A look at DNS security with a high-level examination of DNSSEC, why DNSSEC is still not globally deployed, and some things you can do to improve DNS transaction integrity until it is.
License security is not the same as software security. In fact, sometimes they are at odds with one another.
Users are increasingly buying laptops and netbooks, attracted by their portability and low prices. The inevitable result is more employees bringing personal laptops into the office, where they are used to access and store corporate data. Here are some ways to mitigate the risks of data breaches.
The need to secure DNS has never been greater. Attacks against DNS cache integrity, including entire zone references, are an easy way for criminals to redirect your unsuspecting users to malicious sites. Current controls are still lacking.
Microsoft released a patch this week for a critical vulnerability. The catch: this vulnerability has been known since 2000, and it’s a bug in a service active on almost every MS Windows system in the world. How safe do you feel?
Chrome has it. IE8 and Firefox 3.1 have it. So what does it mean to forensics investigators? I’m talking about private browsing–the ability to visit sites, conduct research, or participate in illegal/unethical activities without leaving tell-tale signs behind.
Email security is about a lot more than just using a good password on your POP or IMAP server. Perhaps the most important part of email security is ensuring you don’t shoot yourself in the foot.
There is often a personal crisis trigger that causes an already borderline employee to cross the border. Would intervention prevent information compromise or system loss? Can an employee be helped in a way which prevents an incident?
This week’s security events include news that there will be just two updates for Microsoft’s Patch Tuesday this month, of the appearance of an exploit for Adobe Reader spotted in- the-wild, Adobe releasing an update to resolve a ColdFusion vulnerability, and news that security researchers will demonstrate WPA packet injection for the first time.
As our computing environments grow more sophisticated, security suffers. It may be time to simplify, starting with the GUI environment.