Josh Fruhlinger

Josh Fruhlinger is a writer and editor who lives in Los Angeles.

What is a CSO? Understanding the critical chief security officer role

What is a CSO? Understanding the critical chief security officer role

The CSO is the executive responsible for the organization's entire security posture, both physical and cyber, and has the big picture view of the company's operational risk.

What is FedRAMP? How cloud providers get authorized to work with the U.S. government

What is FedRAMP? How cloud providers get authorized to work with the U.S. government

The process for getting the FedRAMP seal of approval is complex, but it can ultimately be lucrative for companies that meet the security requirements.

8 hot cyber security trends (and 4 going cold)

8 hot cyber security trends (and 4 going cold)

What trends do security pros have their eyes on? Their answers run the gamut from tools and technologies to threats, tactics, and training.

Security vs. visibility: Why TLS 1.3 has data center admins worried

Security vs. visibility: Why TLS 1.3 has data center admins worried

A number of data center administrators from large financial, health care and retail corporations have begun to regard the current draft of the 1.3 version of the TLS protocol with increasing alarm. The issue comes down the tussle...

The Mirai botnet explained: How teen scammers and CCTV cameras almost brought down the internet

The Mirai botnet explained: How teen scammers and CCTV cameras almost brought down the internet

Mirai took advantage of insecure IoT devices in a simple but clever way. It scanned big blocks of the internet for open Telnet ports, then attempted to log in default passwords. In this way, it was able to amass a botnet army.

11 tips for prioritizing security spending

11 tips for prioritizing security spending

How to keep things locked down when you can't afford new locks.

10 old-school security principles that (still) rule

10 old-school security principles that (still) rule

Oldies but goodies, these security tips have stood the test of time.

Spectre and Meltdown explained: What they are, how they work, what's at risk

Spectre and Meltdown explained: What they are, how they work, what's at risk

Spectre and Meltdown are the names given to a trio of variations on a vulnerability that affects nearly every computer chip manufactured in the last 20 years. The flaws are so fundamental and widespread that security researchers are...

The buck stops here: 8 security breaches that got someone fired

The buck stops here: 8 security breaches that got someone fired

Some deserved the blame, and some seemed to just be at the wrong place at the wrong time.

Beware these 4 types of IRS scams

Beware these 4 types of IRS scams

From fake IRS phone calls to W-2 phishing. Here's what you need to know about the different types of IRS scams and how to protect yourself.

Information security, 2018: What we have here is a failure to plan

Information security, 2018: What we have here is a failure to plan

Information security increasingly has a place in corporate leadership, but plenty of companies are still failing to make the plans they need to keep up.

Petya ransomware and NotPetya malware: What you need to know now

Petya ransomware and NotPetya malware: What you need to know now

NotPetya superficially resembles the Petya ransomware in several ways, but there are a number of important ways in which it's different, and much more dangerous.

What is SAML, what is it used for and how does it work?

What is SAML, what is it used for and how does it work?

The Security Assertion Markup Language (SAML) standard defines how providers can offer both authentication and authorization services. Here's what you need to know.

What is the Heartbleed bug, how does it work and how was it fixed?

What is the Heartbleed bug, how does it work and how was it fixed?

The mistake that caused the Heartbleed vulnerability can be traced to a single line of code in OpenSSL, an open source code library. Here's how Heartbleed works and how to fix it if you have an unpatched server.

What is Stuxnet, who created it and how does it work?

What is Stuxnet, who created it and how does it work?

Stuxnet is an extremely sophisticated computer worm that exploits multiple previously unknown Windows zero-day vulnerabilities to infect computers and spread. Its purpose was not just to infect PCs but to cause real-world physical...

The 5 biggest ransomware attacks of the last 5 years

The 5 biggest ransomware attacks of the last 5 years

Ransomware isn't new, but the last few years have seen a remarkable uptick in this particularly nasty genre of attack software. The attacks highlighted here show how it has grown from a curiosity and an annoyance to a major crisis.

The dark web goes corporate

The dark web goes corporate

It's just as shady and dangerous as ever, but something has changed in the way the dark web does business, and it will look very familiar to IT buyers.

Inside the rickety, vulnerable systems that run just about every power plant

Inside the rickety, vulnerable systems that run just about every power plant

A security expert's warning: We're using Windows XP for a lot of awfully important things and hoping for the best.

New social media scams: Can you tell friend from foe?

New social media scams: Can you tell friend from foe?

Scams on social networks are nothing new, but they're constantly changing to take advantage of the latest apps, trends and news. As with all social engineering scams, the best defense is a skeptical user.

Teenagers who became hackers

Teenagers who became hackers

There is of course a very long history of young people getting involved in hacking—it's become almost something of a cliché. We'll take a look at the trouble teens have managed to get into online since almost the beginning of "online"...

Load More