Who’s Minding your Cloud?
Who’s responsible for the security of cloud applications and infrastructure? Is it the cloud provider? The IT department? The end user? The answer is different, depending on who you ask. What does that...
View ArticleTrojan targets Macs
There’s a new Trojan in town, and it’s gunning for OS X computers, so if you have any Macs in your organization, be aware of this adware plug-in that’s called Trojan.Yontoo.1. There are several...
View ArticleLock screen vulnerability on Samsung Android phones
If you’re supporting Android phones made by Samsung, either as company-issued handsets or through your BYOD program, you need to know about a vulnerability reported this past week that can be used to...
View ArticleDoD accepts CompTIA’s CASP certification
Here’s good news for those of you who have earned the CompTIA Advanced Security Practioner certification, which the company’s vice president says is the toughest technical exam related to network...
View ArticleWhy you should wipe the drive after a malware infection
Think you’ve completely removed all traces of that malware that infected one of your organization’s computers? Maybe not. Many types of malicious software leave behind small but important configuration...
View ArticleInternet slowdown due to “biggest attack in history”
Our European friends have been experiencing a slowdown in Internet access recently, and there’s a good reason. They’re calling it the “biggest DDoS attack in the history of the Internet” and it started...
View ArticleMicrosoft releases updates to Sysinternals tools
A while back, I did a series here on Windowsecurity.com about how to use some of the great Sysinternals tools developed by Mark Russinovich in tracking down malware. Specifically, I talked about...
View ArticleTargeted Malware: IT pros are getting nervous
According to a recent survey done by Bit9, targeted malware is the top concern of IT/security professionals once again this year. And in fact, a fourth of the respondents said their own organizations...
View ArticleStop before you plug in that USB drive
It’s a natural impulse: You find a USB stick lying around, and the first thing you want to do is find out what’s on it. But too often, those flash drives can contain malware – whether put there...
View ArticleEmail: the legal implications
There are many reasons to be concerned about email security. The mail that your employees send can contain company secrets or other confidential business information that could hurt your position in...
View ArticleMost Devs don't use a Security Process
According to a study conducted by ComScore and referenced by Microsoft's head of Trustworthy Computing, fewer than half of developers are using a security development process when creating applications.
View ArticleFacebook employees’ laptops compromised
Think your users are too smart to fall victim to malware attacks? Think again. Even in a company like Facebook, where most of the employees are pretty technically astute, a sophisticated zero day...
View ArticleEmail scams may fool users into clicking malicious links
You have undoubtedly educated your users not to click links in email from questionable sources. But what about email from senders they’re used to dealing with? And do they understand that your warnings...
View ArticleIdentity Management in the Age of Hybrid IT
I’ve written a lot about identity and identity management over the past year, and interestingly enough, my husband has lately gotten interested in the same subject and is doing work in that area at...
View ArticleIdentity Infrastructure Capabilities
If you benefitted from the white paper to which I linked in my previous blog post, here’s another that goes well with it. This one delves into the identity infrastructure capabilities that are specific...
View ArticleMaking mobile secure for the enterprise
We all know BYOD is a hot trend and it appears to have momentum; I don’t think that train is going to be stopped anytime soon.
View ArticleCloud Infrastructure Solution documents address security implications for...
Microsoft just recently published a new set of papers in the download center that were designed to provide a reference IT pros can use to design, plan and implement an IaaS (Infrastructure as a...
View ArticleMore zero-day vulnerabilities in Java (So what else is new?)
Java is regularly plagued with security issues and many individuals and organizations have given up and disabled it altogether on their systems’ web browsers rather than take the risks. That’s looking...
View ArticleThe Laws Governing the Cloud
IT today seems to become more regulated by the minute. As organizations move their assets into the cloud, and as providers plan the offering of cloud-based services, it’s imperative to keep abreast of...
View ArticleInstall Linux on Windows 8 PCs
Do you have users in your organization who need to dual boot Linux with Windows 8, or who need to just run Linux on a new PC that came with Windows 8 pre-installed? Some small businesses, especially,...
View Article
