Follow Microsoft's basic security guidelines for Remote Desktop Protocol and you'll shut down hackers who try to exploit it.
Stories by Roger A. Grimes
We need a system for data breaches that rates the real risk associated with the compromised data
This concise malware bestiary will help you get your malware terms right when you hang out with geeks - with basic advice for finding and removing malware when you've been hit
Do you have valuable data on your network? Noticing odd network behavior? You could be the victim of an APT attack
Patching and security training programs will thwart attacks more effectively than anything else. You're already doing them. Here's how to do them better.
Both bitcoin and blockchain are vulnerable to attack. Here's what you need to know to protect yourself and why blockchain is becoming a foundational technology.
As a 30-year road warrior, I’ve learned some security truths that seem wrong, but must be accepted if you really want to understand the threats you face.
Redirected internet searches, unexpected installs, rogue mouse pointers: Here's what to do when you've been 0wned.
The PKI industry recommends that every SHA-1 enabled PKI move to the vastly more secure SHA-2. Here's why and how.
We've never been closer to getting pervasive, global identities. And with 2FA/MFA, you get all of the benefit with less of the risk.
Code embedded in hardware has vulnerabilities and it's harder to patch. That will make it a target for hackers.
For all the emphasis on tools and gizmos, IT is still very much about the people who develop and use said tools and gizmos. Collaboration, mutual respect, passion for the work -- all this and more are essential to a beneficial outcome, whether your IT group is shipping code, swatting bugs, working with business users, or securing company systems.
Advanced persistent threats have garnered a lot of attention of late, deservedly so. APTs are arguably the most dangerous security concern for business organizations today, given their targeted nature.
Most malware is mundane, but these innovative techniques are exploiting systems and networks of even the savviest users
It's security's dirty little secret: Not having your users logged in as root or administrator will not stop malware.