Roger A. Grimes


Roger A. Grimes is a contributing editor. Roger holds more than 40 computer certifications and has authored ten books on computer security. He has been fighting malware and malicious hackers since 1987, beginning with disassembling early DOS viruses. He specializes in protecting host computers from hackers and malware, and consults to companies from the Fortune 100 to small businesses. A frequent industry speaker and educator, Roger currently works for KnowBe4 as the Data-Driven Defense Evangelist and is the author of Cryptography Apocalypse.

Red alert: HTTPS has been hacked

There's now a tool that exploits a flaw in SSL and TLS. Will the industry respond fast enough?

Massive 'Lurid' APT attack targets dozens of government agencies

Using basic techniques, hackers managed to infiltrate networks of space-related agencies, diplomatic organizations, and more

Certificate hacks: PKI didn't fail us, humans did

After latest attack, GlobalSign stopped issuing SSL certificates. But the real problem is that few pay attention to warnings anyway

Morto worm reveals how bad IT is at passwords

Malware responsible for spike in unauthorized RDP traffic affects Windows PCs and servers globally

Chinese military hacking caught on video? Not so fast

Take it from a security instructor: The Chinese military's instructional video may show training, not hacking

Apple security under attack: The view from Windows

Apple has much to learn about securing an operating system -- and it could learn it from Microsoft

Why McAfee's dire security report rings true

Yet another study concludes that advanced persistent threats have compromised the vast majority of enterprises. When will we do something about it?

Sorry, but the TDL botnet is not 'indestructible'

Malware and alarmism over its proliferation are nothing new -- and the latest boot-sector rootkit will be cured soon enough

Free and easy security scanner for IIS, ASP.Net, SQL, and Windows servers

Defeat hackers by running the Microsoft Web Application Configuration Analyzer with the same security checks that Microsoft uses on its own servers

7 questions about the Mac malware scare

A few answers help clarify what the Mac Defender scareware plague really means for Mac users and administrators

KFSensor: Sweet Windows honeypot

Longtime best-of-breed intrusion detection solution remains feature-rich, easy to use, and actively maintained

Intrusion detection on the cheap: Roll your own honeypot

Back up your network security defenses by turning an old PC into an early-warning system for malware and attacks

Honeyd: The open source honeypot

Honeyd: The open source honeypot

The early leader in intrusion detection honeypots is still around, flexible as ever, but a bit dated.

HoneyPoint: A honeypot for Windows, Linux, or Mac OS X

HoneyPoint Security Server combines multiplatform support, unique features, and limitations

Intrusion detection honeypots simplify network security

Low-cost, low-fuss honeypots are highly effective early-warning systems against external attacks and insider threats; KFSensor, HoneyPoint, and Honeyd offer safety, ease, and flexibility

The InfoWorld expert guide to Windows 7 security

How to configure Microsoft's new Windows operating system to beat malware and keep data secure

The InfoWorld expert guide to Web browser security

Today's Web browsers have different security pros and cons, and none offers a magic bullet against threats. Here's how to keep your Web surfing secure

Thin client computing: Central management, anywhere access

Deployed correctly, Citrix XenApp can deliver on the remote desktop promise

Fighting today's malware

How bad is it? Worse than you think. Here's what the new breed of malware looks like -- and what you can do to stop it

Log management review: ArcSight Logger

ArcSight Logger 4 meets all the requirements of enterprise-grade log management, with plenty of flexibility and options

Load More