Resource ArticlesFollowing are some of the most popular Internet and Computer related security articles. Beagle and NetSky Viruses Spreading - February, 2004, is set to be the worst month yet for computer security. The infections caused by the MyDoom Viruses, DoomJuice Worm, and new variants of the Beagle and NetSky worms are the culprits. Biometric Security for Computers - The best types of security have always revolved around at least two components: something you know, and something you have. Keycards, digital FOBs, and one-time pads have been commonly used and combined with pass words, and pass phrases. More recently, with the advent of biometrics, you don't have to carry around anything other than yourself. Business Security Decreasing - Microsoft has spent about 100 Million dollars on its "Trustworthy Computing" initiative since its inception in January 2002 -- but security is worse! Camera Phone Security and Privacy Issues - Camera phones are becoming ubiquitous, and their use poses a serious threat to both personal and corporate security. Critical Vulnerabilities for Businesses Using Microsoft Windows - There are two critical vulnerabilities for businesses using Microsoft Windows. Both vulnerabilities affect Microsoft's Remote Procedure Call implementation. Dangerous Web Content and Internet Filters - Parents started becoming concerned about content, and sexual predators. Businesses also became concerned about their employees wasting time online -- or worse. As a result, numerous companies have emerged which offer filters which provide restriction of Internet content based upon rule sets built into the programs, and modified by the software's owners. Default Software Installs Are Not Secure - Beware! That software you have just installed on your computer is probably not secure -- not secure at all. Most Microsoft, Linux and UNIX software used by businesses does not have adequate security features, and the small amount of software that does have some security features doesn't have it enabled after its been installed. Demonstrated ROI Isn't Everything When It Comes to Security - When evaluating ROI, consider that quantifiable results often can't be demonstrated for security, as more than one company has learned. Determining Business Computer and Internet Security Risk Priorities - Computer systems and networks are only one of the information security related priorities. Personnel need to be properly trained, physical security must be put in place for the entire business and suppliers' systems must also be examined. Establishing a Business Security Plan - All businesses that conduct business via the Internet have a responsibility to keep their data safe. When a customer registers to receive information or to purchase a product from your business, it's very likely that they are trusting their personal information to you as part of the process. If their personal information is compromised, the consequences can be far reaching and dire. Forensics: Electronic Evidence Makes Its Mark in Investigations - Computer forensics offers a surprising amount of help investigators. Free Anti-Virus Software for Home Use - The biggest problem with anti-virus software is keeping it up-to-date with the newest signatures published by the vendor of the software. However, you don't have to pay an arm and a leg to get good anti-virus software, and you don't even have to pay to keep it up to date! Free Firewall for Home Use - Top quality firewalls are available for free -- as long as they're used in the home. These firewalls match up with some of the best you can purchase, providing true protection for your home computers. Hacker Laws - Hack a computer, go to jail, at least that's what the Bush administration is hoping for. In November 2003, new federal rules took effect which will take away much of the sentencing discretion judges have had in hacker cases. Instead of the common probation sentence, hackers, virus and worm writers could get 20 years to life in federal prison. HIPAA Privacy Regulations - April 15th, 2003 didn't just see the end to our extra spending money. One day earlier we saw the end to the privacy of our medical records. How Hackers Hack - Today the term "hacker" refers to someone who attempts to break into one or more computer systems using computerized methods. Although the old fashioned frontal attacks, including dumpster diving and misleading phone calls, are still widely used, we are restricting this document to the more common hacker techniques. See Top Enterprise Security Threats for more information. How To Create and Keep Passwords Secure - One of the easiest ways to break into a system is to use common passwords. Most software packages, Internet appliances and even switches ship with default passwords. Sometimes these "passwords" are NULL -- in other words, there is no password assigned. How to Detect and Remove Mydoom.B / Novarg - With Mydoom.B spreading faster than any worm has ever spread, how do you detect and remove it? It can be harder than you might think. How To Eliminate SPAM - SPAM has come to the point where it is not just annoying, but is costing real money. BizReport, and others, say that 40% of all e-mail traffic is SPAM, up from 8% just two years ago. With the e-mail industry growing to $1.4 billion last year, according to Jupiter Research. Unfortunately, this industry costs US Business more than $10 billion. How To Increase Business Computer Security - Due to the Gramm-Leach-Bliley Act and HIPAA Regulations, theft of information from a business can lead to the expendature of hundreds of thousands of dollars in time, and 10 years in jail for the business' senior management. In this case a victim, the business whose computers were compromised, gets severely punished. How to Keep Your Identity Safe on the Internet - Just surfing on the Internet exposes information about you to everyone from your employer (if you're using the web from work) through the people who run the sites you visit. Things such as your IP address and port are known by servers, the content you're looking at, and sometimes even the content you have looked at. HTTP vs HTTPS When are you secure? - Most people are confused when it comes to "Secure Servers". In this case, secure doesn't mean what its name implies. I explain what https means and the simple steps you can take to keep your personal information secure. Identity Theft On The Internet - Identity theft is when another person uses another person's identity without their permission. Often the identity is used to secure credit, obtain goods or services and drain bank accounts of unsuspecting victims. Internet Fraud Complaints Tripled - The FBI is reporting that Internet fraud complains tripled in 2002. They report that they sent more than 48,000 complaints to prosecutors in 2002. Internet Liability - Karl Schofield's PC was infected through e-mail, or possibly one of those annoying pop-ups. The Trojan then went out to the Internet and downloaded pornographic pictures of children, and he got pulled into court. After hiring expert witnesses, spending his own money and time, suffering vigilante attacks, having to move away from his home, he was able to convince the court to let him off. It could happen to anyone. Internet Security Incidents Up - Internet security incident statistics are showing the continuation of a disturbing trend. Since the early 1980's the computer systems attached to the Internet have been under attack. Lately that trend has included the Internet itself as Denial-of-Service attacks cause backbone router problems, and hacks on root name servers have left entire domains without needed services. Internet Voting Systems - The State of Michigan has had about 46,000 votes, or 28% of the total votes cast in its caucuses, cast over the Internet. The Democratic party is happy with the results. The Department of Defense, however, is not so confident of the technology. Is Your Risk Management Program As Good As It Gets? - Not all security incidents can be prevented, nor is it cost-effective to try. Each control should be evaluated on its own merits prior to implementation. Issues to consider: direct costs; training; decreased system performance; and public perception. Latest MyDoom Variant, DoomJuice, Attacks - Hitting a week after the MyDoom.A Virus attacked The Santa Cruz Operation, the latest in the MyDoom family is moving into full swing. Suspected of being authored by the same programmer as the MyDoom Viruses, DoomJuice uses back doors which have been installed on MyDoom infected machines. Linux Security Certification Increases - Because of the bad press Microsoft has received over the years for its dismal security record and new Homeland Security initiatives, the US Federal Government has been busy researching alternatives to Windows. Recently it found the SuSE Linux and IBM partnership. Modern Warfare and Business Defense - The use of technology in Operation Free Iraq is changing the strategies and execution of war, and six months from now the technology will have changed modern warfare even more. Mydoom Novarg Worm FAQ - The fastest spreading worm ever packs a punch, and some new twists. The worm known as MyDoom.B or W32.Novarg.A@mm is a mass e-mail worm that is spread via attachments. It can arrive in various file types, such as .exe, .cmd, .bat, .pif, .scr or .zip files. Network Data Encryption - The Last Step in Security - Data hauled without encryption is said to be transmitted "In The Clear." The Ethernet and Internet standards were not initially designed with encryption in mind, so almost all local networks are carrying data without it being encrypted. New Beagle Worm More Lethal - The newest version of the W32.Beagle worm is spreading rapidly on the Internet. It is having much more success than many of its predecessors due to its unique payloads -- an inticing message, and its own e-mail server. Online Shopping Tips and Tricks - Millions of people are afraid to shop online. They've heard the stories of stolen credit cards, and stolen identities. But just how bad, or good, is it to go online? Operation Secure Your Server Aimed at Shutting Down SPAM - The United States Federal Trade Commission and 36 additional agencies in 26 countries have started sending out warning e-mails to registered owners of tens of thousands of computers suspected of being unwitting SPAM e-mail broadcast points. Risks of Password Management Tools - Banks, hospitals, and other businesses are requiring usernames and passwords to gain access to their sites. Free e-mail sites, newspapers and even game sites require usernames and passwords. Secure Servers and SSL - The Internet definition of secure server is a server which provides secure connections. Secure servers are most often used to conduct electronic commerce via the Internet. Secure servers are not, however, secure by definition. Security Risks of VOIP - Increasing standardization and prevalence means VoIP will likely be a growing target for attacks. Here's a look at the dangers, and how to keep your business safe. Small and Medium Business Security Needs - The Myths of Computer Security The Risks Associated with SPAM e-Mail Just Went Up - Until recently, most of the risks associated with SPAM e-mail have been associated with money-making schemes used to bilk consumers of thousands of dollars. Recently Brand-Spoofing SPAM E-Mail looks like it is coming from a company whose brand your recognize, possibly one with whom you conduct business. Top Enterprise e-Security Threats For 2003 - Every business faces various security threats. The majority of these threats fall into two categories: physical and electronic. Each of these categories are presented on two fronts: external and internal. This requires at least four different approaches to securing our enterprises. Why and How to Remove KaZaA - KaZaA is a peer to peer network which allows its users to search for and share files. Lately its users, and sometimes the users' parents, have been the target of searches as the Recording Industry Association of America (RIAA) has been searching for and suing those who share copyrighted music. Windows XP SP2 Service Pack 2 - Service Pack 2 is now available for Windows XP, but don't install it! Some testers have reported complete system failures in as many as 3/5ths of the machines they've tested it on. Yet Another Security Initiative From Microsoft - Bill Gates, Microsoft Chairman, gave the keynote address at the RSA Security conference held in San Francisco this week. Mr. Gates introduced yet another Microsoft security initiative to a somewhat hostile audience.
For information on reproducting articles on this site, visit http://www.esecurityguy.com/reproduction