The 5 types of cyber attack you're most likely to face
Don't be distracted by the exploit of the week. Invest your time and money defending against the threats you're apt to confront.
'Jump boxes' and SAWs improve security, if you set them up right
The concept of a traditional “jump box”, a secure computer that all admins first connect to before launching any administrative task or use as an origination point to connect to other servers, has morphed into an even more...
Attention, 'red team' hackers: Stay on target
You hire elite hackers to break your defenses and expose vulnerabilities -- not to be distracted by the pursuit of obscure flaws
4 do's and don'ts for safer holiday computing
It's the season for scams, hacks, and malware attacks. But contrary to what you've heard, you can avoid being a victim pretty easily
To catch a thief: Cyber sleuth edition
Several bizarre coincidences led to the pursuit of a suspected fraudster in a shopping mall. It did not end well
7 keys to better risk assessment
When bad guys penetrate a network, too many defenders worry about what they stole rather than how they broke in. Focus on causes! Here's how
Math to the rescue! Try this novel hacking defense
Can drilling into logs tell you whether you have been -- or are being -- hacked? Yes, if you use advanced math to look for weird variations like Anomaly Detective does
The sorry state of certificate revocation
Certificates need to be revoked for all sorts of reasons, but the process is so slipshod, some propose an entirely new system. Why not just enforce existing rules instead?
Encryption is under siege. Move to SHA-2 now!
Between new NSA pronouncements and poorly protected hard drives, the crypto world has been turned upside down. One certainty: Switch to SHA-2 ASAP
Freedom or security? Most users have chosen
Think about it: App stores are highly restrictive, and now both mobile and desktop OSes employ stores to bar bad apps
The most important security question to ask users
You have several options for improving corporate security, but user education is a crucial measure, and it all comes down to one point
Know your threats before you deploy defenses
Collecting information about how your organization was compromised in the past may not be fun, but without that step, you'll never do security right
The No. 1 problem with computer security
Everyone focuses on the wrong threats. You've undoubtedly been breached already, so the key is to collect data that can help you prevent attackers from succeeding again
American ingenuity: Why the U.S. has the best hackers
The United States is No. 1 at hacking, mainly because we're always pushing the limits of what can be done. The proof? U.S. hackers seldom get caught
Catch attackers even when they don't use malware
Many advanced hackers opt to skip the malware and use common admin tools. To detect those sneaks, monitor your network for unusual activity
How to stop your DNS server from being hijacked
Too many DNS servers enable bad actors to hijack them for DDoS attacks. Here's how to ensure you're not a party to destructive mischief
Bulletproof admin boxes beat the toughest hackers
The best way for hackers to pwn a company is to steal elevated credentials, but Skyport's SkySecure solution sells nearly impenetrable admin boxes
10 years on: 5 big changes to computer security
In the 10 years since Security Adviser debuted, the threats have changed -- as have the defenses, and no one can argue computer security is safer overall
Make stolen data worthless
You can't stop intruders from penetrating your network, but with the right DLP solution, you can encrypt stolen data so it can never be used
Bug-free code: Another computer security lie
The computer security industry has a dirty secret: If an 'independent' code review says a product is totally secure, you aren't hearing the full story
