Security Most Recent Posts

Corporate-level support pilot fish gets a call from a user who's having trouble logging in to a particular application -- he has just changed his password, but the new one isn't working. But with such a simple process, how could he get it wrong?

User at this government agency calls IT pilot fish, saying that she needs to be able to access a particular website for a project she's doing with another agency. But that isn't as easy as it sounds.

The company where this pilot fish has just upgraded to a new email service, but one sales executive is having trouble -- and not being very technical, he has his wife call IT to ask for help in getting him logged in.

Teachers at this elementary school are getting their own work computers for the first time, and the first task at hand is getting them to create a password -- one they can remember and no one else will guess.

Macs are about to be swamped by a new wave of malware attacks, and are at risk because Apple is "ten years behind Microsoft" when it comes to security, says Eugene Kaspersky, founder and CEO of the security firm Kaspersky. If he's right, the recent Flashback Trojan attack is the shape of things to come

At DEMO Spring 2012, Zimperium planted two Routers, providing three Access points, which so far caused nearly 3,000 smartphones to be owned. Mobile malware is wham bam easy to get if you connect to a Wi-Fi hot spot. Antivirus can't stop it. The makers of Anti, the killer Android app that allowed even the clueless to hack and pwn like a pen tester, are back with emerging security technology zDefender this time to stop mobile malware before your mobile device can be infected.

Former head of the TSA said the TSA is a 'national embarrassment' and has made air travel within the USA an 'unending nightmare.' Kip Hawley suggested that there should be no more banned items. While otherwise discussing 'proactive cyberattacks,' DHS Secretary Janet Napolitano said Hawley's ridicule of the TSA 'bred contempt' among the public.

Anti-virus software used to bog down my old XP machine, and since moving to the Mac I've enjoyed "going naked." The Flashback Trojan has me wondering if it's time to suit up again.

While we wait for more news on the iPhone 5, Apple is working to inoculate the Mac against the latest malware to attack the platform: is this a coming of age for Mac security, or a warning to Mac users to take an active interest in their own security?

Interview with daredevil and doctor, an urban explorer who tested and pwned the physical security of The Shard in London. Just as hackers in the digital realm exploit holes, urban exploration is about exploitation and infiltration. After pointing out security vulnerabilities which need patched, holes that allowed the physical breach, some urbex players are even bold enough to invoice law enforcement.

As a long-time Windows user, I've been subject through the years by taunts from Apple lovers that Macs are invulnerable to attack, unlike PCs with security holes large enough for trucks to drive through. So pardon me while I gloat over the news that more than 600,000 Macs have been infected with a Trojan.

[Update 3: Is the number accurate? Why is this a big deal? What's the botnet doing?] Russian researchers have discovered a botnet of more than 600,000 Macs. Yes, Macs -- you know, those things that don't get malware. Apple (NASDAQ:AAPL) is coming under heavy criticism for its slow response to known vulnerabilities and for perpetuating the myth that OS X is malware-free. In IT Blogwatch, bloggers rush to grab the update. Not to mention: Almost gliding an Airbus into LAX...

Over at the Ethergeek blog last week, Josh Stephens had an interesting piece on the challenges of finding experts with data center expertise. Another trend that I see is the centralization of IT staff to main data centers. Gone are the days of having a dedicated IT person at sites which run a number of local services or applications.

This brings its own problems as it can be cost and time prohibitive travelling to these sites to diagnose and fix problems. The good news is that there are a number of technologies out there that can make this task easier.

A respected email technologist has been quoted in the mainstream media as saying he has a plan to solve spam. Oh really? Sadly, it seems he's just repeating a failed idea...
INSIDER (free registration requested)

read more

Alarmed at new claims of NSA warrantless surveillance of Americans, spying on 'every email, phone call and tweet' in real time, Congress questioned NSA chief General Alexander. He denied it, but other NSA officials say total information awareness is almost upon us.