Josh Fruhlinger

Josh Fruhlinger is a writer and editor who lives in Los Angeles.

Security vs. visibility: Why TLS 1.3 has data center admins worried

Security vs. visibility: Why TLS 1.3 has data center admins worried

A number of data center administrators from large financial, health care and retail corporations have begun to regard the current draft of the 1.3 version of the TLS protocol with increasing alarm. The issue comes down the tussle...

The Mirai botnet explained: How teen scammers and CCTV cameras almost brought down the internet

The Mirai botnet explained: How teen scammers and CCTV cameras almost brought down the internet

Mirai took advantage of insecure IoT devices in a simple but clever way. It scanned big blocks of the internet for open Telnet ports, then attempted to log in default passwords. In this way, it was able to amass a botnet army.

11 tips for prioritizing security spending

11 tips for prioritizing security spending

How to keep things locked down when you can't afford new locks.

10 old-school security principles that (still) rule

10 old-school security principles that (still) rule

Oldies but goodies, these security tips have stood the test of time.

Spectre and Meltdown explained: What they are, how they work, what's at risk

Spectre and Meltdown explained: What they are, how they work, what's at risk

Spectre and Meltdown are the names given to a trio of variations on a vulnerability that affects nearly every computer chip manufactured in the last 20 years. The flaws are so fundamental and widespread that security researchers are...

The buck stops here: 8 security breaches that got someone fired

The buck stops here: 8 security breaches that got someone fired

Some deserved the blame, and some seemed to just be at the wrong place at the wrong time.

Beware these 4 types of IRS scams

Beware these 4 types of IRS scams

From fake IRS phone calls to W-2 phishing. Here's what you need to know about the different types of IRS scams and how to protect yourself.

Information security, 2018: What we have here is a failure to plan

Information security, 2018: What we have here is a failure to plan

Information security increasingly has a place in corporate leadership, but plenty of companies are still failing to make the plans they need to keep up.

Petya ransomware and NotPetya malware: What you need to know now

Petya ransomware and NotPetya malware: What you need to know now

NotPetya superficially resembles the Petya ransomware in several ways, but there are a number of important ways in which it's different, and much more dangerous.

What is SAML? How it works and how it enables single sign on

What is SAML? How it works and how it enables single sign on

The Security Assertion Markup Language (SAML) standard defines how providers can offer both authentication and authorization services. Here's what you need to know.

What is the Heartbleed bug, how does it work and how was it fixed?

What is the Heartbleed bug, how does it work and how was it fixed?

The mistake that caused the Heartbleed vulnerability can be traced to a single line of code in OpenSSL, an open source code library. Here's how Heartbleed works and how to fix it if you have an unpatched server.

What is Stuxnet, who created it and how does it work?

What is Stuxnet, who created it and how does it work?

Stuxnet is an extremely sophisticated computer worm that exploits multiple previously unknown Windows zero-day vulnerabilities to infect computers and spread. Its purpose was not just to infect PCs but to cause real-world physical...

The dark web goes corporate

The dark web goes corporate

It's just as shady and dangerous as ever, but something has changed in the way the dark web does business, and it will look very familiar to IT buyers.

Inside the rickety, vulnerable systems that run just about every power plant

Inside the rickety, vulnerable systems that run just about every power plant

A security expert's warning: We're using Windows XP for a lot of awfully important things and hoping for the best.

New social media scams: Can you tell friend from foe?

New social media scams: Can you tell friend from foe?

Scams on social networks are nothing new, but they're constantly changing to take advantage of the latest apps, trends and news. As with all social engineering scams, the best defense is a skeptical user.

Teenagers who became hackers

Teenagers who became hackers

There is of course a very long history of young people getting involved in hacking—it's become almost something of a cliché. We'll take a look at the trouble teens have managed to get into online since almost the beginning of "online"...

How to jumpstart your infosec career

How to jumpstart your infosec career

It would sure make things simple if there were one easy and obvious way to get a job or start a successful business in IT security. But it would also cut off a lot of potential career paths. We spoke to a host of different IT security...

Infosec careers: There is no one true path

Infosec careers: There is no one true path

It would sure make things simple if there were one easy and obvious way to get a job or start a successful business in IT security. But it would also cut off a lot of potential career paths. We spoke to a host of different IT security...

The IT equipment you can take into battle

The IT equipment you can take into battle

If you're in IT, you're as familiar with your laptop and your cell phone as a farmer is with his tools. And just like Japanese farmers with their kama, you might find yourself using one of those tools in battle, for offense or...

The security theory and troubling practice behind the TSA's PreCheck security lines

The security theory and troubling practice behind the TSA's PreCheck security lines

What is up with the TSA PreCheck program? Aside from being convenient, how does one get that pass through the security checkpoint? And how do you prove you are not a threat?

Load More