News and Editorials

Someone just stole your phone, little do they know that you've booby trapped it. They are in for a real surprise. Let's explore your smartphone booby trapping options.

We focus on keeping the bad guys out with firewalls, intrusion detection, etc, but what about the bad guy is sitting in the cubicle next to you? Learn about misuse cases and how they can help combat the insider threat.

Readers share their opinions on the role of government in protecting the critical infrastructure of the United States and the scope of the authority they should be allowed in managing that protection. Specifically, should the President be granted the authority to shut down the Internet in the interests of national security as a recent bill proposes?

Are you trying to find something special for the IT security person on your list? Well, you've come to the right place. Check out these gift ideas for IT security geeks.

These treats are called password crackers because people who eat them would probably give you their password just so they could have another one.

Why is spam and phishing so successful? There are tools to block it from getting to your Inbox to begin with and users, for the most part, seem to understand that you don't buy your little blue pills from an email that calls it 'v1@gra' and that no Nigerian prince is really trying to give you $5 million. It exists because it works. The secret is that it only takes a 2% success rate to make a killing.

A bill introduced recently in Congress would give the President of the United States the authority to shut down functions of the critical infrastructure, including the Internet itself, in the interests of national security. In the event that there is a cyber attack threatening our nation, should the President be able to shut down the Internet? Is this too much power to grant to the Executive Branch?

The Conficker worm received a great deal of attention as April 1st approach. Many predicted 'the sky is falling' end of the world as we know it scenarios, but ultimately nothing really happened. Now that April 1st is done, is the threat from Conficker gone? No. Conficker is still out there. Learn how to determine if your PC is compromised and how to remove Conficker.

April Fool's Day is a day of jokes, pranks, and general frivolity each year. If you don't lock your PC while you're away, you could find yourself the victim of one of these classic PC pranks.

A discussion of the merits and weaknesses of security by obscurity. Security by obscurity relies on the confidentiality or secretive nature of the existence of a security hole to protect it from being exploited.

Heartland Payment Systems, a credit and debit card processing company, revealed this week that their network had been compromised and potentially millions of credit card accounts have been breached. Should consumers care? What should consumers do?

With millions of unpatched computers to victimize, the Win32/Conficker.B (also known as Downadup or W32.Downadup) worm continues to exploit the vulnerability in Microsoft RPC identified in Microsoft Security Bulletin MS08-067 released out-of-cycle as an emergency update in October of 2008.

A satirical Top 10 list illustrating the Top 10 most common information security issues that seem to plague security administrators and organizations each year no matter how many tools or applications are deployed or how much users are educated.

The GAO reports every year that government agencies and interests fail completely at computer and network security. Seven years after 9/11 and $3 Trillion later, why have we not done more to protect the national infrastructure?

Should you mix business and personal email? Are there any reasons for or against it? Are there any rules that govern it? Is it a good idea?

Malicious hackers are primed to take advantage of the holiday shopping season to steal your identity, and your money, and compromise your computer

Social networks are a popular method of meeting and communicating with like-minded persons, but they also pose a risk as predators and perverts stalk users

The information of over 800,000 job applicants to clothing retailer The Gap were stolen. The unecnrypted data contains personal information including social security numbers for the applicants.

Still recovering from the largest data security breach to date, and working to resolve law suits with consumers, TJX still has security issues. Despite their efforts to enhance and improve security, the TJX web site is vulnerable to a cross-site scripting flaw

A security researcher has identified a flaw in PDF files which can be exploited to take complete control of a Windows XP system