Fahmida Y. Rashid

Contributor

Fahmida Y. Rashid is a freelance writer who wrote for CSO and focused on information security. Before joining CSO, she wrote about networking and security for various technology publications, including InfoWorld, eWeek, PC Magazine, Dark Reading, and CRN. She also spent years as an IT administrator, software developer, and data analyst. "I, for one, welcome our new computer overlords."

Mingis on Tech: The language of malware

Mingis on Tech: The language of malware

When it comes to tracking down the bad actors behind malware and ransomware, cybersecurity firms are turning to linguists.

The fault for ransomware attacks lies with the challenges security teams face

The fault for ransomware attacks lies with the challenges security teams face

The realities of managing and protecting IT infrastructures puts IT and security personnel in a no-win situation when attacks like WannaCry or ExPetr occur, so stop blaming them.

5 things you need to know about Stack Clash to secure your shared Linux environment

5 things you need to know about Stack Clash to secure your shared Linux environment

Qualys shows that attackers can locally exploit the privilege escalation vulnerability to gain root access over Linux, Solaris and BSD machines. This is bad news for Unix-based servers, and even more so for multi-tenant environments.

Mobile app developers: Make sure your back end is covered

Mobile app developers: Make sure your back end is covered

Developers need to make sure they are baking security into the application code and protecting how their apps handle data, but as the so-called HospitalGown security issue shows, they also need to know how the back-end servers and...

Patch the Samba bug before a network worm exploits it

Patch the Samba bug before a network worm exploits it

It isn’t at WannaCry-crisis levels yet, but the fact that Samba is so widely used means a network worm can really have a field day exploiting this vulnerability.

The modern guide to staying safe online

The modern guide to staying safe online

Keeping safe and productive online requires smart decision-making and just the right preventive measures to fit the level of risk you can live with.

McAfee: Wave of Shamoon cyberattacks coordinated by a single group

McAfee: Wave of Shamoon cyberattacks coordinated by a single group

The campaigns are bigger and more sophisticated, and they're causing far more damage as the attackers learn new techniques and collaborate with other groups

Don't get bit by zombie cloud data

Don't get bit by zombie cloud data

Data you thought you had deleted from the cloud can come back to haunt you. Get to know your provider’s data deletion policy

Shadow Brokers dump contained Solaris hacking tools

Shadow Brokers dump contained Solaris hacking tools

The tools would let attackers remotely take over any Solaris system around the world

Trust issues: Know the limits of SSL certificates

Trust issues: Know the limits of SSL certificates

All SSL certs are not created equal, and web browsers make matters worse by not clearly showing what security you’re actually getting

Old attack code is new weapon for Russian hackers

Old attack code is new weapon for Russian hackers

Researchers found commonalities between tools used against Solaris 20 years ago and modern-day attacks deployed against Windows PCs

Jenkins users can shore up software security with plugins

Jenkins users can shore up software security with plugins

Safeguard the software you develop from the start with these Jenkins plug-ins and integrations, which automate security testing

Google tries to beat AWS at cloud security

Google tries to beat AWS at cloud security

New tools that protect enterprise applications running on Google Cloud Platform may help take the spotlight away from AWS and Microsoft Azure

How to scrub your private data from 'people finder' sites

How to scrub your private data from 'people finder' sites

The internet has your number—among many other deets. Prevent identity theft and doxxing by erasing yourself from aggregator sites like Spokeo and PeekYou

5 open source security tools too good to ignore

5 open source security tools too good to ignore

Look to these clever open source tools to keep secrets out of source code, identify malicious files, block malicious processes, and keep endpoints safe

Why 2017 will be the worst year ever for security

Why 2017 will be the worst year ever for security

High-profile breaches are the tip of the iceberg. Many have never been detected or disclosed -- and without major infrastructure changes, it'll only get worse

5 signs we're finally getting our act together on security

5 signs we're finally getting our act together on security

Despite all the bad news in information security in 2016, some positive developments may finally shift momentum

Encryption in 2016: Small victories add up

Encryption in 2016: Small victories add up

The move from SHA-1 to SHA-2, a Congressional victory over backdoors, and the rise of encrypted communications are leading us toward a more secure world

Nmap security scanner gets new scripts, performance boosts

Nmap security scanner gets new scripts, performance boosts

Nmap 7.40 has new scripts that give IT administrators improved network mapping and port scanning capabilities

Google open-sources test suite to find crypto bugs

Google open-sources test suite to find crypto bugs

Developers can use Project Wycheproof to test cryptographic algorithms against a library of known attacks to uncover potential weaknesses

Load More