This Blog has Moved!

This blog is moving to


Thank you for visiting! Content will remain here for archival purposes.

Increase e-Commerce Conversion Rates with Extended Validation SSL Certificates

The following is external content provided as a free resource for blog readers.
Download our free white paper - “Increase Conversion Rates with Extended Validation Certificates” and learn how deploying an EV certificate on your e-Commerce website can protect against threats, while showing your customers that they can transact with confidence, helping increase your sites conversion rates.

Request Free!

Understanding Validation: Understanding the Art and Science of SSL Certificate Validation and how to Pick the Right Approach for your Business

The following is external content provided as a free resource for blog readers.
SSL certificates don't range from ‘insecure' to ‘secure', but they do differ in the level of confidence they inspire in online visitors. This white paper helps you choose the level of validation that works for you.

Request Free!

Geek Guide: Apache Web Servers and SSL Authentication

The following is external content provided as a free resource for blog readers.
The bottom line is that whether you want or need to do so, adding HTTPS to a site you're running isn't very hard to do. In this Geek Guide, I walk through what SSL/TLS is (and isn't), how you can create or buy a certificate, how to install that certificate into an Apache server and then how to configure Apache such that a subset of URLs on your system are covered by SSL.

Request Free!

Why Always-on SSL is Critical for Company Websites Today

The following is external content provided as a free resource for blog readers.
Hackers increasingly have access to tools to steal personal information during web site sessions. This paper discusses how always-on SSL offers enhanced security to protect against these attacks, while delivering several additional business benefits.

Request Free!

Raise Your Google Rankings with GeoTrust

The following is external content provided as a free resource for blog readers.
Google's popularity is due to its commitment to delivering the best possible user experience – and that means a secure experience. Google now boosts a site's SEO ranking if it secures the entire user session with Always On SSL. As SEO helps a site to be found, a higher ranking means more traffic. This white paper explores how you can improve your ranking and be found by more customers.

Request Free!

NetApp Is Accelerating Your Data Protection Strategy to the Clouds

The following is external content provided as a free resource for blog readers.
This 10 page white paper, written by Enterprise Strategy Group Senior Analyst, Jason Buffingtonn, and Research Analyst Monya Keanes, explores how organizations are using the cloud for backup and recovery and how AltaVault fits into that ecosystem.

Request Free!

Space Weather Outlook June 29, 2015 at 03:17AM

Official Space Weather Advisory issued by NOAA Space Weather Prediction Center Boulder, Colorado, USA SPACE WEATHER ADVISORY OUTLOOK #15-26 2015 June 29 at 1:03 a.m. MDT (2015 June 29 0703 UTC) **** SPACE WEATHER OUTLOOK **** Summary For June 22-28 Category R2 (Moderate) radio blackouts were observed on 22 and 25 June due to flare activity from active sunspot Region 2371. Category S1 (Minor) solar radiation storms occurred on 24, 26, and 27 June with S2 (moderate) levels on 23 June, and S3 (Strong) on 22 June due to a combination of flare activity from active sunspot Region 2371 as well as a shock enhancement from the arrival of the 21 June coronal mass ejection (CME). Category G1-G4 (Minor to Severe) geomagnetic storms were observed on 22-23 June with the arrival of the 19 June CME. Category G1-G2 (Minor to Moderate) geomagnetic storms were also observed on 25 June due to the arrival of the 22 June CME. Outlook For June 29-July 5 No space weather storms are expected. Data used to provide space weather services are contributed by NOAA, USAF, NASA, NSF, USGS, the International Space Environment Services and other observatories, universities, and institutions. More information is available at SWPC's Web site http://swpc.noaa.gov Thank you for using the Product Subscription Service. If you would like to remove a product subscription or update the personal information in your account, go to the Product Subscription Site. Please do not use the from address for correspondence, as it is not monitored. For comments or help, please contact SWPC Help.

Data-Driven Security: Analysis, Visualization and Dashboards ($40.99 Value) FREE for a limited time!

The following is external content provided as a free resource for blog readers.
Security professionals need all the tools at their disposal to increase their visibility in order to prevent security breaches and attacks. You'll soon understand how to harness and wield data, from collection and storage to management and analysis as well as visualization and presentation. Using a hands-on approach with real-world examples, this book shows you how to gather feedback, measure the effectiveness of your security methods, and make better decisions. Everything in this book will have practical application for information security professionals.
  • Helps IT and security professionals understand and use data, so they can thwart attacks and understand and visualize vulnerabilities in their networks
  • Includes more than a dozen real-world examples and hands-on exercises that demonstrate how to analyze security data and intelligence and translate that information into visualizations that make plain how to prevent attacks
  • Covers topics such as how to acquire and prepare security data, use simple statistical methods to detect malware, predict rogue behavior, correlate security events, and more
  • Written by a team of well-known experts in the field of security and data analysis
Lock down your networks, prevent hacks, and thwart malware by improving visibility into the environment, all through the power of data and Security Using Data Analysis, Visualization and Dashboards.

Request Free!

Network Forensics for Attack Mitigation

The following is external content provided as a free resource for blog readers.
The network forensics market is set to dramatically expand as increasing numbers of organizations become the victims of malware attacks. Limiting the damage from these incursions, and avoiding potentially crippling losses, are key motivators for businesses of any size. And network forensics offers a powerful set of tools to help companies achieve those goals.

Request Free!

10 Things Security Experts Wish End Users Knew

The following is external content provided as a free resource for blog readers.
Security is complicated, which has led to the many misconceptions and misunderstandings. By paying attention to these 10 concerns that security experts want you to know, you can gain knowledge and understanding about security and be securer both at work and in your personal life.

Request Free!

SDN: Merging IT Roles

The following is external content provided as a free resource for blog readers.

One of the challenges with SDN is merging the skillsets of the application developer, security expert, server admin, and network person. Rather than spending 80% of time on low value, mundane tasks, you can shift your attention to more important issues of scale and how to improve network response to failures.



Request Free!

Security Reimagined, Part I: An Adaptive Approach to Cyber Threats for the Digital Age

The following is external content provided as a free resource for blog readers.
This two-part, educational series outlines this new approach to cybersecurity. Part I describes what features and capabilities organizations need in the face of a complex and growing threat.

Read Part I to learn:
  • Why it's time to reimagine your security architecture
  • How to reduce two key metrics: time to detection and time to resolution
  • How to use “hunting” and “gathering” together for better detection
By submitting your information, you agree to receive email communications from FireEye. Understand that you can unsubscribe at any time.

Request Free!

M-Trends 2015: A View from the Front Lines

The following is external content provided as a free resource for blog readers.
The report provides key insights, statistics, and case studies illustrating how the tools and tactics of Advanced Persistent Threat (APT) actors have evolved over the last year. The report also outlines approaches that organizations can take to improve the way they detect, respond to, and contain advanced attacks.

Key findings include:
  • Attackers had access to victims' environments for 205 days before they were discovered.
  • Sixty-nine percent of victims learn from a third party that they are compromised.
  • Attribution is becoming harder as the lines blur between tactics used by cyber criminals and nation-state actors.
  • Over the last year, threat actors have used stealthy new tactics to move laterally and maintain a presence in victim environments.
By submitting your information, you agree to receive email communications from FireEye. Understand that you can unsubscribe at any time.

Request Free!

Countdown to Compromise: The Timeline of a Spear-Phishing Attack on Your Organization

The following is external content provided as a free resource for blog readers.
It doesn't matter if you've drawn up what you think is the perfect blueprint to protect yourself – spear-phishing attackers have done advanced scouting of your company's defenses and know exactly how to exploit vulnerabilities: the human vulnerabilities. Read this white paper for an inside look at the anatomy of a spear-phishing attack, to see how mistakes are made and how vulnerabilities get exploited.

Request Free!

Maximizing Security, Uptime and Productivity in Today's Growing Cloud Based Infrastructure

The following is external content provided as a free resource for blog readers.

Expanding numbers of SMBs are now relying on the cloud for communication and other mission-critical services. However, many are not taking the steps necessary to properly secure the connection to their cloud providers or to make these connections redundant and reliable.

In the past, an Internet outage or slowdown may have meant going without email for a short period of time. In today’s cloud-centric environment, this same outage could bring down VoIP phone calls, meetings utilizing collaboration, ERP, CRM, remote call center agents, webinars, access to critical business documents, email or any number of other applications and services that all rely on the cloud and internet access. The absence or interruption of any of these services could bring productivity (and business in general) to a grinding halt.

This whitepaper explores all the issues that need to be researched and addressed by the SMB that is relying on cloud services for mission-critical applications.



Request Free!

How to Increase Security and Save Money with Fraud-Proof Electronic Payments

The following is external content provided as a free resource for blog readers.
Fraud and cybersecurity have become leading topics for treasury and financial professionals. Following the highly-publicized security breaches of Target and Neiman Marcus in 2013, and what now seems like almost daily mentions in the news of similar attacks, managing cyber risk, particularly around payments, is now a key component of an organization's risk management program.

This paper will help your company benefit from the increased security, cost savings and process efficiencies that accompany payment automation.

Request Free!

Space Weather Outlook June 21, 2015 at 11:42PM

Official Space Weather Advisory issued by NOAA Space Weather Prediction Center Boulder, Colorado, USA SPACE WEATHER ADVISORY OUTLOOK #15-25 2015 June 21 at 9:30 p.m. MDT (2015 June 22 0330 UTC) **** SPACE WEATHER OUTLOOK **** Summary For June 15-21 Several R1 (minor) radio blackouts were observed on 18, 20 and 21 June from Regions 2365, 2367 and 2371. S1 (minor) solar radiation storms were observed on 18-19 June and again on 21 June as a result of significant flare activity from Regions 2365 and 2367 respectively. Outlook For June 22-28 R1-R2 (minor to moderate) radio blackouts are expected from complex Regions 2367 and 2371. S1-S2 (minor to moderate) solar radiation storms are expected from 22-24 June. G1-G3 (minor to strong) geomagnetic storms are expected on 22-23 June as effects from 3 coronal mass ejections impact Earth. Data used to provide space weather services are contributed by NOAA, USAF, NASA, NSF, USGS, the International Space Environment Services and other observatories, universities, and institutions. More information is available at SWPC's Web site http://swpc.noaa.gov Thank you for using the Product Subscription Service. If you would like to remove a product subscription or update the personal information in your account, go to the Product Subscription Site. Please do not use the from address for correspondence, as it is not monitored. For comments or help, please contact SWPC Help.

Data Security for Retail Customers Perceptions, Expectations and Potential Impacts

The following is external content provided as a free resource for blog readers.
Despite retailers' current efforts, consumers still feel wary about the safety and security of their credit and debit cards. Consumers are almost universally aware of the recent breaches and are very concerned about the possibility of future incidents. They believe that retailers could be doing more to keep their data secure and are willing to go so far as to stop shopping at retailers who are unable to protect their data. Honeywell commissioned this consumer trust survey to add context to the growing concern about personal data security issues at major retailers and the impact such concern has on consumer trust, actions, and expectations.

Key Research Objectives:
  • Understand consumers' current awareness of data breaches, and discover which breaches are most top of mind;
  • Compare consumers' concern for their credit and debit card information with other specific security concerns;
  • Measure the impact that data breaches have already had on consumer behavior; and
  • Explore consumer thoughts and opinions on data breaches and prevention techniques such as encryption technology.


Request Free!

How Government IT Can Counter Security Threats By Analyzing Big Data

The following is external content provided as a free resource for blog readers.
Government cyber pros say threats take too long to find. The average cyber threat exists on networks 16 days before teams identify it. While 70% of cyber pros say their organization can monitor streams of cyber security data in real time, fewer can analyze the data.

Big Data is the game changer. According to the recent survey Go Big Security published by MeriTalk 86% of government responders say big data analytics will significantly improve cyber security. But how?
  • To detect that a breach is currently happening (61%)
  • To monitor streams of data in real time (51%)
  • To conduct a conclusive root-cause investigation following a breach (49%)
  • To detect that a breach has already occurred (47%)


Request Free!

IT Admins in the Edu Space: FERPA Compliance for Google Drive & Gmail

The following is external content provided as a free resource for blog readers.

Learn` what type of information has to be protected under FERPA & learn the intent of FERPA regulations.  Plus learn what tools SysCloud has that enables an administrator to control the sharing of PII in Google Drive, and how Syscloud can preform a free FERPA compliance audit for your educational institution.



Request Free!

IDC Executive Brief: Modernizing Data Protection With Backup Appliances

The following is external content provided as a free resource for blog readers.
Benefits and challenges of an appliance-based data protection approach will be discussed, as well as emerging best practices for modern data protection.

Request Free!

10 Telltale Signs of a Fraudulent Order: How to stop chargebacks before they stop you

The following is external content provided as a free resource for blog readers.

Fraudsters are Finding New Ways to Take What is Rightfully Yours

Card-not-present (CNP) fraud weighed heavily on merchants over the past year costing over $32 billion - a 33% increase in lost revenue - and that’s just half the burden. Many merchants are paying in more ways than just fraud losses; for every $100 in chargebacks merchants lose $308 in wasted time, fees, penalties and/or loss of goods and services. So what can merchants do to prevent future fraud losses?

Detect and Stop Fraud with These 10 Telltales Signs

Get Verifi’s latest article, “10 Telltale Signs of a Fraudulent Order: How to stop chargebacks before they stop you” and gain insight into the most popular techniques that fraudsters use today, so you can stay one step ahead of fraudsters before they impact your profits.

Topics covered in the article:

  • Forecasts for CNP fraud
  • Impacts of fraud on CNP merchants
  • 10 signs of a fraudulent order
  • What to do in cases of fraud


Request Free!

Space Weather Outlook June 14, 2015 at 09:22PM

Official Space Weather Advisory issued by NOAA Space Weather Prediction Center Boulder, Colorado, USA SPACE WEATHER ADVISORY OUTLOOK #15-24 2015 June 14 at 7:06 p.m. MDT (2015 June 15 0106 UTC) **** SPACE WEATHER OUTLOOK **** Summary For June 8-14 During the period, G1 (minor) and G2 (moderate) geomagnetic storms were observed on 08 June due to effects from a negative polarity coronal hole high speed stream (CH HSS). G1 (minor) geomagnetic storms were also observed on 14 June due to effects from a positive polarity CH HSS. R1 (minor) radio blackouts were observed on 11, 13 and 14 June due to flare activity from active Region 2360 and 2367. Outlook For June 15-21 A chance for R1 (minor) radio blackouts exists through the outlook period due to potential flare activity from active Region 2367. Data used to provide space weather services are contributed by NOAA, USAF, NASA, NSF, USGS, the International Space Environment Services and other observatories, universities, and institutions. More information is available at SWPC's Web site http://swpc.noaa.gov Thank you for using the Product Subscription Service. If you would like to remove a product subscription or update the personal information in your account, go to the Product Subscription Site. Please do not use the from address for correspondence, as it is not monitored. For comments or help, please contact SWPC Help.

Cybersecurity: Managing Systems, Conducting Testing, and Investigating Intrusions (FREE until 6/22) $48.99 Value!

The following is external content provided as a free resource for blog readers.

Cybersecurity involves preventative methods to protect information from attacks. It requires a thorough understanding of potential threats, such as viruses and other malicious code, as well as system vulnerability and security architecture. This essential book addresses cybersecurity strategies that include identity management, risk management, and incident management, and also serves as a detailed guide for anyone looking to enter the security profession. Doubling as the text for a cybersecurity course, it is also a useful reference for cybersecurity testing, IT test/development, and system/network administration.

  • Covers everything from basic network administration security skills through advanced command line scripting, tool customization, and log analysis skills
  • Dives deeper into such intense topics as wireshark/tcpdump filtering, Google hacks, Windows/Linux scripting, Metasploit command line, and tool customizations
  • Delves into network administration for Windows, Linux, and VMware
  • Examines penetration testing, cyber investigations, firewall configuration, and security tool customization
  • Shares techniques for cybersecurity testing, planning, and reporting

Cybersecurity: Managing Systems, Conducting Testing, and Investigating Intrusions is a comprehensive and authoritative look at the critical topic of cybersecurity from start to finish.



Request Free!

Mitigating Security Risks at the Network's Edge

The following is external content provided as a free resource for blog readers.
With locations that typically process credit cards, distributed enterprises are at a particularly high risk of suffering data breaches. This white paper provides strategies and best practices for distributed enterprises to protect their networks against vulnerabilities, threats, and malicious attacks.

Request Free!

PCI 3.0 Compliance Guide

The following is external content provided as a free resource for blog readers.
Properly configure, monitor, and maintain your CradlePoint devices to meet the requirements of PCI-DSS 3.0. Enabling features of CradlePoint solutions include network segmentation (Ethernet ports, SSIDs and VLANs), stateful firewall, MAC/IP/URL filtering, authentication, encryption, event logging, event alerts, time synchronization, and configuration management from CradlePoint Enterprise Cloud Manager.

Request Free!

Content Delivery Network and Managed DNS Kit

The following is external content provided as a free resource for blog readers.
Efficient and reliable DNS services are essential for ensuring superior user experiences, even when you have a Content Delivery Network (CDN) deployed. This kit will include everything you need to know about managed DNS from load balancing to security risks and prevention, outsourcing and the ability to ensure your site's users are reliably and quickly connected to the resources they need.

Titles include:
  • Control Your Destiny: Why Your Company's CDN Needs To Be Paired With Managed DNS
  • Everything You Need to Know about CDN Load Balancing
  • 5 Ways to Reduce Advertising Network Latency
  • 5 DNS Security Risks That Keep You Up At Night
  • 4 Reasons To Outsource Your DNS


Request Free!

Space Weather Outlook June 07, 2015 at 10:36PM

Official Space Weather Advisory issued by NOAA Space Weather Prediction Center Boulder, Colorado, USA SPACE WEATHER ADVISORY OUTLOOK #15-23 2015 June 7 at 8:25 p.m. MDT (2015 June 8 0225 UTC) **** SPACE WEATHER OUTLOOK **** Summary For June 1-7 No space weather storms were observed this period. Outlook For June 8-14 G1 (Minor) geomagnetic storms are likely on 09 Jun in response to a coronal hole high speed stream. No S1 (Minor) or greater solar radiation storms are expected during the outlook period. No R1 (Minor) or greater radio blackouts are expected during the outlook period. Data used to provide space weather services are contributed by NOAA, USAF, NASA, NSF, USGS, the International Space Environment Services and other observatories, universities, and institutions. More information is available at SWPC's Web site http://swpc.noaa.gov Thank you for using the Product Subscription Service. If you would like to remove a product subscription or update the personal information in your account, go to the Product Subscription Site. Please do not use the from address for correspondence, as it is not monitored. For comments or help, please contact SWPC Help.

Why I No Longer Visit Slashdot or SourceForge

For many years, I've always used Slashdot to keep me in formed of "geek" news, and SourceForge for great open source software.

Since Slashdot and SourceForge are owned by the same parent company, I am now refusing to patronize either website, due to multiple incidents of SourceForge bundling malware with open source project downloads.

This all started approximately two years ago. Case in point, this bug ticket for FileZilla.

In May, SourceForge started distributing malware with GIMP, a popular image editor.

Finally, just a few days ago, SourceForge started hijacked nmap for possibly the same purpose, software which is popular in the security community - talk about a slap in the face.

With this most recent incident, no longer will I sit idle and let SourceForge infect unsuspecting people with malware. There are no excuses for this behavior, and anything SourceForge will say to justify this should be completely disregarded by the open source and security community.

As of today, I will recommend to my clients that they do not download any software from SourceForge, and recommend alternative news sites from Slashdot, such as Reddit.

If you have an open source project on SourceForge, now is the time to migrate to GitHub or other similar sites, and close your project on SourceForge.

Show SourceForge and Slashdot you will not stand for intentionally infecting people with malware.

Cybersecurity: Managing Systems, Conducting Testing, and Investigating Intrusions ($48.99 Value FREE for a Limited Time!)

The following is external content provided as a free resource for blog readers.
Cybersecurity involves preventative methods to protect information from attacks. It requires a thorough understanding of potential threats, such as viruses and other malicious code, as well as system vulnerability and security architecture. This essential book addresses cybersecurity strategies that include identity management, risk management, and incident management, and also serves as a detailed guide for anyone looking to enter the security profession. Doubling as the text for a cybersecurity course, it is also a useful reference for cybersecurity testing, IT test/development, and system/network administration.
  • Covers everything from basic network administration security skills through advanced command line scripting, tool customization, and log analysis skills
  • Dives deeper into such intense topics as wireshark/tcpdump filtering, Google hacks, Windows/Linux scripting, Metasploit command line, and tool customizations
  • Delves into network administration for Windows, Linux, and VMware
  • Examines penetration testing, cyber investigations, firewall configuration, and security tool customization
  • Shares techniques for cybersecurity testing, planning, and reporting
Cybersecurity: Managing Systems, Conducting Testing, and Investigating Intrusions is a comprehensive and authoritative look at the critical topic of cybersecurity from start to finish.

Request Free!