4 fatal problems with PKI

4 fatal problems with PKI

The Web's security runs on complicated PKI deployments, few of which are implemented correctly, and all of which will soon be at the mercy of Moore's Law

06/30/15

Prepare for the big digital cert swap -- or else

Prepare for the big digital cert swap -- or else

In a year or two, SHA-1 certificates will be rejected across the Internet. Now's the time to plan your migration from SHA-1 to SHA-2 and avoid a crisis

06/23/15

Your ‘offline’ storage may be putting you at risk

Your ‘offline’ storage may be putting you at risk

What some admins consider to be offline resources aren't truly offline; the difference could mean disaster

06/16/15

Behind every major breach, many 'manageable' risks

Behind every major breach, many 'manageable' risks

Don't sweat the small things, the saying goes. But over time, small risks add up, until you end up with a tower ready to topple

06/09/15

Don't fall for the USA 'Freedom' Act

Don't fall for the USA 'Freedom' Act

The mainstream media has celebrated the USA Freedom Act as a victory for civil liberty. It couldn't be further from the truth

06/05/15

Time to address your 100,000 vulnerabilities

Time to address your 100,000 vulnerabilities

You know your security has weak spots, but it's hard to know where to begin -- this might get you on track

06/02/15

How to stop Wi-Fi hackers cold

How to stop Wi-Fi hackers cold

When someone hacked a neighbor's Wi-Fi router to engage in nefarious activities, the only effective defense was to plug a widespread WPS vulnerability

05/26/15

Containers have arrived -- and no one knows how to secure them

Containers have arrived -- and no one knows how to secure them

When you add yet another layer to the stack, you add security complexity, no matter what the proponents of Docker or competing container solutions say

05/19/15

Get real about user security training

Get real about user security training

Do you despair that users will never learn to avoid stupid security mistakes that compromise your organization? Maybe you're not spending enough time and effort on training

05/12/15

We need the Internet police now more than ever

We need the Internet police now more than ever

Beyond the reach of traditional policing, Internet crime calls for a new kind of law enforcement agency

05/05/15

3 ways security risk assessment goes wrong

3 ways security risk assessment goes wrong

Even pro computer security defenders have trouble separating real threats from unlikely ones. Here are three crucial -- and common -- mistakes to avoid

04/28/15

Can you hack an airplane? Brace yourself

Can you hack an airplane? Brace yourself

Suddenly, everyone is worried about malicious hackers breaching networks connected to airplane control systems

04/21/15

Secrets are the enemy of a good security defense

Secrets are the enemy of a good security defense

When you make a mistake, it's natural to want to keep the details quiet. But failing to recount the exact conditions that permitted a hack to occur only ensures a repeat

04/14/15

Fast and effective malware detection -- for free

Fast and effective malware detection -- for free

Everyone discovers software on the Internet that looks like the right tool for a specific job. But is it safe? The Malwr malware detection site can tell you

04/07/15

6 reasons why heat-based attacks won't happen

6 reasons why heat-based attacks won't happen

Oh, those security researchers, always coming up with exotic new ways to penetrate systems -- but the BitWhisper attack on air-gapped systems is especially far-fetched

03/31/15

Hardware exploits may be a sign of threats to come

Hardware exploits may be a sign of threats to come

Hardware exploits like Rowhammer are rare, so companies don't take them seriously, but they should -- because more are looming

03/24/15

Security guru Bruce Schneier: Your privacy is already gone

Security guru Bruce Schneier: Your privacy is already gone

In 'Data and Goliath,' one of the world's foremost security experts piles on the evidence that privacy is dead -- and proposes a detailed plan to restore it

03/17/15

Infected with malware? Check your Windows registry

Infected with malware? Check your Windows registry

Auditing your registry can turn up telltale signs on malware infection. Here's how to monitor the registry keys that matter using Microsoft's Sysinternals Autoruns

03/10/15

New NSA hack raises the specter of BadBIOS

New NSA hack raises the specter of BadBIOS

Conspiracy theories tend to have one trait in common: They can't be proven. That goes for BadBIOS, despite new revelations of sophisticated NSA firmware hacking

03/03/15

How to detect malware infection in 9 easy steps

How to detect malware infection in 9 easy steps

Hey Windows users: Here's now to get the incredible power of 57 antimalware engines with no performance impact on your computer

02/17/15

Load More