Roger A. Grimes

Columnist

Roger A. Grimes is a contributing editor. Roger holds more than 40 computer certifications and has authored eight books on computer security. He has been fighting malware and malicious hackers since 1987, beginning with disassembling early DOS viruses. He currently runs eight honeypots to track hacker and malware behavior and consults to companies from the Fortune 100 to small businesses. A frequent industry speaker and educator, Roger currently works for Microsoft as a principal security architect.

Infected with malware? Check your Windows registry

Infected with malware? Check your Windows registry

Auditing your registry can turn up telltale signs on malware infection. Here's how to monitor the registry keys that matter using Microsoft's Sysinternals Autoruns.

15 real-world phishing examples — and how to recognize them

15 real-world phishing examples — and how to recognize them

How well do you know these crafty cons?

Malware detection in 9 easy steps

Malware detection in 9 easy steps

Hey Windows users: Here's how to get the incredible power of 67 antivirus engines with no performance impact on your computer

The best mobile VPNs for the enterprise and how to evaluate them

The best mobile VPNs for the enterprise and how to evaluate them

Do cloud-based mobile VPNs work for the enterprise? Many businesses are saying "yes," but you need to choose a moble VPN and how you use it carefully.

The best ethical hacking courses and certifications

The best ethical hacking courses and certifications

Becoming a certified ethical hacker, also called a penetration tester, is a popular goal among information security professionals. Here are your best options for reaching it.

The 10 sneakiest hacker attacks

The 10 sneakiest hacker attacks

Malware capable of sneaking past your defenses is the Holy Grail of the criminal world. Know your enemy. Here are the 10 sneakiest ways hackers breach your stronghold.

The 5 types of cyber attack you're most likely to face

The 5 types of cyber attack you're most likely to face

Don't be distracted by the exploit of the week. Invest your time and money defending against the threats you're apt to confront.

What is OAuth? How the open authorization framework works

What is OAuth? How the open authorization framework works

OAuth allows websites and services to share assets among users. It is widely accepted, but be aware of its vulnerabilities.

IT's 9 biggest security threats

IT's 9 biggest security threats

As this list of the biggest security threats shows, hacking has evolved from a one-person crime of opportunity to an open market of sophisticated malware backed by crime syndicates and money launderers.

The 10 Windows group policy settings you need to get right

The 10 Windows group policy settings you need to get right

Configure these 10 group policy settings carefully, and enjoy better Windows security across the office

12 signs you've been hacked -- and how to fight back

12 signs you've been hacked -- and how to fight back

Redirected internet searches, unexpected installs, rogue mouse pointers: Here's what to do when you've been 0wned.

'Jump boxes' and SAWs improve security, if you set them up right

'Jump boxes' and SAWs improve security, if you set them up right

The concept of a traditional “jump box”, a secure computer that all admins first connect to before launching any administrative task or use as an origination point to connect to other servers, has morphed into an even more...

All you need to know about the move from SHA-1 to SHA-2 encryption

All you need to know about the move from SHA-1 to SHA-2 encryption

The PKI industry recommends that every SHA-1 enabled PKI move to the vastly more secure SHA-2. Here's why and how.

Your secure developer workstation solution is here, finally!

Your secure developer workstation solution is here, finally!

Developer workstations are high-value targets for hackers and often vulnerable. Now you can protect them using concepts borrowed from securing system admin workstations.

The best identity management advice right now

The best identity management advice right now

We've never been closer to getting pervasive, global identities. And with 2FA/MFA, you get all of the benefit with less of the risk.

How computer security pros hack the hackers

How computer security pros hack the hackers

If you want to meet a really smart hacker, talk to a cybersecurity defender. These talented professionals are working every day to make cybercrime harder and less lucrative.

6 reasons chip hacks will become more popular

6 reasons chip hacks will become more popular

Code embedded in hardware has vulnerabilities and it's harder to patch. That will make it a target for hackers.

6 security measures you’ve put off too long

6 security measures you’ve put off too long

The potent WannaCry ransomware is the latest example of a preventable security disaster. Here's how to get your security act in gear fast

Why your security appliance will be hacked

Why your security appliance will be hacked

You'd think a device built to protect your organization would contain supersecure code. Think again

6 signs enterprise security is getting better

6 signs enterprise security is getting better

After decades of fumbling, companies have grown painfully aware of the risks of poor security and are finally taking best security practices and technologies seriously

Load More