IT Security

Internal threats are being severely underestimated by organisations in comparison with the attention given to external threats.

Microsoft pushing the idea that cloud services offer more cost-effective security for SMBs than the alternative.

Microsoft released seven bulletins last night to cover three critical and four important flaws.

Tough economic times make it tempting for an employee to switch his white hat to a black one for financial gain. Insider threats also include contractors, auditors, and anyone who has authorized access to systems.

Microsoft released 6 bulletins on Tuesday to fix a total of 11 vulnerabilities, one of which has become the target of active attacks against unpatched applications.

What's the best way to spot and block insider attacks? Start by putting an insider attack prevention program in place. So says Dawn Cappelli, technical manager at Carnegie Mellon University's CERT Insider Threat Center.

Here's a list of some of the best free security tools and services that my fellow editors and external security experts have found invaluable to help them do their jobs.

Microsoft confirmed that sample attack code created by the company had likely leaked to hackers from a program it runs with antivirus vendors.

Justin James gathers the information you need to make the right deploy decision when applying Microsoft’s March 2012 patches in your organization.

Ten years ago, Microsoft set up the Trustworthy Computing (TwC) group, but a lot has changed since then. How relevant is Microsoft's trustworthy computing mission in today's world?

I put six popular, free antivirus tools through their paces and measured their impact on startup and shutdown times, disk space, and RAM use.

Microsoft released 9 patches that fix a total of 21 vulnerabilities. Of these vulnerabilities, 13 remote code execution vulnerabilities, 3 elevation of privilege vulnerabilities, and 5 information disclosure vulnerabilities were patched.

Insider threats know the ins and outs of all systems in place and can wreak havoc on your operation while they are employed and sometimes after they are let go.

Hoarding sensitive information is easy and inexpensive, but as the collected information grows, so do the risks.

Alfonso Barreiro takes a detailed look at all the security features available in each edition of Windows 8, including what’s brand new, improved, and carried over from previous versions.

It’s easy to get distracted by high profile security threats and let more subtle — but equally destructive — risks fall through the cracks.

Consumer, corporate and even SCADA systems could be at risk when Microsoft stops supporting Windows XP.

BitLocker is a valuable security add-on to the Windows OS. Microsoft BitLocker Administration and Monitoring can ease BitLocker deployment and management.

Security researchers at Symantec discover a new Duqu driver compiled in February 2012.

The code publication has set off alarm bells in the corridors at Redmond because there are clear signs that Microsoft’s pre-patch vulnerability sharing program has been breached or has suffered a major leak.

Microsoft says it would ship six security updates next week, only one critical, to patch seven vulnerabilities in Windows and a pair of for-developers-only programs.

With so many users relying on mobile phones and tablets for business, mobile security is a must. Here are 10 reasons why you can’t continue to overlook it.

Despite system administrators' efforts to keep Microsoft-supplied packages up to date, non-Redmond software is almost exclusively responsible for the growth in vulnerabilities.