Discover Network Security News
What's real and what's not in web security
This is the third in a series of interviews with C-level executives responsible for cyber security and privacy in business and government, who also happen to be thought leaders. (Remember, as I mentioned previously, "C-level executive" and "thought leader" are not synonyms.)
Securing Voice over IP
Although a 2011 Educause survey reported that only seven percent of faculty and staff use a voice over IP service, the allure of VoIP is hard for IT organizations in colleges and universities to ignore. The benefits are many. By consolidating voice and data communications, schools can also consolidate their maintenance efforts under IT, reduce phone charges dramatically, and add functionality such as "follow me" or emailed voice messages to enable more efficient communications among faculty, staff, and others.
What You Really Need to Know About Cloud Security
Despite all of the hand wringing over cloud security, major cloud security breaches haven't been grabbing headlines. The past year has seen major breaches, such as the ones that hit Sony and Epsilon, but we haven't heard much of an emphasis about the cloud being a weakness.
Cloud providers need to step up on security, say analysts
Cloud providers ought to provide data security -- that should be obvious. But some providers themselves, along with some security analysts, say they also ought to be doing more, such as educating their customers about best security practices.
Upcoming Firefox click-to-play feature will stop automated plug-in exploits
Mozilla developers are working on a new Firefox feature that will block the automated display of plug-in-based content like Flash videos, Java applets or PDF files, and will protect users from attacks that exploit vulnerabilities in browser plug-ins to install malware on their computers.
ICANN: Privates leaked in top-level domain land grab blunder
ICANN has revealed that it took down its top-level domain application system yesterday after discovering a potentially serious data leakage vulnerability.
Financial services industry sees DDOS attacks triple, says Prolexic
The financial services industry saw nearly triple the number of distributed denial-of-service (DDOS) attacks during the first three months of this year compared to the same period last year, according to a report released Wednesday.
Anonymous targets UK Government sites with DDoS - Update
The hacktivist collective Anonymous are staging a distributed denial of service attack on the UK Government's Home Office, the Prime Minister's Number 10 and the Ministry of Justice web sites. The attacks began on the evening of Saturday 7 April and were claimed as the work of Anonymous in three tweets (1, 2, 3) by @YourAnonNews, the first of which read "TANGO DOWN - https://www.gov.uk/government/organisations/home-office (via @AnonymouSpoon) For your draconian surveillance proposals! Told you to #ExpectUs! #ANONYMOUS #AnonUK".
IBM Says Security Threats Mount Despite More Awareness
Nick Bradley, senior manager for IBM (NYSE: IBM) global security operations, said despite more awareness, computer center managers need to be vigilant against cyberattacks.
How To Secure DNS with DNSCrypt
This open-source software for Mac and Linux does for DNS what SSL does for HTTP: It encrypts DNS traffic to prevent spoofing, snooping, and man-in-the-middle attacks.
Microsoft: Critical worm hole could be exploited within 30 days
Listen up, this one is serious. There is a critical vulnerability in many versions of Windows, which could be exploited to spread a worm automatically between vulnerable computers.
3 key issues for secure virtualization
Virtualization represents a sea change in IT practices. Bound for years by the "one application, one server" rule, IT infrastructure was over capacity, underused and not cost-effective.
How to Catch an Internet Cyber Thief
They're out there, says security researchers: the Chinese hackers attempting to break into U.S. enterprises, and jihadist terrorists that brazenly post videos of sniper killings, while stealing credit-cards to launder money for funding nefarious campaigns in Mideast or Caucasus hot spots.
Why CloudFlare kept LulzSec safe
On June 2nd, 2011, the antisec hacker group known as LulzSec launched a web site. Although they had been an active hacking group for several weeks, the creation of Lulzsecurity.com was their first official web presence other than the Twitter account they had been using.
Google Chrome update fixes high-severity vulnerabilities
Google released a new version of its Chrome browser on Wednesday in order to update the bundled Flash Player plug-in and address serious security vulnerabilities.
Passive Network Fingerprinting; p0f Gets Fresh Rewrite
In the network security world, nmap is the king for fingerprinting systems and services over the network. It can help identify the operating system (OS), type, and version of a network service, and vulnerabilities that might be present.
4 Ways to Prevent Domain Name Hijacking
On the night of Monday, January 23, the hacktivist group UGNazi hijacked Coach.com, the Internet domain name of luxury goods manufacturer Coach. For several hours, fashionistas who wanted to ogle Coach's new Willis handbag on Coach.com or get a deal on its Penelope shoulder bag at Coachfactory.com were redirected to UGNazi's cryptic website.
Cloud activity to explode in 2012
In testing cloud computing services and observing the growth of cloud activities, we've noticed that there are distinct phases that organizations go through in adopting cloud.
Judge bans stolen student sex pics sharing on BitTorrent
Conservative MP Louise Mensch has welcomed a landmark ruling in an internet bullying case as an advance for individual liberty. The case involved an anonymous student, known for the purposes of the case as "AMP", whose photographs were distributed by P2P software after her mobile phone was lost or stolen.