South Korea’s recent cyber-attacks did not originate from China
South Korea's communications regulator admits falsely identifying an IP address linked to this week's cyber-attacks as Chinese. In fact, the source was one of the S. Korean affected companies :)
View ArticleTrojan targets Macs
There’s a new Trojan in town, and it’s gunning for OS X computers, so if you have any Macs in your organization, be aware of this adware plug-in that’s called Trojan.Yontoo.1. There are several...
View ArticleLock screen vulnerability on Samsung Android phones
If you’re supporting Android phones made by Samsung, either as company-issued handsets or through your BYOD program, you need to know about a vulnerability reported this past week that can be used to...
View ArticleDoD accepts CompTIA’s CASP certification
Here’s good news for those of you who have earned the CompTIA Advanced Security Practioner certification, which the company’s vice president says is the toughest technical exam related to network...
View ArticleWhy you should wipe the drive after a malware infection
Think you’ve completely removed all traces of that malware that infected one of your organization’s computers? Maybe not. Many types of malicious software leave behind small but important configuration...
View ArticleInternet slowdown due to “biggest attack in history”
Our European friends have been experiencing a slowdown in Internet access recently, and there’s a good reason. They’re calling it the “biggest DDoS attack in the history of the Internet” and it started...
View ArticleMicrosoft releases updates to Sysinternals tools
A while back, I did a series here on Windowsecurity.com about how to use some of the great Sysinternals tools developed by Mark Russinovich in tracking down malware. Specifically, I talked about...
View ArticleTargeted Malware: IT pros are getting nervous
According to a recent survey done by Bit9, targeted malware is the top concern of IT/security professionals once again this year. And in fact, a fourth of the respondents said their own organizations...
View ArticleStop before you plug in that USB drive
It’s a natural impulse: You find a USB stick lying around, and the first thing you want to do is find out what’s on it. But too often, those flash drives can contain malware – whether put there...
View ArticleRecent DDoS attacks leverage open DNS resolvers
These types of DDoS attacks will only get worse until the open DNS resolvers around the Internet are closed.
View ArticleWebinar - The Case for Managing ESI in the Cloud
How can you better manage your MS Exchange environment and cut down on storage costs? What are the key benefits of managing MS Exchange in the cloud? What is the business case for managing email in the...
View ArticleEmail: the legal implications
There are many reasons to be concerned about email security. The mail that your employees send can contain company secrets or other confidential business information that could hurt your position in...
View ArticleTop Three Browsers Defeated Again at Pwn2Own
Think the latest version of your favorite web browser is secure? Think again.
View ArticleStore BitLocker Recovery Passwords in a SQL Database
You can store BitLocker recovery passwords on a SQL server instead of in Active Directory.
View ArticleMicrosoft Patching Routine for Modern Apps Causes Concern
Some IT pros are not happy about the new patching routine for Windows 8 Modern UI apps.
View ArticleInternet Society Deploy360 Programme
The deployment of best operational practices and secure routing protocols are key factors that need to be embraced by all Internet operators to achieve a resilient and secure Internet routing...
View ArticleAnalysis of a PlugX variant
Analysis of a Remote Access Tool (RAT) which is usually named PlugX (also known as Gulpix, Korplug).
View ArticlePatch Tuesday update cause problems!
Microsoft recommends customers to uninstall update 2823324, which is provided in Microsoft Security bulletin MS13-036.
View Article10 Golden Rules of Information Security
You'll find plenty of guidance out there for creating an IT security program. In fact, sometimes that's the problem: there's an information overload.
View Article
