Bad business: LinkedIn criminals get connected

We have been down this road before. A popular interactive service passes over a peak on its way to universality and the spammers pile on. Sometimes the service fails — remember network news? Sometimes it recovers — think email. Sometimes, there is a constant battle to keep spam down, as in SMS spam in Japan. LinkedIn is a target...

Read more

RIM's 'long, slow death spiral' is bad news for security

It’s ironic that Research in Motion (RIM), makers of the BlackBerry smartphone and its impressive supporting enterprise architecture, is apparently circling the drain at a time that mobile phone security is moving to the forefront. Until really quite recently, even in IT years (which are like dog years) “Blackberry” and...

Read more

Microsoft patches tame the SSL Beast

Microsoft's January security updates, released today (Patch Tuesday) are mainly a collection of fixes designed to stop the "SSL Beast" attack, which could exploit a weakness in the web encryption protocol to launch man-in-the-middle attacks to decrypt authentication tokens. The attack was demonstrated by two researchers in...

Read more

DigiNotar breach – 2011’s most important attack

DigiNotar was the most important security event of 2011, with profound implications for 2012 and beyond. I know that may be an overly dramatic statement in a year that saw the RSA hack, the Sony PlayStation Network DDoS and breach, and the rise and fall of LulzSec. But those other events were mere escalations of existing threat levels. The RSA...

Read more

Firewall managers lack confidence in their security posture

The majority of firewall managers are concerned their change management practices put their companies at risk, according to a recent survey. How does this happen? Firewalls are generally considered the first line of defense for most networks. A firewall is the first decision point that uses a set of rules to determine whether or not outside...

Read more

More Posts