Cybercriminals are always looking for easy ways to break into your network, whether at work or at home. In a talk at this summer's <a href="https://www.defcon.org/html/defcon-19/dc-19-index.html">DefCon 19</a> conference, security researcher Deral Heiland demonstrated various ways to compromise <a href="http://www.pcworld.com/businesscenter/article/217825/cloud_printers_rain_on_security_parade.html">Internet-ready consumer-grade multifunction printers</a>. These include printers that can scan to a file, scan to email, and fax documents, and the vulnerabilities he found are similar across all vendors.
Robert Vamosi |
03 Sep |
Read more
Pakistan's notoriously censorious telecoms authority has reportedly asked the country's ISPs to block commercial VPN connections as a way of stopping militants from communicating in secret.
John E Dunn |
01 Sep |
Read more
Security: You either have it you don't. It's a matter of degrees or, as the experts prefer to think of it, layers. The more varieties of security you have, the better the odds your goods can be protected successfully from intrusion or theft.
Serdar Yegulalp |
31 Aug |
Read more
After being dumped as a trusted SSL certificate authority by <a href="http://www.networkworld.com/subnets/microsoft/">Microsoft</a> and Google browsers, Dutch CA <a href="http://www.networkworld.com/news/2011/083011-google-says-gmail-attack-focused-250231.html">DigiNotar</a> has suspended its sale of certificates.
Tim Greene |
31 Aug |
Read more
I thought we could examine a recent theme in a little more detail this month: the challenges of dealing with the <a href="http://www.csoonline.com/article/681822/just-say-yes-why-banning-consumer-devices-makes-your-organization-less-secure">consumerization of IT devices</a> in the workplace. We recently completed a study, in partnership with Symantec, that looked at the security and compliance risks of a mobile workforce. It affirmed what I've believed for a long time, namely, that there is a consensus that mobile workers pose a great risk and that, for the most part, businesses are not prepared to mitigate that risk.
Bob Bragdon |
31 Aug |
Read more
This vendor-written tech primer has been edited by Network World to eliminate product promotion, but readers should note it will likely favor the submitter's approach.
André Bakken, director of product management at Ipswitch File Transfer |
30 Aug |
Read more
This past week in security news was highlighted by a hacking revelation out of China, bad news for banks, good news for Sony gaming customers and a curious email that might have been at the heart of the big RSA data breach.
Ellen Messmer |
27 Aug |
Read more
Big business and government need to invest in data forensics and skills if they intend on fending off targeted attacks, according to analyst firm Gartner.
Liam Tung |
26 Aug |
Read more
Face-recognition technology and the near-universal adoption of social networking tools by teenagers could have already made future covert police and intelligence operations difficult, if not impossible, according former Australian Federal Police commissioner Mick Keelty.
Stilgherrian |
25 Aug |
Read more
WikiLeaks made public thousands of US diplomatic cables on Wednesday hours after its Californian DNS host was ordered to hand to authorities everything it had on Julian Assange and WikiLeaks.
Liam Tung |
25 Aug |
Read more
The <a href="http://www.networkworld.com/topics/security.html">security</a> company Qualys this week demonstrated how to reverse-engineer a <a href="http://www.networkworld.com/subnets/microsoft/">Microsoft</a> patch in order to launch a denial-of-service attack on <a href="http://www.networkworld.com/topics/windows.html">Windows</a> DNS <a href="http://www.networkworld.com/topics/server.html">Server</a>.
Jon Brodkin |
25 Aug |
Read more
Researchers have publicised probably the most dangerous Android malware examples yet discovered, a Trojan that exploits the GingerBreak root hack (<a href="http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-1823">CVE-2011-1823</a>) in Android 2.3 that gained wide publicity after its discovery in April.
John E Dunn |
24 Aug |
Read more
Ponemon Institute asked 745 information-technology and security managers whether USB drives were important for business use, and if they were secure. What did the survey find?
Ellen Messmer |
24 Aug |
Read more
If there is a simple way to describe the difference between a next-generation firewall and a traditional firewall, it is "more detailed controls." In firewall terms, people talk about "widening the 5-tuple."
Joel Snyder |
22 Aug |
Read more
Palo Alto's new firewall delivered performance 10 times faster than when <a href="http://www.networkworld.com/reviews/2008/081108-test-palo-alto.html">we tested in 2008</a>, and came close to its rated capacity of 20Gbps in firewall-only mode, according to our exclusive Clear Choice testing.
David Newman, Network Test |
22 Aug |
Read more
McAfee’s report on Operation Shady RAT, a five-year hacker attack against a broad swath of industries, is facing renewed criticism, this time from the head of the Kaspersky Lab, Eugene Kaspersky, a man also known as the "Virus Pope."
John P. Mello Jr. |
19 Aug |
Read more
Besides humans that don't change default passwords, the lowest hanging fruit are embedded Linux devices in routers.
Liam Tung |
17 Aug |
Read more
The latest accelerated release for Firefox, version 6.0, arrives this week but what can users expect in advance of the more significant changes promised for version 7.0 later this year? The answer for now is better security.
John E Dunn |
16 Aug |
Read more
Google's US$12.5 billion purchase of Motorola Mobility is being reported primarily in terms of access to patents and difficulty integrating the corporate cultures. But there's also a potential longer-term spin-off. Secure Android smartphones.
Stilgherrian |
16 Aug |
Read more
Recent publicity for online hacking groups such as Anonymous and Lulzsec has seemed to show that nobody is immune from attack on the Internet. Once targeted, it seems that these groups are capable of breaching security systems and retrieving data, including identity information, from the most secure systems.
Robert Layton |
13 Aug |
Read more