Security

RSS
Find network and information security news, reviews and analysis, covering data protection, privacy, endpoint security, and security management.

  • As It HappensRSS

    Physical penetrations: The art of advanced social engineering

    Posted August 14, 2003 - 1:06 pm

    This older article is still relevant because most of what it covers isn't technical at all. Instead, it goes into "social engineering" - how attackers can gain physical access to your facilities - and thus your networks.

  • As It HappensRSS

    Physical access policy

    Posted August 14, 2003 - 1:02 pm

    Trying to write a policy to dictate physical access rules for your IT assets? You may want to use this policy, from the University of Texas, to guide you. (Policy is in PDF format.)

  • As It HappensRSS

    Security issues and solutions: Physical security and auditing

    Posted August 14, 2003 - 12:59 pm

    This article reviews two ways in which you can better secure your networks. The first is by better protecting access to the physical components of your network, and the second is by careful auditing to determine the nature of any compromises.

  • As It HappensRSS

    Physical computer security tips

    Posted August 14, 2003 - 12:54 pm

    Even if an attacker manages to enter your facilities surreptitiously, he should still run in to inner lines of defense when trying to access your protected data. The following list offers some tips on what you can do to physically protect your network.

  • As It HappensRSS

    Planning physical security strategies

    Posted August 14, 2003 - 12:42 pm

    For too long, physical and IT security were considered different problems - and that meant that computer systems were vulnerable to intruders who gained physical entrance to a facility. But that's starting to change. Read on to find out how the security convergence can help your company.

  • As It HappensRSS

    Protect yourself from physical intrusion

    Posted August 14, 2003 - 12:38 pm

    This research paper goes into a good bit of detail on designing a facility that can resist physical intruders. It describes an ideal situation and also helps you make the best of the facility you're already in. (Paper is in PDF format.)

  • As It HappensRSS

    Physical security audit checklist

    Posted August 14, 2003 - 12:33 pm

    One of the best ways to check the physical security of your network infrastructure is to conduct an audit. This extensive checklist will help you and your staff in formulating your own audit plan.

  • ITwhirledRSS

    At a Boston hospital, lessons learned from Slammer

    Posted August 14, 2003 - 11:27 am

    While organizations around the world scrambled this week to disinfect and patch systems that had been hit by the dangerous new W32.Blaster Internet worm, the CIO of Beth Israel Deaconess Medical Center could sit back and relax. Having been slammed by Slammer in January, the hospital got vigilent about patching.

  • ITwhirledRSS

    Microsoft slip ups may have helped new worm

    Posted August 14, 2003 - 9:02 am

    With the spread of the dangerous new W32/Blaster Windows worm slowing, attention is shifting to Microsoft Corp.'s efforts to help its customers patch vulnerable systems, with some accusing the company of providing inadequate protection and unreliable information about protecting their computers.

  • Protect the wiring closet

    Posted August 13, 2003 - 8:42 pm

    The lowly wiring closet, the backbone of your organization, is probably the last place you think needs protecting. Yet, our penetration tests reveal this couldn't be further from the truth.

  • ITwhirledRSS

    New Blaster worm variant on the loose

    Posted August 13, 2003 - 5:45 pm

    Fewer than two days after it first appeared on the Internet, the W32.Blaster worm already spawned a new variation that is also spreading, according to warnings from antivirus vendors.

  • ITwhirledRSS

    Feared RPC worm starts to spread

    Posted August 12, 2003 - 7:41 am

    Security experts on Monday warned of the first self-propagating virus to take advantage of a widespread vulnerability reported last month in Microsoft Corp.'s Windows operating systems.

  • As It HappensRSS

    Windows worm starts its spread

    Posted August 11, 2003 - 6:29 pm

    A worm called MBlast has been spotted in the wild today, exploiting what many researchers are calling "the most widespread Windows flaw ever." There's a patch available - find out if your system is vulnerable.

  • ITwhirledRSS

    Zone Labs moves to secure instant messaging

    Posted August 11, 2003 - 10:36 am

    Zone Labs Inc. is jumping into the instant messaging (IM) security fray, but unlike most vendors Zone Labs will first target consumers and wants to secure IM on the desktop instead of the server.

  • Internet worms change form, threaten greater havoc

    Posted August 7, 2003 - 10:37 pm

    Faster, smaller and more virulent - that's what we can expect from worms say security consultants at DefCon 2003. One nastie to watch for is a so-called "flash worm" that is designed to spread across the Internet in as little as 15 seconds by splitting itself into ever smaller pieces to infect as many computers as possible.

  • Hacking contest promotes security

    Posted August 7, 2003 - 10:22 pm

    Eight teams pitted against each other test their network defense and hacking skills. Each team must defend its own server and applications while trying to break into the servers of the seven other teams.

  • Internet threat looms as thousands of hackers meet

    Posted August 7, 2003 - 10:16 pm

    Overt illegality is discouraged in lieu of more productive activities at DefCon. Conference sessions were devoted to security of hand-held devices, maintaining privacy on the Internet and things like "mimicry," in which attendees learned how to avoid surveillance by hiding encrypted computer code amid innocent-looking text or pictures.

  • DefCon forum

    Posted August 7, 2003 - 9:57 pm

    This authorized DefCon forum has over 2,000 members, and 1,900 threads and is run by a person named Nulltone. You can see a recap on the latest DefCon conference, and participate in technical and non-technical discussions.

  • As It HappensRSS

    Patient record blunder highlights security dangers

    Posted August 7, 2003 - 1:31 pm

    An estate agent in Great Britain bought what he thought was a new USB memory stick - and found confidential details on the treatment of 13 cancer patients on it. Read on to find out how the tale unwound - and what it tells us about proper security procedures.

  • As It HappensRSS

    Berkeley computers under attack

    Posted August 7, 2003 - 1:25 pm

    The University of California at Berkeley is in the midst of a crippling attack against its computer network. The flaw that attackers are exploiting is a recently discovered Microsoft Windows vulnerability - and even though a patch is available, it appears that many university computers are unpatched. Read on for a cautionary tale on keeping your security up to date.

  • As It HappensRSS

    'Do not spam' lists find customers, skeptics

    Posted August 3, 2003 - 3:00 pm

    With no government-backed "do not spam" list coming anytime soon, private companies are stepping in to offer similar services. But can they deliver on their claims with no government authority to back them up? Read on to find out more.

  • As It HappensRSS

    Report: Hand-held devices easy to hack

    Posted August 3, 2003 - 2:54 pm

    Even the most safety-conscious of computer users often store sensitive data on Palm OS and Pocket PC devices that can be easily misused if those devices are lost or stolen. A recent report outlined just how insecure these devices can be.

  • As It HappensRSS

    Worm masquerades as note from IT staff

    Posted August 1, 2003 - 6:47 pm

    A new mass mailing worm dubbed mimail is infecting corporate computers worldwide. Of particular interest is the worm's social-engineering aspect: it purports to be a message from a mail account administrator, increasing the chances the users will open its malicious payload.

  • As It HappensRSS

    Does full disclosure help or hinder Internet security?

    Posted August 1, 2003 - 12:24 pm

    Can revealing the nature of computer vulnerabilities help make the Internet more secure? Many security researchers believe so; they say that making vulnerabilities public can open the task of fixing those holes to the programming community at large, can help consumers decide which products are safest, and can force the hand of vendors who are dithering on a writing a patch. Many vendors, on the other hand, decry such moves as "information anarchy," and say that security researchers are looking for glory or profit when they release such information. The links here offer a high-level overview of this controversy, which is almost as old as the Internet itself.

  • ITwhirledRSS

    CERT warns of attacks, new holes in Windows

    Posted August 1, 2003 - 11:31 am

    The CERT Coordination Center has received reports of widespread attacks using a recently disclosed security vulnerability and a previously unknown security hole in Microsoft Corp.'s Windows operating system, the center said in an advisory.

Join today!

See more content
Ask a Question