April 27, 2018
FileHash icon

Software Updates – FileHash.exe

An update to FileHash.exe has been released as of April 18, 2018. 2018-04-18 — Version 2.3.0.430 Recent updates include the following: Added the -u (-summary) option […]
March 4, 2018

Virtual Credit Card Numbers

If your bank supports it, you would do well to consider Virtual Credit Card numbers for online purchases. I was looking around for some good articles […]
October 17, 2017

Not the best week for security protocols and technologies

The past few days have not been particularly good ones for the technology community.  First, we learned that the increasingly fragile WPA2 protocol has some glaring […]
September 25, 2017

Whose data is it, anyway?

It’s not just that we are experiencing big firms getting breached due to sheer negligence, but that no one is going to do anything about it […]
February 10, 2014

Automating Android

One of the cool things about the Android platform are the number of tools available for really extensive automation. So far, I have used the following […]
June 27, 2013

Looking forward to Windows Server 2012 R2

I was just reading the ComputerWorld article on some upcoming features of Windows Server 2012 R2, and I see some really intriguing improvements: In Windows Server 2012 […]
May 8, 2013

A look at Microsoft’s SIR v14

So…. I finally had a chance to finish reading the latest full edition of Microsoft’s latest Security Intelligence Report. There’s a lot of really good info in […]
April 30, 2013

Dueling Business Mindsets

If there is one lesson that technologists need to understand in order to be successful, it’s that business is ultimately more about people than about processor technology.  At the end […]
April 5, 2013

Enhancing My WLAN with a Meraki MR12

I finally got a chance to deploy a Meraki MR12 wireless access point. These are some sweet devices.  I wasn’t that happy with the PoE brick that […]
February 28, 2013

Wise Security Investment Approaches

A holistic approach to information security needs to address a corporate strategy for buying or building solutions. Such a strategy will have an impact on how […]
January 21, 2013

The Futility of Blaming IT

In recent years, it has become popular sport to blame information technology (IT) departments and IT leaders for failures – real or imagined – which adversely […]
January 18, 2013

Reading Between the Lines of Breach Notifications

Back in September 2012, I wrote two articles for Point2Security on how to effectively handle breach notifications: The Who of Post-Breach Communication Post-Breach Communication: The Importance […]
July 5, 2006

RSA is headed to the EMC stable…

RSA Security acquired by EMC for $2.1 billion http://searchwinit.techtarget.com/originalContent/0,289142,sid1_gci1197226,00.html?track=NL-118&ad=557474 Following a slew of rumors, storage giant EMC Corp. confirmed late Thursday that it will acquire RSA […]
July 5, 2006

Avoid Symantec appliances, says Gartner

http://www.vnunet.com/vnunet/news/2159677/gartner-advises-avoiding Companies should avoid investing in Symantec‘s network security appliances, and should evaluate offerings from other vendors, Gartner has warned. The analyst firm said that it issued the warning […]
July 10, 2006

Playing in the sandbox

I’ve been testing out a new utility (new to me, at least) at home called Sandboxie. It’s basically a tool that allows you to run various applications in an […]
July 11, 2006

Net Neutrality and Information Security

There’s a very interesting article up on SANS Internet Storm Centerconcerning the security implications of the proposed Net Neutrality legislation that is being discussed ardently in some […]
July 27, 2006

Some interesting freeware tools

I was looking around for some security scanners earlier today, and I came across this cool website with a fair amount of freeware tools, most of which are […]
August 2, 2006

Apple releases new patches for 26 security flaws across its product line

On August 1st, Apple Computer released Security Update 2006-004 to fix 26 security flaws, some of them with high exploit potential, in their product line. Here is a […]
August 2, 2006

Digital eEye releases new tools and website

The folks from Digital eEye (of Retina fame) have announced a new websiteand the release of some previously internal-only security research tools. A summary of the announcement that Marc Maiffret posted to […]
August 3, 2006

Black Hat Briefings: NAC solutions vulnerable to attack

Network World is reporting that various NAC solutions vulnerable to attackbased on a presentation at this year’s Black Hat Conference. A snippet of the report from the link […]
August 4, 2006

Patch Day August 2006: 12 Vulnerabilities to be Patched

Microsoft has announced that there will be approximately 12 vulnerabilities patched starting on August 8th, aka Patch Day. 10 of these are Windows vulnerabilities, and 2 of them […]
August 25, 2006

Internet Explorer Patch Re-Released

Yesterday, Microsoft re-released security bulletin MS06-042 because the original release introduced a buffer overflow condition for some customers. Everyone is advised to get the new update, because the buffer overflow is […]
August 25, 2006

Do we really get Information Security?

Five years ago, I wrote an article on the challenges of implementing Information Security in an enterprise.  Sad to say, even in the post-911 era, not a […]
September 1, 2006

Taking Information Security Seriously at Home

It is very easy to become complacent with Information Security on a home computer or network, even for those who would otherwise preach IT Security in […]