Security

Security news, trends, analysis and practical advice

Broken window with band-aid patch

Clever, redefined

Pilot fish is hired at a big company to maintain some Linux servers that definitely have security issues -- plus one user who's not nearly as clever as he thinks he is.


Throwback Thursday: Now he's feeling even LESS secure

This organization's IT security officer leaves and isn't replaced -- and when there's a web-page defacement a year and a half later, it's clear there's a major problem.

patch

Intel releases more Meltdown/Spectre firmware fixes, Microsoft feints an SP3 patch

Intel says it has most -- but not all -- of the buggy Meltdown/Spectre firmware patches in order. While Microsoft announces but doesn’t ship a firmware fix for the Surface Pro 3.

blockchain ecosystem

5 ways blockchain is the new business collaboration tool

While the full potential of blockchain may not be understood by business execs, that's not keeping companies from aggressively exploring how the secure, distributed ledger technology can save time and money.

Time for a wake-up call...

This help-desk call is very ordinary -- along the lines of "please reset my password" -- right up to the point where the user describes how helpful she is about updates.

salted hash thumbnail final
video

Ransomware: Do you pay the ransom? | Salted Hash Ep 19

Robert Gibbons, CTO at Datto, joins host Steve Ragan to talk about why companies pay out ransoms, the role of incident response plans and continuity strategies, and how companies weigh the risks.

Windows security and protection [Windows logo/locks]

Microsoft is distributing security patches through insecure HTTP links

Stefan Kanthak, reporting on the Bugtraq mailing list, shows how Microsoft’s own security patch download links are based on HTTP, not HTTPS

meltdown spectre

Microsoft's free analytics service sniffs out Meltdown, Spectre patch status

Windows Analytics can now scan enterprise PCs running Windows 10, Windows 8.1 and Windows 7 and report on whether they're prepped to fend off attacks based on the Meltdown and Spectre vulnerabilities.

Windows logo with padlocks

February patches bring ominous Outlook fixes and a rebirth of KB 2952664

Two imminent problems with Outlook haven’t been exploited yet, but they’re worrisome. Also, the new-new KB 2952664, in addition to its snooping duties, scans for Meltdown/Spectre protection – but only for those with Azure...

panic keyboard 114439 1280

Mac: What does 'System Scan is Recommended' mean?

If you ever receive the 'System Scan is Recommended' message on your Mac, it's a scam. Here's how to handle it and prevent your system from becoming infected.

Windows security and protection [Windows logo/locks]

Microsoft to cover Windows 7 with advanced threat service

Windows Defender Advanced Threat Protection can detect ongoing attacks on corporate networks, investigate the attack or breach, and provide response recommendations. It will be added to Windows 7 and 8.1 by this summer.

blockchain challenge

Microsoft wants to use blockchain to secure your identity

Microsoft plans to pilot a blockchain-based digital ID platform that would allow users to control access to sensitive online information via an encrypted data hub.

slide 14 chrome logo

Chrome 68 to condemn all unencrypted sites by summer

Google in July will start inserting a 'not secure' label in the address bar of every website that uses HTTP connections between its servers and users.

Broken window with band-aid patch

Get Windows Update locked down in preparation for this month’s problems

If February turns out half as bad as January, you’ll thank your lucky stars if you take a few minutes now and make sure Windows Update is turned off. Temporarily, of course.

salted hash thumbnail final
video

Managing open-source mobile security and privacy for activists worldwide | Salted Hash Ep 18

Nathan Freitas, who heads The Guardian Project, talks with host Steve Ragan and senior writer J.M. Porup about the group's easy-to-use secure apps, open-source software libraries, and customized mobile devices being used around the...

03 emm

Mobile app management is being driven by unmanaged devices

The growth in unmanaged devices owned by employees or contractors is driving adoption of stand-alone mobile application management (MAM) software and services, according to a new report.

bitcoin security vault

Governments eye their own blockchain cryptocurrencies

This year will see the maturation of blockchain, as 2017's pilot projects turn into 2018's real-world implementations in a variety of industries. That includes governments, some of whom are now testing cryptocurrencies as fiat money.

SHEp17
video

Spectre and Meltdown | Salted Hash Ep 17

What is it about the Spectre and Meltdown attacks that scared everyone so much? Host Steve Ragan and J.M. Porup talk through the impact of these hardware flaws.

Linux, macos and Windows security locks up data

Why Linux is better than Windows or macOS for security

Decisions made years ago about which operating system to roll out can affect corporate security today. Of the big three in widespread use, one can credibly be called the most secure.

Load More