According to a post today on ZDnet, a team of researchers from Trend Micro revealed, at the RSA conference in San Francisco, that there are more than 178 million IoT devices visible to the Internet in the ten largest U.S....
Compelled Certificate Creation Attacks
Last October, we published a three-part series on SSL certificates: what they are, how they work, and how they’re used to secure transactions over the Web. You’ll find the series listed in our “Security” category. For most of us, this...
Understanding Microsoft Virtualization Rights
So, grasshopper, you have decided to take the plunge and virtualize your server infrastructure. Someone explained the business benefits of virtualization, you decided that it made sense, and that it’s time to make the move. But do you know how...
SSL and Certificates – Part 3 of 3
Part 1 and Part 2 of this series covered the basic cryptographic concepts behind SSL certificates, and looked at how an SSL certificate is constructed and how it is validated. This installment will discuss what different kinds of certificates exist,...
SSL and Certificates – Part 2 of 3
In Part 1, we discussed basic cryptography, and worked our way up to symmetrical encryption systems such as AES, which accepts key lengths as long as 256 bits. We also discussed why key length was important to a cryptosystem, and...
SSL and Certificates – Part 1 of 3
There has been a lot of confusion regarding what SSL certificates are all about – what they are, what they do, how you use them to secure a Web site, what the “gotchas” are when you’re trying to set up...
Microsoft’s New Patch Strategy
Starting yesterday (October 11), Microsoft began rolling out a new way to patch Win7, Win 8.1, Server 2008 R2, Server 2012, and Server 2012 R2 systems. Instead of releasing a bunch of individual updates, they will be pushing out monthly...
What’s Wrong with SMS Authentication?
Back at the end of July, quite a bit of media buzz was generated by reports that the NIST was recommending, in the draft of their new publication addressing digital authentication methods, that using SMS text messages as a second...
Using File Sync & Share to Help Fight Ransomware
We’ve written a lot about security in general and ransomware in particular, because your security is a major concern to us - and we hope your own organization’s security is a major concern to you as well – and because...
ESET Adds Data Leakage Protection
ESET recently announced the addition of Safetica Data Loss Prevention (“DLP”) products to its Technology Partner Alliance. These are tools that are designed to prevent the accidental (or intentional) transmission or leakage of sensitive data outside the enterprise network. If...