The Network Security. Org

If you want to keep up with the latest criminal exploits without having to collect malware yourself, take a look at SRI International’s Cyber-Threat Analytics BotHunter Malware Analysis Web page. Reporting on information and statistics collected from a research honeynet, the BotHunter Malware Analysis page makes daily infection logs from high-interaction honeypots available for anyone [...]

Continue Reading Entry... »

Network-based intrusion-detection systems (IDS) are an integral component of a layered IT security strategy. As October is National Cyber Awareness Month, if your overall security system doesn’t include network-based intrusion detection, now is an excellent time to consider implementing an IDS package. Commercial network-based IDS can often be quite expensive. On the other hand, there [...]

Continue Reading Entry... »

Copper cable has been known as the easily tapped physical transmission medium for years. Conscientious network and security managers either provided tight physical security for cabling or used fiber as an alternative. Many network managers considered fiber relatively safe due to the perceived challenges associated with tapping into an optical cable run. However, fiber is [...]

Continue Reading Entry... »

Hard drives full of confidential data are still turning up on the second-hand market, researchers have reported. Investigations carried out on behalf of BT by the University of Glamorgan in the U.K., Edith Cowan University in Australia, and Longwood University in the U.S., found that 37 percent of drives surveyed had traces of personal data [...]

Continue Reading Entry... »

Bad guys don’t target just big, corporate networks. If you have a Wi-Fi network at home or in a small office, intruders may be after you, such as casual "war drivers" who troll city streets, looking for unprotected wireless networks. (Want to know more? See "Why you need wireless protection.")

Continue Reading Entry... »

Chief security officers have a panoply of tools to protect their companies’ IT and data assets. There’s the hoary firewall, the intrusion-detection system and its intrusion-protection system cousin, and antivirus and antispyware software. Now there’s something new and increasingly important to add to IT’s defensive perimeter: the botwall, which targets those PC zombies controlled by [...]

Continue Reading Entry... »

With the state of Connecticut’s latest debacle relating to the loss of notebook PCs from the state Department of Revenue Services, Gov. M. Jodi Rell has ordered that encryption be implemented on all portable devices. Encryption, however, is not an end-all solution. Encryption is effectively the last bastion of defense against information compromise.

Continue Reading Entry... »

In areas such as CRM software and portals, open source gained a foothold because users were willing to compromise — less could be more, because the price was right. In security, open source rushed in because commercial vendors fell down on the job. As security problems in the enterprise outstripped the capabilities of commercial solutions, [...]

Continue Reading Entry... »

A simple HOWTO for stopping Google from logging your search history. While Google.com is a brilliant search site, and while its proprieters claim to abide by their ‘do no evil’ motto, there is one practice that threatens to expose you to much evil down the track. Google places a cookie on every user’s computer, timed [...]

Continue Reading Entry... »

We recently came across a very interesting suspicious web page. The HTML page of course contained malicious code that linked to the Trojan. However, it was a separate HTML page inside the benign one - the authors of the code went against HTML standards, and put in an extra <html></html> container. What’s surprising is that [...]

Continue Reading Entry... »