Get expert insights into the latest developments in cybersecurity to stay ahead of emerging threats and evolving technologies. Our in-depth analysis covers everything from new attack vectors and vulnerabilities to cutting-edge security solutions and trends.
Even in this day and age, after decades of having the Internet, we are still surprisingly sending and receiving most of our e-mails and information insecurely through the World Wide Web. We’re still using most of the founding protocols and technologies that transfer data in what we call clear-text. When in clear-text, your passwords and…
Protocol analyzers are often used to capture, decode, and evaluate traffic flows and packets for network debugging, troubleshooting, and optimization. But did you know that a protocol analyzer can also be indispensable for security incident investigation? Perhaps the best-known open source protocol analyzer is Wireshark (nee Ethereal), capable of decoding scads of protocols, captured from…
All new Wi-Fi CERTIFIED products support WPA2 (AES-CCMP) security, but that’s not enough to harden a WLAN against attack. Breaches can still be caused by policy, configuration, and coding mistakes, overly-friendly clients, or unauthorized APs. Continuous surveillance and periodic assessments are important to spot (and then patch!) these and other WLAN vulnerabilities. You can’t conduct…
If you carry corporate information on a standard USB flash drive and it gets lost or stolen, the resulting data breach can be catastrophic. That’s why you should carry your data on an encrypted flash drive. In fact, in many cases the use of an encrypted flash drive is required for regulatory compliance or data…
Every e-mail user has experienced phishing first-hand. Phishing refers to fraudulent communications that use social engineering and technical subterfuge to bait victims into disclosing personal identities and credentials. Phishing is big business: Criminals reel in billions from fraudulent financial transactions, executed with phished data. With so much at stake, can you recognize a phish when…
The rush to virtualization has yielded a major vulnerability. According to a study just released by Gartner, the majority of servers being virtualized are less secure than they were when they were separate, physical servers. Virtualization has been used as part of a consolidation strategy to put a multitude of underutilized servers on one physical…
Gone are the early days of Wi-Fi, when CSOs lost sleep over threats like WEP cracking and war driving. 802.11n products have matured to the point where many enterprises are investing in larger, faster WLANs to support mission-critical applications. And yet, pros know that security is never to be taken for granted. Here, we offer…
The usernames and passwords that are used by individuals for financial Web sites are among the most valuable pieces of information that Internet users possess. Yet according to a new study from security firm Trusteer, they’re also not treated by users with the confidentiality and respect they deserve. The company’s twelve-month study surveyed over…
For hackers looking to access passwords, user e-mails, retail transactions, and other private data, one of the most useful tools on the Web is also among the most popular—Google. Armed only with the world’s most popular search engine, and crafty search terms, a Google search can turn up troves of data whose owners are probably…