SearchSecurity.com.au Analysis & Commentary

DMZ building guide

Sun, 05 Jul 2009 23:58:44 +0000

Discover how to build a demilitarized zone on your network.

Snort creator to enter virtualisation security market

Mon, 06 Jul 2009 00:24:41 +0000

Sourcefire, the company made famous by the Snort IPS tool, is cooking up a new product to protect virtualised servers and networks.

How to link servers with SSL

Mon, 06 Jul 2009 00:22:14 +0000

Discover the best way to securely link two servers in this tip.

How to stop rogue DHCP server malware

Fri, 03 Jul 2009 00:01:17 +0000

Rogue DHCP server malware adds a new twist to an old idea ... but not so new that you cannot fight back, as explained in this story.

Q&A special: Three common security issues explained

Thu, 02 Jul 2009 23:59:21 +0000

Learn about securing shared internet connections, analysing suspicious traffic spikes and the basics of computer forensics in this Q&S special.

Bit.ly borked, Twitter threatened

Wed, 01 Jul 2009 22:17:46 +0000

Researchers have found several several cross-site scripting flaws in URL shrinker Bit.ly that could offer a way to abuse Twitter accounts.

FTP credentials the target for new trojan

Tue, 30 Jun 2009 00:48:43 +0000

A new trojan harvests FTP logins and is now seeding compromised sites with malicious scripts.

MasterCard ups PCI compliance requirements for some merchants

Mon, 29 Jun 2009 23:50:25 +0000

MasterCard will insist that some merchants hire external PCI DSS auditors.

Celebrity deaths exploited by spammers

Sun, 28 Jun 2009 23:36:53 +0000

The death of Michael Jackson has led to a new wave of spam and online scams

How to secure USB thumb drives

Sun, 28 Jun 2009 23:43:17 +0000

Short of glueing shut your USB ports, your chances of keeping USB thumb drives out of your organisation are close to zero. So how can you secure data on these devices? Policy, encryption and education are the answers.

Meet Dan Kaminsky

Fri, 26 Jun 2009 00:02:22 +0000

Dan Kaminsky, the researcher who found and publicised the DNS cache poisoning bug, now believes the Domain Name System Security Extensions (DNSSEC) must be implemented. Learn why in this interview.

Source code reviews vs. Web application firewalls

Thu, 25 Jun 2009 23:56:37 +0000

When applying PCI DSS to web applications, you have two choices: source code security reviews or a web application firewall. Here's how to make your choice.

Can AppLocker ease desktop lockdown woes?

Wed, 24 Jun 2009 23:29:23 +0000

Angus Kidman examines the new AppLocker security feature built into Windows 7.

Best practices to manage firewall rules

Wed, 24 Jun 2009 00:10:01 +0000

Businesses often have hundreds of overlapping firewall rules. Here's how to manage the morass without complicating or compromising security.

Gartner says core security spending is steady

Mon, 22 Jun 2009 22:48:19 +0000

Managers are willing to invest in some new security tools, says analyst firm Gartner.

How to configure access control lists to boost Internet Explorer Security

Mon, 22 Jun 2009 23:02:52 +0000

Read this tip to learn about access control lists (ACLs) and how they can repel attacks targeting Internet Explorer.

Should you use more than one firewall?

Mon, 22 Jun 2009 22:55:27 +0000

Is one firewall enough for your organisation? And will two create fatal complications?

Researchers create a darknet-in-a-browser

Sun, 21 Jun 2009 22:33:18 +0000

Two HP security have developed ' Veiled', a tool that allows the creation of browser-based peer-to-peer darknets built into a web page. Matt Wood, senior security researcher in HP's Web Security Research Group, will present Veiled as a proof-of-concept at the Black Hat Briefings in Las Vegas next month. In this interview, Wood previews Veiled and how it could be used.

Zombie PCs sold in botnet auction on 'Golden Cash' network

Thu, 18 Jun 2009 23:32:05 +0000

The 'Golden Cash' network offers the chance to buy PCs connected to a botnet. Purchasers can then resell zombie PCs or put them to work.

BIOS can become a source of malware

Thu, 18 Jun 2009 23:38:24 +0000

When considering security, it's easy to ignore the BIOS. But hackers are thinking hard about BIOS, because it represents a great way to plant malware on a system.