security blog

ZDNet Resources

• sort by:
• Relevance
• Date
• Popularity

Welcome (back) Ryan Naraine; Zero Day's line-up revamped

You may have noticed a familiar byline over at our Zero Day security blog--Ryan Naraine. His addition completes a revamped line-up for our security blog. Ryan is now an evangelist for Kaspersky Lab, a security vendor. He joins Nate McFeters and Dancho Danchev, two real-world security researchers...

Tags: Dancho, Dancho Danchev, Larry Dignan, Nate McFeters, Ryan, Security, Security Blog

Blog posts 2008-05-19

Threat hierarchy: experimental hacking

There are five levels of threats. In the next few days I will walk though each of the levels, starting with the lowest level: experimental hacking. (I will be in Reykjavik for most of next week where I assume I will have no trouble getting online but you never...

Tags: Stupid Criminal stories, Security blog, Security, CyberCrime

Blog posts 2007-07-26

Espionage on the rise

Espionage is evidently a growth industry once again. An article in The Australian reports that the number of Russian and Chinese spies in Australia are approaching the level they were at during the Cold War. Australia is trying to build out its counter-espionage capabilities. I wonder if there are any...

Tags: State Sponsored Hacking, Security blog, Security

Blog posts 2007-07-24

$10 million to fight cyber crime

Law makers in Washington introduced a bill Monday called the "Cyber-Security Enhancement Act of 2007". Brian Krebs gives it good coverage. The bill would make additional funds available to the Secret Service, which is responsible for handling credit card theft in addition to their body guard duties, as well...

Tags: CyberCrime, Security blog

Blog posts 2007-05-16

Wow, the security industry is consolidating!

All right Ill be the first to admit it - Websense acquiring a competitor, Surf Control, is indeed industry consolidation. The news broke last week and, as could be expected, it was labeled "security sector consolidation". I am somewhat constrained from commenting on industry matters now that I am not...

Tags: consolidation, Data Security, Richard Stiennon, Security, Security blog, Security Industry News, Websense Inc.

Blog posts 2007-05-02

SiteKey phish demonstrated against BofA

The use of images to assure a user that they are not being phished has started to become common. Yahoo! uses them. And BankofAmerica has been using Passmarks RSA technology in their SiteKey scheme to protect their online banking customers from being phished. The idea is that a cookie...

Tags: Security blog, Bank security

Blog posts 2007-04-12

Spoofing NAC

Remember Stiennons first law of network security? It is: Thou shalt not trust an end point to report its own state. This means that you cannot trust the IP address, MAC address, location, AV signature file version, and configuration information reported by a device. It can be spoofed....

Tags: Security blog, Security, Secure Network Fabric

Blog posts 2007-04-03

Google practices social engineering

I was prepared to be extra skeptical yesterday, April 1. I was waiting for the "Microsoft purchases Department of Homeland Security" announcements. But even with scam sensors turned up to full I fell for the Google Paper hoax. It was beautiful. It even matched a business plan I put...

Tags: Security blog, Security

Blog posts 2007-04-02

Identity theft is not just about criminal kiddies

The perception, thanks to the history of virus writers, that cyber criminals are young hackers holed away in hovels in Romania is not entirely accurate. As a matter of fact that perception is rapidly becoming totally wrong. Did you see this article from last December? "The sophisticated international...

Tags: CyberCrime, Security, Security blog

Blog posts 2007-02-19

Additional Resources

Windows 7's default UAC bypassed by 8 out of 10 malware samples

RE: Windows 7's default UAC bypassed by 8 out of 10 malware samplesyawnWho can I trust *now*....Even Ed Bott said '7' was more secure!The Windows Infect Season is not over yet.. Nothing's changed.... That people even USE Windows these days is quite remarkable.... It must be the power of habit...

Tags: Spyware, adware & malware, Cyberthreats, Viruses and worms, SECURITY, Operating systems, Microsoft Windows, malware, UAC, Microsoft Windows 7

Discussion threads 2009-11-05

Zero-day flaw found in web encryption

A zero-day flaw in the TLS and SSL protocols, which are commonly used to encrypt web pages, has been made public. Security researchers Marsh Ray and Steve Dispensa unveiled the TLS Transport Layer Security flaw on Wednesday, following the disclosure of separate, but similar, security findings. TLS and its...

Tags: Web, Flaw, TLS, SSL, Zero-day Bug, Ssl/Tls, Network Security, Channel Management, Networking, Marketing, zero day, security, encryption, Tom Espiner ZDNet UK

News items 2009-11-05

Droid Preview: iPhone's first real competition has arrived

The MicroSD card is not only expandableIt is hot-swappable. So basically your storage is only limited to how many cards you can afford.Competition is GREAT!I am glad Android is taking off, the future is Linux driven devices/appliances.To the naysayers that Linux distro devices/appliances are a 'niche' I guess Google is...

Tags: Smart phones, Apple iPhone, Droid Preview, phone, card

Discussion threads 2009-11-05

What would make you trust Microsoft?

Flame on!Let me save a couple people the time of posting"Microsoft is the most evil thing on earth and should be destroyed" - Linux Geek, Ole Man, D.T, No More Microsoft Software ...."I trust Microsoft with my life" - Mike Cox, Loverock, ... "They are a company. I trust them...

Tags: SECURITY, Microsoft Corp., extremist, open source, MHD

Discussion threads 2009-11-05

Malwarebytes accuses rival of software theft

Malwarebytes claims IObit stole from its database of malware samples that its software uses to detect malware on customer computers. Malwarebytes is accusing China-based computer security firm IObit of intellectual property theft, but IObit denied the allegations and said there were problems with its malware submission site....

Tags: Software, Malware, Malwarebytes, IObit, Cyberthreats, Tools & Techniques, Viruses And Worms, Security, Management, copyright, Spyware, Adware & Malware, Elinor Mills CNET News

News items 2009-11-03

GOP will present a health care bill

Good startGood work Dana. This blog is not biased to the left (we'll see how you fare in the talkbacks though).There's of course still the question why you put politics on this IT tech site."ZDNet: Tech News, Blogs and White Papers for IT Professionals. Where Technology Means Business: ZDNet delivers...

Tags: Vertical industries, Benefits, HEALTHCARE, Insurance, IT Pros, health care, No., Pelosi, GOP

Discussion threads 2009-11-03

Wondershare PPT2DVD 6.0.2.8 (Windows)

Wondershare PPT2DVD is a reputed tool designed for easily creating high quality DVD movies and videos from PowerPoint presentations by retaining animations, sounds, video clips and even links between slides. Why do you ever want to convert PowerPoint to DVD? Easy sharing PowerPoint is powerful for creating engaging presentations but...

Tags: Microsoft Windows, Microsoft PowerPoint, Wondershare Software, Wondershare PPT2DVD, Sharing PowerPoint, DVD, Consumer Electronics, Microsoft Office, Personal Technology, Home Entertainment, Office Suites, Software

Software downloads 2009-11-03

Making a foundation a real solution to the mySQL mess

Sounds good. Too good?This sounds like a great solution to a problem that is probably costing Oracle, destroying what little credibility Sun has as a brand, while ensuring that every website on the planet virtually retains access to a free, secure and efficient database. If we don't do something, the...

Tags: OPEN SOURCE, Databases, Dana, MySQL, Oracle Corp.

Discussion threads 2009-10-30

SecFocus RSS Reader for iPhone 1.0 (Mobile)

SecFocus RSS Reader for iPhone receives information from a variety of RSS news sources which includes security focus news and vulnerabilities, ISCA labs, SANS, RootSec, Apple, Oracle, Linux, Sun, Ubuntu, Symantec, CERT, and Microsoft. SecFocus RSS Reader for iPhone contains frequently updated information--such as blog information, news headlines, audio, and...

Tags: Apple iPhone, Mobile, Blog, Pivot Studios, Smart Phones, Blogging, Consumer Electronics, Personal Technology, Internet

Software downloads 2009-10-30

What the DoD now says about open source

I could just see a commander in the field ....having to wait for procurement to get a simple map through bids while his troops are getting shot up even though it is publicly available (oh wait, isn't that how the Chinese embassy got accidentally bombed?)Always use the best tool for...

Tags: Linux, UNIX, Operating systems, Cyberthreats, SECURITY, Spyware, adware & malware, U.S. Department of Defense, open source, OpenBSD, attack

Discussion threads 2009-10-28

Amazon launches relational database service: Think MySQL in the cloud

Three reasons this is a bad paradigm...Security, security and...let's see, what was that other thing...oh yeah, security. The comment "enterprise customers are likely to take their time moving sensitive data into Amazon?s RDS effort" should be nominated for the understatement of the year award. What's more likely is...

Tags: Databases, Web servers, Storage, Web site development, RDBMS, Amazon.com Inc., sensitive data, database, MySQL

Discussion threads 2009-10-27