We have thousands of posts on a wide variety of open source and security topics, conveniently organized for searching or just browsing.
Cybercrime is a massive global threat, and U.S. businesses are the No.1 target. For tips and advice about how best to defend against cyberattacks, Network World asked security pros to name their No.1, most valuable security tool.
NTP, the much maligned protocol abused in a number of high volume DDoS attacks a year ago, is suffering from newly patched vulnerabilities that could allow an attacker to send unauthenticated packets to a client that would be executed.
According to research from Venafi, a vast majority of the world's top businesses are still vulnerable to Heartbleed, which was disclosed a year ago this month. The OpenSSL flaw impacted organizations both large and small, but the latest figures show that 74-percent of the Global 2000 remain vulnerable.
The world is about to get another reminder about just how much of the Internet runs on technology maintained by a handful of coders working on a shoestring budget. OpenSSL
No, it's not always a room filled with wires and glowing blue lights. It's probably not even the size of your furnace. The personal email server used by Hillary Rodham Clinton during her time as secretary of state was probably about the size of your office desktop computer and could have been tucked quietly in a corner somewhere.
Contrary to suggestions hacker group Lizard Squad took out Facebook, there was almost certainly no attack on the social network and its photo sharing property Instagram, which both went down late last night. According to a source with knowledge of the matter, the downtime was the result of a technical foul up. Facebook is now confirming this in statements to media.
Ladar Levison is probably most well-known to Ars readers as the founder of the secure e-mail service Lavabit, which he shut down in mid-2013 in an effort to avoid being forced to comply with a US government demand to turn over users
On Friday, the firm Allegro Software of Boxborough, Massachusetts, released an odd-sounding statement encouraging all its customers to
A backdoor has multiple meanings. It can refer to a legitimate point of access embedded in a system or software program for remote administration.
In a move that will essentially double the number of SSL-protected sites on the Web in the space of 24 hours, CloudFlare on Monday said that it was enabling SSL for all of its more than two million customers for free.
Modern datacenters and next-generation IT requirements depend on capable platforms, with open source solutions offering a strong foundation for open hybrid cloud and enterprise workloads. A powerful, unified platform enables enterprises to use a solid foundation to balance demand while utilizing new trends and technologies such as virtual machines and the open hybrid cloud.
Security conferences are a great place to learn about the latest hacking tricks, tools and exploits, but they also remind us of important stuff that was shown to be hackable in previous years yet never really got fixed. Perhaps the best example of this at last week
The internet is littered with burgeoning email encryption schemes aimed at thwarting NSA spying. Many of them are focused on solving the usability issues that have plagued complicated encryption schemes like PGP for years. But a new project called Dark Mail plans to go further: to hide your metadata.
DIGITAL RIGHTS GROUP the Electronic Frontier Foundation (EFF) is asking hackers to help it with its plans to build a secure but open router.
On a well-maintained Linux system, months can go by without needing to reboot. Sooner or later, however, a security patch to the Linux kernel will require you to reboot your machine. That's not a real problem on a desktop, but when you're talking hundreds of servers it can be a real pain. That's where CloudLinux's new program KernelCare comes in.
There have been a lot of media reports about Linux security problems recently. ZDNet has taken a stand and pointed out that the problem isn't with Linux, the problem is with certain Linux users and administrators. I'd also argue that the problem is also with certain media outlets who jump on the "linux security stinks!" bandwagon at the earliest opportunity.
I've been preaching the gospel of Linux security for decades now, but it's always nice to see proof-positive from an independent organization that Linux is indeed the most secure operating system around.
A new study shows that CSOs could dramatically lower the risk of malware infection by becoming a lot stingier with the number of company employees given administrator accounts on computers.
These days, Hadoop is everywhere. It began as an esoteric data-crunching platform used by vanguard web companies like Yahoo, Facebook, and Twitter, and now, less than a decade later, it
It wasn't designed with security in mind. It was just designed to work. But following disclosures of large-scale spying by the U.S. as well as other nations over the last several years, a variety of companies, including Wickr and Silent Circle, see commercial opportunities in making encrypted messaging products that are easier to use.
Like staying secure? So do we.
Sign up for updates, tips, and alerts!
