Fahmida Y. Rashid

Contributor

Fahmida Y. Rashid is a freelance writer who wrote for CSO and focused on information security. Before joining CSO, she wrote about networking and security for various technology publications, including InfoWorld, eWeek, PC Magazine, Dark Reading, and CRN. She also spent years as an IT administrator, software developer, and data analyst. "I, for one, welcome our new computer overlords."

How Windows 10 data collection trades privacy for security

How Windows 10 data collection trades privacy for security

Here's what data each telemetry level collects and the price you pay to send the least telemetry to Microsoft

NTP fixes denial-of-service flaws

NTP fixes denial-of-service flaws

Attackers can exploit NTP to generate large volumes of junk traffic for distributed denial-of-service attacks. Update NTP to keep your servers out of the DDoS botnet

10 AWS security blunders and how to avoid them

10 AWS security blunders and how to avoid them

Amazon Web Services is easy to work with -- but can easily compromise your environment with a single mistake

Windows GDI flaw leads to PowerShell attacks

Windows GDI flaw leads to PowerShell attacks

APT group FruityArmor exploited Windows GDI memory handling to break out of browser sandboxes and launch PowerShell in targeted attacks

Stupid encryption mistakes criminals make

Stupid encryption mistakes criminals make

Blown cover: Malware authors show how easy it is to get encryption wrong and, in the process, help security pros crack their code

ISPs mind their MANRS to block DDoS attacks

ISPs mind their MANRS to block DDoS attacks

The Internet Society's MANRS initiative improves Internet security by asking ISPs to clean up their routing rules and check network traffic

A first: ICANN will generate new DNSSec key

A first: ICANN will generate new DNSSec key

The update is a serious and critical undertaking that will ensure greater DNS security

ISC updates critical DoS bug in BIND DNS software

ISC updates critical DoS bug in BIND DNS software

The denial-of-service flaw in BIND can be triggered by specially crafted DNS packages and is capable of knocking critical servers offline

What’s in your code? Why you need a software bill of materials

What’s in your code? Why you need a software bill of materials

When developers and suppliers carefully list the tools used to build an application and what third-party components are included, IT can improve software patching and updates

Lockdown! Harden Windows 10 for maximum security

Lockdown! Harden Windows 10 for maximum security

To make the most of Windows 10's security improvements, you must target the right edition and hardware for your needs

Bossie Awards 2016: The best open source networking and security software

Bossie Awards 2016: The best open source networking and security software

InfoWorld's top picks among open source tools for connecting devices and securing those devices and connections

Tenable brings network visibility into Google Cloud Platform

Tenable brings network visibility into Google Cloud Platform

Tenable SecurityCenter Continuous View gives IT administrators visibility over their applications hosted in Google Cloud Platform

Google patches critical bug on Android Nexus 5X devices

Google patches critical bug on Android Nexus 5X devices

The vulnerability, which Google has patched, could let attackers obtain the password for locked Nexus 5X devices and access device contents

New collision attacks against triple-DES, Blowfish break HTTPS sessions

New collision attacks against triple-DES, Blowfish break HTTPS sessions

Legacy ciphers such as triple-DES and Blowfish are vulnerable to Sweet32 attacks, which let attackers decrypt HTTPS sessions even without the encryption key

Automate, integrate, collaborate: Devops lessons for security

Automate, integrate, collaborate: Devops lessons for security

Devops is transforming application development; the same principles of automation, integration, and collaboration can vastly improve security as well

Keep using password managers -- bugs and all

Keep using password managers -- bugs and all

A furor over bugs in password managers left users in a jam. Self-proclaimed security empress Jessy Irwin clears up the confusion

Respect: Windows 10 security impresses hackers

Respect: Windows 10 security impresses hackers

Windows is a popular attack target for criminals and researchers alike, but Microsoft has done a good job of making it harder to target security flaws in the OS

Want secure code? Give devs the right tools

Want secure code? Give devs the right tools

With the appropriate tools and environments, developers can take the first step forward in safeguarding app security

The advanced security techniques of criminal hackers

The advanced security techniques of criminal hackers

InfoWorld talks with Digital Shadows' Rick Holland about the security tools hackers use to protect themselves while ripping you off

Do developers really care about security?

Do developers really care about security?

InfoWorld talks with GitHub's Jamesha Fisher about the cultural shifts necessary for baking security early into the devops process

Load More