Security Management - Infoworld http://www.infoworld.com/t/2117 en The Heartbleed OpenSSL flaw is worse than you think http://www.infoworld.com/d/security/the-heartbleed-openssl-flaw-worse-you-think-240231?source=rss_security_management <div id="blog-edit" style="padding: 8px; background: none no-repeat scroll center top #ffffff; position: relative; float: right; width: 243px; height: 192px;"><img src="http://www.infoworld.com/sites/infoworld.com/files/media/image/lock_screen.jpg" alt="Repeat after me: Model your security threats first" width="243" height="182" align="right" /><br /><em><p align="right">Credit: iStockphoto</p></em></div> Security Security Management Security Thu, 10 Apr 2014 12:17:20 +0000 Roger A. Grimes 240231 at http://www.infoworld.com Update: Yahoo email anti-spoofing policy breaks mailing lists http://www.infoworld.com/d/security/update-yahoo-email-anti-spoofing-policy-breaks-mailing-lists-240068?source=rss_security_management <p>In an attempt to block email spoofing attacks on yahoo.com addresses, Yahoo began imposing a stricter email validation policy that unfortunately breaks the usual workflow on legitimate mailing lists.</p> Security Yahoo Email Software Malware Security Management Security Tools Tue, 08 Apr 2014 14:05:15 +0000 admin 240068 at http://www.infoworld.com Repeat after me: Model your security threats first http://www.infoworld.com/d/security/repeat-after-me-model-your-security-threats-first-239951?source=rss_security_management <div id="blog-edit" style="padding: 8px; background: none no-repeat scroll center top #ffffff; position: relative; float: right; width: 243px; height: 192px;"><img src="http://www.infoworld.com/sites/infoworld.com/files/media/image/lock_screen.jpg" alt="Repeat after me: Model your security threats first" width="243" height="182" align="right" /><br /><em><p align="right">Credit: iStockphoto</p> Security Security Management Security Tue, 08 Apr 2014 10:00:00 +0000 Roger A. Grimes 239951 at http://www.infoworld.com Major companies, like Target, often fail to act on malware alerts http://www.infoworld.com/d/security/major-companies-target-often-fail-act-malware-alerts-238402?source=rss_security_management <p>Companies that suffer major data breaches almost always portray themselves as victims of cutting edge attack techniques and tools. The reality, though, is often much more mundane.</p> <p>Case in point: Target, which last year was hit with a <a href="http://www.computerworld.com/s/article/9246074/Target_breach_happened_because_of_a_basic_network_segmentation_error" target="_blank">major data breach</a> that exposed to hackers data on some 40 million credit and debit cards and personal data on another 70 million customers.</p> Security Malware Security Management Fri, 14 Mar 2014 11:15:41 +0000 admin 238402 at http://www.infoworld.com Operation clean sweep: How to disinfect a compromised network http://www.infoworld.com/d/security/operation-clean-sweep-how-disinfect-compromised-network-236398?source=rss_security_management <div id="tw-edit" style="padding: 8px; background: none no-repeat scroll center top #ffffff; position: relative; float: right; width: 243px; height: 182px;"><img src="http://www.infoworld.com/sites/infoworld.com/files/media/image/virus_code_hp.jpg" alt="Operation clean sweep: How to disinfect a compromised network" width="243" height="182" align="right" /></div> <p>You either know your network is compromised or you're unaware your network is compromised. As far as I can determine, that's only a slight exaggeration.</p> Security Anti-virus Malware Security Management Tue, 18 Feb 2014 11:00:00 +0000 Roger A. Grimes 236398 at http://www.infoworld.com The processes and tools behind a true APT campaign http://www.infoworld.com/d/security/the-processes-and-tools-behind-true-apt-campaign-235095?source=rss_security_management <p>APTs are both nightmares and the stuff of legend for business leaders and security managers across the globe. In this series, CSO will examine the processes and tools used by attackers during these types of campaigns, and various mitigating factors.</p> <h3>[<a href="http://www.csoonline.com/article/734110/spear-phishing-paves-road-for-advanced-persistent-threats">Spear phishing paves road for advanced persistent threats</a>]</h3><p>&nbsp;</p> Security Data Loss Prevention Endpoint Protection Network Security Security Management IDG Insider Fri, 31 Jan 2014 11:00:00 +0000 uphan 235095 at http://www.infoworld.com To detect 100 percent of malware, try whitelisting 'lite' http://www.infoworld.com/d/security/detect-100-percent-of-malware-try-whitelisting-lite-232929?source=rss_security_management <div id="tw-edit" style="padding: 8px; background: none no-repeat scroll center top #ffffff; position: relative; float: right; width: 243px; height: 182px;"><img src="http://www.infoworld.com/sites/infoworld.com/files/media/image/virus_code_hp.jpg" alt="To detect 100 percent of malware, try whitelisting 'lite'" width="243" height="182" align="right" /></div> <p>Every antimalware scanner claims to catch 99 to 100 percent of malware. But how can that be true? Security Anti-virus Malware Security Management Security Tue, 31 Dec 2013 11:00:00 +0000 Roger A. Grimes 232929 at http://www.infoworld.com Lucky 2013: Count these 5 security blessings http://www.infoworld.com/d/security/lucky-2013-count-these-5-security-blessings-233003?source=rss_security_management <div id="blog-edit" style="padding: 8px; background: none no-repeat scroll center top #ffffff; position: relative; float: right; width: 243px; height: 192px;"><img src="http://www.infoworld.com/sites/infoworld.com/files/media/image/numbers_1_to_5.jpg" alt="Lucky 2013: Count these 5 security blessings" width="243" height="182" align="right" /><br /><em><p align="right">Credit: iStockphoto</p></em></div> Security Authentication Cyber Crime Encryption Hacking Network Security Security Management Windows Security Security Mon, 23 Dec 2013 11:00:00 +0000 Roger A. Grimes 233003 at http://www.infoworld.com Zero-day exploits: Separating fact from fiction http://www.infoworld.com/d/security/zero-day-exploits-separating-fact-fiction-232378?source=rss_security_management <div id="blog-edit" style="padding: 8px; background: none no-repeat scroll center top #ffffff; position: relative; float: right; width: 243px; height: 182px;"><img src="http://www.infoworld.com/sites/infoworld.com/files/media/image/security_patch_hp.jpg" alt="TITLE" width="243" height="182" align="right" /></div><p>Zero-day exploits strike fear into the heart of computer security pros. An active attack, unrecognized by antimalware software and without a ready vendor patch, is harder to deal with than your run-of-the mill security bug.</p> Security Cyber Crime Malware Security Management Security Tue, 10 Dec 2013 11:00:00 +0000 Roger A. Grimes 232378 at http://www.infoworld.com Why IT execs stick with cloud computing despite NSA snooping scandal http://www.infoworld.com/d/cloud-computing/why-it-execs-stick-cloud-computing-despite-nsa-snooping-scandal-232208?source=rss_security_management <p>Explosive revelations in the past six months about the U.S. government's massive cyber-spying activities have spooked individuals, rankled politicians and enraged privacy watchdogs, but top IT executives aren't panicking -- yet.</p> <p>So far, they are monitoring the issue, getting informed and taking steps to mitigate their risk in various ways. But the alarming reports haven't prompted them to roll back their decisions to host applications and data in the cloud.</p> Cloud Computing Security Edward Snowden Cloud Security IT Management Internet Privacy Security Management Government Fri, 06 Dec 2013 12:59:12 +0000 admin 232208 at http://www.infoworld.com 7 essentials for creating a greenfield environment http://www.infoworld.com/d/security/7-essentials-creating-greenfield-environment-231969?source=rss_security_management <div id="blog-edit" style="padding: 8px; background: none no-repeat scroll center top #ffffff; position: relative; float: right; width: 243px; height: 192px;"><img src="http://www.infoworld.com/sites/infoworld.com/files/media/image/globe_laptops.jpg" alt="7 essentials for creating a greenfield environment" width="243" height="182" align="right" /><br /><em><p align="right">Credit: iStockphoto</p></em></div> Security Network Security Security Management Security Tue, 03 Dec 2013 11:00:00 +0000 Roger A. Grimes 231969 at http://www.infoworld.com Malware: War without end http://www.infoworld.com/d/security/malware-war-without-end-231654?source=rss_security_management <p>Ceaselessly, with no end in sight despite outlays that amount to a tax on doing business, the decades-long <a href="http://www.computerworld.com/s/article/9243010/Adobe_hack_shows_subscription_software_vendors_lucrative_targets">struggle against malware</a> drags on.</p> Security Cyber Crime Hacking Malware Phishing Security Management Tue, 26 Nov 2013 16:59:18 +0000 admin 231654 at http://www.infoworld.com Study: Companies not as secure as they think http://www.infoworld.com/d/security/study-companies-not-secure-they-think-231652?source=rss_security_management <p>CompTIA, the nonprofit association for the IT industry, has a warning for companies: You are likely less prepared then you think for defending against security threats.</p> <p>[<a href="http://www.csoonline.com/article/742878/senior-executives-blamed-for-a-majority-of-undisclosed-security-incidents">Senior executives blamed for a majority of undisclosed security incidents</a>]</p> Security Cloud Security Hacking Malware Security Management Vulnerability Assessment Tue, 26 Nov 2013 15:44:12 +0000 admin 231652 at http://www.infoworld.com The 10 Windows group policy settings you need to get right http://www.infoworld.com/t/security/the-10-windows-group-policy-settings-you-need-get-right-231623?source=rss_security_management <div id="tw-edit" style="padding: 8px; background: none no-repeat scroll center top #ffffff; position: relative; float: right; width: 243px; height: 182px;"><img src="http://www.infoworld.com/sites/infoworld.com/files/media/image/windows_security_hp.jpg" alt="The 10 Windows group policy settings you need to get right" width="243" height="182" align="right" /></div> <p>In the enterprise, one of the most common ways to configure Microsoft Windows computers is with group policy.</p> Security Management Security Tue, 26 Nov 2013 11:00:00 +0000 Roger A. Grimes 231623 at http://www.infoworld.com 'Jump boxes' improve security, if you set them up right http://www.infoworld.com/d/security/jump-boxes-improve-security-if-you-set-them-right-228742?source=rss_security_management <div id="blog-edit" style="padding: 8px; background: none no-repeat scroll center top #ffffff; position: relative; float: right; width: 243px; height: 182px;"><img src="http://www.infoworld.com/sites/infoworld.com/files/media/image/desktops_floating_hp_0.jpg" alt="'Jump boxes' improve security, if you set them up right" width="243" height="182" align="right" /></div><p>With malicious hackers and malware infesting nearly every enterprise network these days, "jump boxes" have become very popular.</p> Security Access Control Authentication Malware Security Management Security Tue, 15 Oct 2013 10:00:00 +0000 Roger A. Grimes 228742 at http://www.infoworld.com The perfect security defense is right under our noses http://www.infoworld.com/d/security/the-perfect-security-defense-right-under-our-noses-225865?source=rss_security_management <div id="blog-edit" style="padding: 8px; background: none no-repeat scroll center top #ffffff; position: relative; float: right; width: 243px; height: 192px;"><img src="http://www.infoworld.com/sites/infoworld.com/files/media/image/laptop_hands.jpg" alt="The perfect security defense is right under our noses" width="243" height="182" align="right" /><br /><em><p align="right">Credit: iStockphoto</p> </em></div> <p>A multitude of computer security defenses simply don't work. And the one we need doesn't exist.</p> Security Security Management Security Tools Security Tue, 03 Sep 2013 10:00:00 +0000 Roger A. Grimes 225865 at http://www.infoworld.com Don't fall prey to ad networks peddling dicey links http://www.infoworld.com/d/security/dont-fall-prey-ad-networks-peddling-dicey-links-225216?source=rss_security_management <div id="blog-edit" style="padding: 8px; background: none no-repeat scroll center top #ffffff; position: relative; float: right; width: 243px; height: 182px;"><img src="http://www.infoworld.com/sites/infoworld.com/files/media/image/Browser_Security_hp.jpg" alt="Don't fall prey to ad networks peddling dicey links" width="243" height="182" align="right" /></div><p>Malicious hackers are now using ad networks to deliver malware to unsuspecting users, most <a href="http://www.infoworld.com/d/mobile-technology/more-android-malware-distributed-through-mobile-ad-networks-224815">recently to Android us</a></p> Security Cyber Crime Malware Security Management Security Tue, 20 Aug 2013 10:00:00 +0000 Roger A. Grimes 225216 at http://www.infoworld.com Those 'invisible' servers could open your network to hackers http://www.infoworld.com/d/data-explosion/those-invisible-servers-could-open-your-network-hackers-224019?source=rss_security_management <p>I've written before about the huge benefits you can reap if you <a href="http://www.infoworld.com/d/data-explosion/when-the-data-center-goes-down-preparing-the-big-one-197158">plan for large sitewide outages</a> by giving yourself access to all the troubleshooting tools you'll need ahead of time. These days, that almost always includes access to a bevy of embedded management interfaces.</p> Data Center Data Explosion Security Access Control Disaster Recovery Hacking Network Security Security Management IDG Insider Mon, 05 Aug 2013 10:00:00 +0000 Matt Prigge 224019 at http://www.infoworld.com The one security technology that actually works http://www.infoworld.com/d/security/the-one-security-technology-actually-works-222763?source=rss_security_management <div id="blog-edit" style="padding: 8px; background: none no-repeat scroll center top #ffffff; position: relative; float: right; width: 243px; height: 182px;"><img src="http://www.infoworld.com/sites/infoworld.com/files/media/image/security_checkmarks_hp.jpg" alt="The one security technology that actually works" width="243" height="182" align="right" /></div><p>To decrease security risk, most companies try to do too much. They have dozens of "top priority" security projects, few of which they ever complete and even fewer that are done well.</p> Security Endpoint Protection Security Management Security Tools Security Tue, 16 Jul 2013 10:00:00 +0000 Roger A. Grimes 222763 at http://www.infoworld.com McAfee offers business endpoint security suites for broader protection http://www.infoworld.com/d/security/mcafee-offers-business-endpoint-security-suites-broader-protection-219566?source=rss_security_management <p>Aiming to better address the security needs of businesses of all sizes that are facing increasingly complex attacks, McAfee has added two endpoint security suites to its product lineup.</p> <p>The suites, announced Tuesday, combine a wide range of McAfee technologies, including rootkit protection, dynamic whitelisting, risk intelligence, real-time security management and mobile device management. Some of these technologies were previously only available as separate products.</p> Security Data Security Endpoint Protection Firewall Malware Patch Management Security Management Wed, 29 May 2013 16:50:44 +0000 admin 219566 at http://www.infoworld.com