Final Hours Remain To Remove Conficker
Whether this worm lives up to some of the hype as the-end-of-the-world-as-we-know-it, or proves to be a minor annoyance -- you're better off getting it off as many systems as possible. These recently updated tools help you to get that done.
Card Based SSD's
With Texas Memory Systems' recent announcement of their RamSan-20 they have joined Fusion-io in the Flash SSD on a card market. What is interesting about these solutions is that they make SSD attractive to a whole new host of users.
Spam Is Making A Comeback, Google Finds
The volume of unwanted messages has been creeping upward at a rate of about 1.2% per day as spammers try to rebuild the infrastructure they lost at McColo.
BorderWare: Dynamic Inspection Tackles Bad Site Explosion
URL filters, however robust, wall off only a small per centage of malware sites and inappropriate content. How do you keep your employees -- and your business -- from being tagged by the larger universe of dangerous sites? Filtering on the fly is BorderWare's solution.
Protecting Against The Politics Of Layer 8
Discussions regarding security metrics appear nearly every other week on at least one of the mailing lists I follow. How do you measure your effectiveness as a security team, and what's the ROI of this security product? The list goes on. What I'd like to see is the number of breaches due to layer 8, specifically the political part of that "layer."
Firms Taking Web App Security (More) Seriously
Anyone in IT, who hasn't been living under a hard drive for the past decade, knows that poor application development processes have littered the Internet and corporate networks alike with trashy code that makes systems too susceptible to attack. Some companies, according to a new survey, are taking quality code more seriously.
You Can't DeDupe IT Administration
Primary Storage Optimization is about putting more data in the same amount of physical space. Server Virtualization is about putting more virtual servers in the same physical space. These are great advances for the data center, but they do little if anything to make the IT staff more efficient and all the cost savings may go right out the window when you have to hire more people.
DIY Forensics & Incident Response Lab
Continuing with the do-it-yourself lab theme, let's turn to the areas of incident response (IR) and forensics, and how they can benefit from an in-house security training lab. The most detrimental attitude I've run into is, "Oh, I've been to training on product X, so I'm prepared." WRONG!
DIY Pentesting Lab
In Friday's Tech Insight, I provided arguments for creating your own internal security lab and some of the benefits to both the business and the IT security professionals. This week, I want to provide more direction on what you'll need depending on your goal and focus of the lab. Today, we'll be looking at suggestions for security teams looking to learn more about and get their hands dirty wit
Hacking The Router Patching Conundrum
Now that recent research proves that exploiting Cisco routers isn't as hard as once thought, the pressure is on for enterprises that don't regularly patch to change their ways -- without upsetting the network infrastructure
Serious, Stealthy, Deadly BIOS Attack
After covering IT security for well more than a decade, few new attacks scare the freckles off of my back. This persistent BIOS attack, as demonstrated by Alfredo Ortega and Anibal Sacco from Core Security Technologies is one of these new attack techniques.
Phishing Gets Automated And We're All Getting Targeted
Phishing expeditions business and personal data are rising to record levels, with fake anti-malware campaigns alone increasing by 225% in the last six months of 2008. Password-stealing Web sites jumped 827% IN 2008. The reason? The phishers are investing in automation.
Lowering Your Security Expectations
The security experts on a panel presented by the Secure Enterprise Network Consortium "painted a gloomy picture of the cybersecurity landscape," according to Federal Computer Week. The reason behind this is supposedly the ever-changing computing environment and threats that make it impossible for the best solutions to stay relevant. Instead, they are "likely to remain piecemeal and temporary."