance at it. Advertising has become part of the Internet landscape. One way that advertisers are hoping to stir interest is to put their advertising on social network sites like Facebook and Twitter. For example, on Twitter, you would see someone you follow post a link. [...]

Sometimes it is difficult not to have some sympathy for the Internet security people. It seems that they have an uphill battle and often the headlines are not encouraging. For example, earlier this month, Gregg Keizer reported “Windows 7 more vulnerable to malware than Vista, says researcher.”* Then there are reports saying that Twitter has [...]

In this RunAs Radio podcast, Richard and I talk to Andy Malone about the challenges of social networking for the enterprise. It’s not enough just to cut your users off from social networking at the company — you need to protect the organization from impersonation. Andy digs into what the logical balance of exposure on [...]

There used to be the belief that if one stays away from “bad” Web sites, then malware is not a problem. That is not true, as a recent example with the New York Times illustrated. The popular news Web site was compromised, and the trusted site was serving up malicious ads:
The malicious ad took over [...]

It is not good enough simply to say that you have a firewall. Not all firewalls are the same. Qualities — and functions — differ.
In very simple terms, you want a firewall that protects your computer in two directions. You want to stop unwanted traffic from reaching your computer. In addition, you want to [...]

There are daily items in the news about identity theft. The obvious consequence is an unexpected financial disaster. However, it can be worse. There can be crimes committed under a stolen identity and warrants issued for the person who has had his/her identity used. And yet, it can be worse.
Identity theft can be a matter [...]

Learn about the scope of the malware problem and strategies that can help you defend against evolving malware threats.
Managing and protecting against endpoint security threats continues to get more difficult for most organizations regardless of their size. Malware of all types are becoming more virulent, their authors are becoming better at getting around current defenses, [...]

Identity theft has been tagged as being the fastest growing crime in America. Your private information is a commodity that some criminals harvest and resell. It is a whole subculture. The people stealing the personal information may not bother with committing the actual identity theft, but there are buyers for your personal information.
One of the [...]

Like any network technology, wireless local area networks (WLANs) need to be protected from security threats.
Though recent developments in IEEE standards have been designed to help ensure privacy for authenticated WLAN users, WLAN clients and enterprise infrastructure can still be vulnerable to a variety of threats that are unique to WLANs.
Get your free white paper, [...]

In this RunAs Radio podcast, Richard and I talk to Dana Epp about DirectAccess.
DirectAccess is Microsoft’s new technology using Windows 7 (Enterprise or Ultimate) and Server 2008 R2 together to create remote connectivity that acts in all respects like you’re still inside the corporate network. DirectAccess has the potential to put client-initiated VPN connection out [...]

There are some things that you want to keep private. It may be financial information, sensitive data like your passwords, proprietary information, or other such confidential material. You simply don’t want friends, colleagues, roommates, family, or repair people to have access to that information. Not only is that information private, but you want to secure [...]

Vulnerabilities in Web applications are now the largest vector of enterprise security attacks.
Stories about exploits that compromise sensitive data frequently mention culprits such as “cross-site scripting,” “SQL injection,” and “buffer overflow.” Vulnerabilities like these fall often outside the traditional expertise of network security managers.
To help you understand how to minimize these risks, Qualys provides this [...]

One of the absurdities that is circulating is that even hackers are suffering in this economy. With the tough economic situation, supposedly hackers are having more competition. This is just one of the theories to explain why there is a steady increase in malware and criminal activity such as phishing and identity theft.
Whether it is [...]

This guide covers seven typical IT security compliance errors and outlines the best practices you can immediately apply to your environment to help your company achieve compliance.
Currently, there is no single standard framework that explicitly defines what your organization must do for compliance. A big challenge for IT security professionals is navigating this ambiguity and [...]

In this RunAs Radio podcast, Richard and I talk to Dana Epp about the free tools he uses to manage his networks. The list of tools include nmap , Microsoft’s Baseline Security Analyzer , Windows Server Update Services , the Application Compatibility Toolkit, and of course the SysInternals tools.
Dana Epp, Scorpion Software’s founder and CEO, [...]

At this time of year, some of our readers who are back to university and colleges have set up new email accounts. Some educational institutions require this in order to broadcast messages to its students. Unfortunately, this is just another avenue that hackers / criminals can use to access the computer. Spam is not only [...]

Learn about Web-based threats, the impact to your business, and the most effective solution to implement.
Web-borne malware is now more common than malware that enters an organization through email. The number of Web sites discovered per day that carry malware increased 400% in 2008. This drastic increase in infected sites can cause serious issues for [...]

Some of our regular readers are students and are starting their new academic year. Whether for academics or for entertainment, these readers will be increasing their downloading and their time online. If you download, share files with friends and classmates or, for that matter, just go online, you need to protect the investment in your [...]

Find out what motivates drive-by attacks of data theft and computer takeovers.
In this free white paper, we explore what actually happens during a drive-by attack, the lures used to perpetrate attacks, the technology behind the attacks, and the use of drive-by download attacks in personal data theft and computer takeovers.
Get your free white paper, Drive-by [...]

Understand the precautions it takes to keep up with the sophisticated nature of email attacks.
More than three years after the infamous declaration from Microsoft’s Bill Gates that “spam will be solved” in 2009, unsolicited junk mail continues to bombard email servers, dumping malicious attachments, phishing lures and spam advertising for fake pharmaceuticals.
Get your free white [...]