News and Editorials
Breaking news, editorials and opinion pieces regarding current events in information security
Should the President Have the Power to Shutdown the Internet?
Readers share their opinions on the role of government in protecting the critical infrastructure of the United States and the scope of the authority they should be allowed in managing that protection. Specifically, should the President be granted the authority to shut down the Internet in the interests of national security as a recent bill proposes?
Readers share their opinions on the role of government in protecting the critical infrastructure of the United States and the scope of the authority they should be allowed in managing that protection. Specifically, should the President be granted the authority to shut down the Internet in the interests of national security as a recent bill proposes?
The 2% Business Model
Why is spam and phishing so successful? There are tools to block it from getting to your Inbox to begin with and users, for the most part, seem to understand that you don't buy your little blue pills from an email that calls it 'v1@gra' and that no Nigerian prince is really trying to give you $5 million. It exists because it works. The secret is that it only takes a 2% success rate to make a killing.
Why is spam and phishing so successful? There are tools to block it from getting to your Inbox to begin with and users, for the most part, seem to understand that you don't buy your little blue pills from an email that calls it 'v1@gra' and that no Nigerian prince is really trying to give you $5 million. It exists because it works. The secret is that it only takes a 2% success rate to make a killing.
Cybersecurity Act of 2009
A bill introduced recently in Congress would give the President of the United States the authority to shut down functions of the critical infrastructure, including the Internet itself, in the interests of national security. In the event that there is a cyber attack threatening our nation, should the President be able to shut down the Internet? Is this too much power to grant to the Executive Branch?
A bill introduced recently in Congress would give the President of the United States the authority to shut down functions of the critical infrastructure, including the Internet itself, in the interests of national security. In the event that there is a cyber attack threatening our nation, should the President be able to shut down the Internet? Is this too much power to grant to the Executive Branch?
Surviving Conficker Worm
The Conficker worm received a great deal of attention as April 1st approach. Many predicted 'the sky is falling' end of the world as we know it scenarios, but ultimately nothing really happened. Now that April 1st is done, is the threat from Conficker gone? No. Conficker is still out there. Learn how to determine if your PC is compromised and how to remove Conficker.
The Conficker worm received a great deal of attention as April 1st approach. Many predicted 'the sky is falling' end of the world as we know it scenarios, but ultimately nothing really happened. Now that April 1st is done, is the threat from Conficker gone? No. Conficker is still out there. Learn how to determine if your PC is compromised and how to remove Conficker.
April Fool's Day
April Fool's Day is a day of jokes, pranks, and general frivolity each year. If you don't lock your PC while you're away, you could find yourself the victim of one of these classic PC pranks.
April Fool's Day is a day of jokes, pranks, and general frivolity each year. If you don't lock your PC while you're away, you could find yourself the victim of one of these classic PC pranks.
Security by Obscurity
A discussion of the merits and weaknesses of security by obscurity. Security by obscurity relies on the confidentiality or secretive nature of the existence of a security hole to protect it from being exploited.
A discussion of the merits and weaknesses of security by obscurity. Security by obscurity relies on the confidentiality or secretive nature of the existence of a security hole to protect it from being exploited.
Heartland Systems Data Breach
Heartland Payment Systems, a credit and debit card processing company, revealed this week that their network had been compromised and potentially millions of credit card accounts have been breached. Should consumers care? What should consumers do?
Heartland Payment Systems, a credit and debit card processing company, revealed this week that their network had been compromised and potentially millions of credit card accounts have been breached. Should consumers care? What should consumers do?
Win32/Conficker.B Worm Plagues the Internet
With millions of unpatched computers to victimize, the Win32/Conficker.B (also known as Downadup or W32.Downadup) worm continues to exploit the vulnerability in Microsoft RPC identified in Microsoft Security Bulletin MS08-067 released out-of-cycle as an emergency update in October of 2008.
With millions of unpatched computers to victimize, the Win32/Conficker.B (also known as Downadup or W32.Downadup) worm continues to exploit the vulnerability in Microsoft RPC identified in Microsoft Security Bulletin MS08-067 released out-of-cycle as an emergency update in October of 2008.
Top 10 List: What Will Not Happen in 2009
A satirical Top 10 list illustrating the Top 10 most common information security issues that seem to plague security administrators and organizations each year no matter how many tools or applications are deployed or how much users are educated.
A satirical Top 10 list illustrating the Top 10 most common information security issues that seem to plague security administrators and organizations each year no matter how many tools or applications are deployed or how much users are educated.
National Insecurity
The GAO reports every year that government agencies and interests fail completely at computer and network security. Seven years after 9/11 and $3 Trillion later, why have we not done more to protect the national infrastructure?
The GAO reports every year that government agencies and interests fail completely at computer and network security. Seven years after 9/11 and $3 Trillion later, why have we not done more to protect the national infrastructure?
Mixing Business and Personal Email
Should you mix business and personal email? Are there any reasons for or against it? Are there any rules that govern it? Is it a good idea?
Should you mix business and personal email? Are there any reasons for or against it? Are there any rules that govern it? Is it a good idea?
Don't Let Your Holidays Get Hacked
Malicious hackers are primed to take advantage of the holiday shopping season to steal your identity, and your money, and compromise your computer
Malicious hackers are primed to take advantage of the holiday shopping season to steal your identity, and your money, and compromise your computer
Predators on Social Networks
Social networks are a popular method of meeting and communicating with like-minded persons, but they also pose a risk as predators and perverts stalk users
Social networks are a popular method of meeting and communicating with like-minded persons, but they also pose a risk as predators and perverts stalk users
The Gap Job Applicant Data Stolen
The information of over 800,000 job applicants to clothing retailer The Gap were stolen. The unecnrypted data contains personal information including social security numbers for the applicants.
The information of over 800,000 job applicants to clothing retailer The Gap were stolen. The unecnrypted data contains personal information including social security numbers for the applicants.
Security Issues Persist at TJX
Still recovering from the largest data security breach to date, and working to resolve law suits with consumers, TJX still has security issues. Despite their efforts to enhance and improve security, the TJX web site is vulnerable to a cross-site scripting flaw
Still recovering from the largest data security breach to date, and working to resolve law suits with consumers, TJX still has security issues. Despite their efforts to enhance and improve security, the TJX web site is vulnerable to a cross-site scripting flaw
Serious Vulnerability Found in PDF Files
A security researcher has identified a flaw in PDF files which can be exploited to take complete control of a Windows XP system
A security researcher has identified a flaw in PDF files which can be exploited to take complete control of a Windows XP system