This Blog has Moved!

This blog is moving to


Thank you for visiting! Content will remain here for archival purposes.

The Essentials of Information Security Kit: Includes a Free PC Security Handbook - 2nd Edition eBook

The following is external content provided as a free resource for blog readers.





The Essentials of Information Security brings together the latest in information, coverage of important developments, and expert commentary to help with your Information Security related decisions.



The following kit contents will help you get the most out of your Information Security research:

  • PC Security Handbook - 2nd Edition

  • Advanced Persistent Threat Protection for Dummies (SPECIAL EDITION)

  • Extended Validation SSL Certificates

  • SSL 101: A Guide to Fundamental Website Security






Request Free!

Space Weather Outlook June 29, 2014 at 10:16PM

Official Space Weather Advisory issued by NOAA Space Weather Prediction Center Boulder, Colorado, USA SPACE WEATHER ADVISORY OUTLOOK #14-26 2014 June 29 at 8:04 p.m. MDT (2014 June 30 0204 UTC) **** SPACE WEATHER OUTLOOK **** Summary For June 23-29 No G1 or greater geomagnetic storms were observed. No R1 or greater radio blackouts were observed. No S1 or greater solar radiation storms were observed. Outlook For June 30-July 6 No G1 or greater geomagnetic storms are expected. No R1 or greater radio blackouts are expected. No S1 or greater solar radiation storms are expected. Data used to provide space weather services are contributed by NOAA, USAF, NASA, NSF, USGS, the International Space Environment Services and other observatories, universities, and institutions. More information is available at SWPC's Web site http://swpc.noaa.gov Thank you for using the Product Subscription Service. If you would like to remove a product subscription or update the personal information in your account, go to the Product Subscription Site. Please do not use the from address for correspondence, as it is not monitored. For comments or help, please contact SWPC Help.

Advanced Persistent Threats: Hijacking Insider Credentials

The following is external content provided as a free resource for blog readers.





Do you really know who's seeing the sensitive data on your network? Download the NetIQ Flash Point Paper Advanced Persistent Threats: Hijacking Insider Credentials to learn how someone with malicious intent might be able to get onto your network by impersonating your employees. In this paper, you'll learn:

  • How many IT professionals are worried about advanced persistent threats

  • Some techniques hackers use to get into networks

  • Questions to ask yourself about identity and access solutions


Don't be left in the dark, wondering who is on your network. Download this paper today.



Request Free!

Managing the Consumerization of IT

The following is external content provided as a free resource for blog readers.





Mobile technology has changed the corporate world forever. Users are determined to use their personal devices, causing a lot of security concerns for IT. Some solutions—like giving IT control or visibility into the device—are frustrating to users, but IT needs some control. Solve the problem with mobile access. In the NetIQ Flash Point Paper, Managing the Consumerization of IT: Mobile Access for the BYOD World, you'll learn:

  • Why current BYOD solutions don't really solve your problems

  • The reason so many BYOD policies fail

  • What to look for in a mobile access solution


Don't let the security risks and user frustration of BYOD policies continue. Read this Flash Point Paper today.



Request Free!

Contractor Access: Mitigating Security and Risk Issues

The following is external content provided as a free resource for blog readers.





Contractors introduce a unique challenge for businesses and for IT. Their contracts are limited, so you need to be able to quickly give them access to the right data, limit their access to other data, and ensure their access ends when their contract does. But how can you do that for all of them? In the NetIQ Flash Point Paper Contractor Access: Mitigating Security and Risk Issues, you'll learn:

  • The main causes of contractor risk

  • How to change your thinking about identity and access

  • Things to look for in an access solution


Giving access to contractors shouldn't mean exposing the organization to risk. Read this Flash Point Paper today.



Request Free!

2014 Cyberthreat Defense Report

The following is external content provided as a free resource for blog readers.





As trusted experts in cybersecurity, CyberEdge has provided the 2014 Cyberthreat Defense Report to illustrate the current security landscape and make near-future projections. In addition to attack statistics from North America and Europe, you'll learn where most IT professionals see weaknesses in their environment and how they plan to strengthen those areas. Some things you'll learn are:

  • Barriers to establishing effective defenses

  • Common host security misconfigurations

  • How BYOD is changing cybersecurity


Don't let cyberattacks get the best of you. Download this report today.



Request Free!

Virtual Patching: Lower Security Risks and Costs

The following is external content provided as a free resource for blog readers.





It discusses how traditional approaches to remediating vulnerable systems can create new problems and provides a new model that keeps pace with the ever-increasing number of attack vectors. Download now to learn more.



Request Free!

VMware Solution Guide for Payment Card Industry Data Security Standard

The following is external content provided as a free resource for blog readers.





With the help of this guide, organizations can learn how to accelerate complete adoption of VMware technologies with integrated security controls; adapt security policies to both physical and virtual IT environments, and advance endpoint security and protection using centrally managed virtual capabilities.



Request Free!

The Challenges of Securing a Virtual IT Infrastructure

The following is external content provided as a free resource for blog readers.





Find out what your peers are doing to get the most out of their security investment, including:

  • Extending traditional security products to virtualized data centers

  • Security in shared public and hybrid cloud environments

  • Balancing risks vs. costs for security in virtual and cloud environments






Request Free!

Space Weather Outlook June 23, 2014 at 12:39AM

Official Space Weather Advisory issued by NOAA Space Weather Prediction Center Boulder, Colorado, USA SPACE WEATHER ADVISORY OUTLOOK #14-25 2014 June 22 at 10:28 p.m. MDT (2014 June 23 0428 UTC) **** SPACE WEATHER OUTLOOK **** Summary For June 16-22 G1 (Minor) geomagnetic storm conditions were observed on 18 June. No R1 or greater radio blackouts were observed. No S1 or greater solar radiation storms were observed. Outlook For June 23-29 No G1 or greater geomagnetic storms are expected. No R1 or greater radio blackouts are expected. No S1 or greater solar radiation storms are expected. Data used to provide space weather services are contributed by NOAA, USAF, NASA, NSF, USGS, the International Space Environment Services and other observatories, universities, and institutions. More information is available at SWPC's Web site http://swpc.noaa.gov Thank you for using the Product Subscription Service. If you would like to remove a product subscription or update the personal information in your account, go to the Product Subscription Site. Please do not use the from address for correspondence, as it is not monitored. For comments or help, please contact SWPC Help.

Perfect Forward Secrecy The Next Step in Data Security

The following is external content provided as a free resource for blog readers.





That's why Symantec is continuing to innovate with Perfect Forward Secrecy—SSL certificates that feature ECC. Elliptic Curve Cryptography allows increased performance and protection with shorter key lengths to bring greater confidence to you and your customers.



Request Free!

The CIO Playguide for Secure BYOD

The following is external content provided as a free resource for blog readers.






Mobile devices and the ability to work everywhere present a huge opportunity but also pose a challenge for IT in securing corporate data. This ebook provides essential insights for planning and deploying BYOD processes and tools to mitigate security risks and assure proper compliance. Ensure a successful BYOD program today, download the free ebook.






Request Free!

Space Weather Outlook June 15, 2014 at 11:47PM

Official Space Weather Advisory issued by NOAA Space Weather Prediction Center Boulder, Colorado, USA SPACE WEATHER ADVISORY OUTLOOK #14-24 2014 June 15 at 9:33 p.m. MDT (2014 June 16 0333 UTC) **** SPACE WEATHER OUTLOOK **** Summary For June 9-15 No G1 or greater geomagnetic storms were observed. R3 (Strong) radio blackouts were observed on 10-11 Jun. R1 (Minor) radio blackouts were observed on 11-15 Jun. No S1 or greater solar radiation storms were observed. Outlook For June 16-22 No G1 or greater geomagnetic storms are expected during the forecast period. R1-R2 (Minor-Moderate) radio blackouts are likely on 16-17 Jun with a chance of R1-R2 conditions for the remainder of the forecast period. No S1 or greater solar radiation storms are expected during the forecast period. Data used to provide space weather services are contributed by NOAA, USAF, NASA, NSF, USGS, the International Space Environment Services and other observatories, universities, and institutions. More information is available at SWPC's Web site http://swpc.noaa.gov Thank you for using the Product Subscription Service. If you would like to remove a product subscription or update the personal information in your account, go to the Product Subscription Site. Please do not use the from address for correspondence, as it is not monitored. For comments or help, please contact SWPC Help.

Email Security: Keeping Your Brand Safe

The following is external content provided as a free resource for blog readers.






From secure transmission and reception of an email to authentication of email messages with SPF and DKIM to monitoring and blocking phishing attacks with DMARC, this webinar is packed with helpful and useful email security knowledge.


Dyn’s Chris Brenton, Director of Security, and Scott Grant, Associate Product Marketing Manager, will provide best practices and tips on how to keep your corporate brand safe.






Request Free!

DNS Build vs. Buy: Cloud vs. On-Premise

The following is external content provided as a free resource for blog readers.






In this webinar, Dyn Chief Technologist, Cory von Wallenstein, discusses whether enterprise users should build their own internal DNS infrastructure or use managed services in the cloud instead.


Learn about the known and hidden costs of on-premise solutions, what managed services really means, why staffing can be harder than you think, and more!






Request Free!

Identity Management 'How To' for Office 365

The following is external content provided as a free resource for blog readers.





Office 365 is one of the fastest-growing businesses in Microsoft history, and for good reason: it provides organizations of all sizes with hosted versions of Exchange, SharePoint, Lync – and much more. Before deploying Office 365, there are several options to consider for managing user identities, each with different implications for IT and users.



In this webinar Paul Andrew, Senior Technical Product Manager at Microsoft, will discuss options for Office 365 identity management, with a focus on how user accounts can be synchronized with on premise Active Directory.



Corey Williams, Senior Director of Product Management at Centrify will review how you can use Centrify to provide Active Directory-based single-sign on to enterprise and SaaS apps including Office 365, while protecting sensitive company data. He will discuss Centrify single sign-on for a full range of user scenarios across PC, tablet and mobile devices.



Corey will provide a demo of Centrify for Office 365, a Microsoft-validated and easy-to-deploy Azure-based solution for Active Directory-based single sign-on, user provisioning and mobile management.



Speakers:



Paul Andrew - Senior Technical Product Manager, Microsoft



Corey Williams - Senior Director of Product Management, Centrify Corporation



Request Free!

Achieving Best Practices for Virtual Machine Backup and Recovery

The following is external content provided as a free resource for blog readers.





This Lab Validation report from ESG provides you with best practices to create an environment that offers you simple unified data protection across physical and virtual landscapes, maximum protection and data availability, and reduced storage needs and operational costs.



Request Free!

How to Get the Most Out of DNS in an Active Directory Environment

The following is external content provided as a free resource for blog readers.





A highly effective approach to providing enterprise-grade DNS services in your Microsoft Active Directory environment can immediately enhance security, manageability, and availability for core network services. This white paper will share insights on the reasons why migrating to Infoblox DNS will provide superior DDoS protection, centralized management, and enhancements to AD functionality. This detailed and practical resource can be the first step in transforming your Microsoft environment. Request your copy of this white paper to learn how to get started today.



Request Free!

White Paper: IDC The Evolution and Value of Purpose-Built Backup Appliances

The following is external content provided as a free resource for blog readers.





In addition, this white paper illuminates the customer value that Symantec's Backup Exec and NetBackup appliances bring to the data protection and recovery process.



Request Free!

Defend Web Properties From Modern Threats With Citrix NetScaler

The following is external content provided as a free resource for blog readers.





Today, defending your organization's web properties means more than just protecting a handful of enterprise web applications from advanced malware.



Request Free!

Why Midsize Organizations Need Business Continuity/Disaster Recovery Even More than Enterprises Do

The following is external content provided as a free resource for blog readers.





Midsize organizations are more likely than their larger enterprise counterparts to identify data protection as a top IT priority over the next 12 months. In fact, data protection – specifically, improved data backup and recovery processes and business continuity/disaster recovery programs – accounted for the top-two overall most important IT priorities mentioned by midsize organizations.



But even though midmarket companies have less expert support on hand than their enterprise counterparts, they need business continuity and disaster recovery planning expertise more than larger enterprises do. After all, they usually don't have the latest and greatest high-availability products integrated into their environments, and they don't have “Clark Kents” dedicated solely to keeping their eyes on all things, always ready to pull on their capes and maximize the chance of fast recovery from a disaster.



Request Free!

Getting the Most Out of Your Tivoli Endpoint Manager Deployment

The following is external content provided as a free resource for blog readers.





IBM Tivoli Endpoint Manager (ITEM) is a product designed to let enterprises automatically manage computers, allowing thousands of them to be managed by just a few support staff. With ITEM, tasks such as patch application, software distribution, and security policy enforcement can be performed on all of an organization's computers with minimal supervision.



Request Free!

Home Wireless Setup 101

The following is external content provided as a free resource for blog readers.





Setting up a wireless network that is reasonably secured is not complex. This paper explains how to defend against wireless based network compromise by avoiding known WAP firmware flaws, prevent management interface access, stop eavesdropping with strong encryption, and block access to those without proper authentication.



Request Free!

Space Weather Outlook June 09, 2014 at 12:13AM

Official Space Weather Advisory issued by NOAA Space Weather Prediction Center Boulder, Colorado, USA SPACE WEATHER ADVISORY OUTLOOK #14-23 2014 June 8 at 10:00 p.m. MDT (2014 June 9 0400 UTC) **** SPACE WEATHER OUTLOOK **** Summary For June 2-8 R1 (minor) radio blackouts were observed on 03 and 06 June. G1 (minor) and G2 (moderate) geomagnetic storms were observed on 08 June. Outlook For June 9-15 A chance for R1 (minor) radio blackouts exists through the outlook period. Data used to provide space weather services are contributed by NOAA, USAF, NASA, NSF, USGS, the International Space Environment Services and other observatories, universities, and institutions. More information is available at SWPC's Web site http://swpc.noaa.gov Thank you for using the Product Subscription Service. If you would like to remove a product subscription or update the personal information in your account, go to the Product Subscription Site. Please do not use the from address for correspondence, as it is not monitored. For comments or help, please contact SWPC Help.

Best Practices for Successful IP Address Management (IPAM)

The following is external content provided as a free resource for blog readers.





With trends like virtualization and BYOD making networks more complex, the need for accurate and dynamic IP Address Management (IPAM) is growing. The ever-increasing size of today's networks, keeping track of multiple types of data pertaining to the devices connected across the network becomes increasingly difficult. IPAM today has to go beyond allocation and tracking to centrally maintaining a real-time view of additions, moves, and changes. This white paper explains best practices for creating a central repository that combines IP addresses with pertinent information such as host names, device types, and locations tying this information together with a single, clear, easy-to-manage interface.



Request Free!

How to Get the Most Out of DNS in an Active Directory Environment

The following is external content provided as a free resource for blog readers.





A highly effective approach to providing enterprise-grade DNS services in your Microsoft Active Directory environment can immediately enhance security, manageability, and availability for core network services. This white paper will share insights on the reasons why migrating to Infoblox DNS will provide superior DDoS protection, centralized management, and enhancements to AD functionality. This detailed and practical resource can be the first step in transforming your Microsoft environment. Request your copy of this white paper to learn how to get started today.



Request Free!

Regulations and Standards: Where Encryption Applies

The following is external content provided as a free resource for blog readers.





This white paper describes the different types of data under regulation and offers best practices for implementing appropriate encryption technologies. Download this white paper and learn:

  • Tips on protecting your data in today's complex security landscape

  • How to start or advance a sound data protection program

  • How encryption can satisfy protection requirements






Request Free!

Adding Extra Security to Cloud Storage

The following is external content provided as a free resource for blog readers.





Download this white paper and find out how applying data encryption everywhere enables users to manage access to the cloud without placing data or businesses at risk.



Request Free!

Encryption Buyers Guide

The following is external content provided as a free resource for blog readers.





Use this buyer's guide to help you evaluate encryption solutions and decide which one fits your needs. This guide will help you:

  • Examine the capabilities to look for when evaluating endpoint encryption solutions

  • Review specific encryption features - full-disk encryption, file and folder encryption, mobile, etc.

  • Formulate key questions for vendors to identify the solution that best meets your requirements






Request Free!

Space Weather Outlook June 01, 2014 at 11:30PM

Official Space Weather Advisory issued by NOAA Space Weather Prediction Center Boulder, Colorado, USA SPACE WEATHER ADVISORY OUTLOOK #14-22 2014 June 1 at 9:17 p.m. MDT (2014 June 2 0317 UTC) **** SPACE WEATHER OUTLOOK **** Summary For May 26-June 1 No space weather storms were observed during the summary period. Outlook For June 2-8 No space weather storms are expected during the outlook period. Data used to provide space weather services are contributed by NOAA, USAF, NASA, NSF, USGS, the International Space Environment Services and other observatories, universities, and institutions. More information is available at SWPC's Web site http://swpc.noaa.gov Thank you for using the Product Subscription Service. If you would like to remove a product subscription or update the personal information in your account, go to the Product Subscription Site. Please do not use the from address for correspondence, as it is not monitored. For comments or help, please contact SWPC Help.

Setting up a Fax and Voicemail Honeypot

For those who weren't aware, I have setup a fax and voicemail honeypot using K7, which provides free Fax and Voicemail services.

Every time a new fax or voicemail is received, the message is automatically sent to my Gmail as an attached file.

Recently I enhanced this using IFTT so that I can keep a running log of when the messages come in, and look for any patterns.

It's amazing how my honeypot company receives faxes from their non-existent HR department every week, offering discount vacations and cruises! The most recent example of this is pictured below.

Example Fax from "HR Department"
targeting employees through social engineering