IT Trenches:

information security


December 2, 2009  9:33 PM

10 Tips: Holiday greeting cards, holiday shopping and computer security awareness



Posted by: Troy Tate
antispyware, antivirus, hoaxes, information security, internet security, phishing, Security, security awareness, shopping

It is that time of year again when folks send electronic holiday greeting cards to one another. Some of the greetings may also be games that bear holiday messages. It is also a time when malicious software spreads using these same types of messages and software. You should also...

November 5, 2009  4:50 PM

Do you use TLS or client certificates for authentication? Beware of new MITM vulnerability



Posted by: Troy Tate
apache, authentication, certificates, IIS, information security, risk, risk management, SSL, tls, vulnerability, web services

As Michael Morisy of ITKE recently posted, New SSL security hole allows man-in-the-middle attacks, a new SSL...


October 7, 2009  6:38 PM

IT services and The Three Chinese Curses



Posted by: Troy Tate
bot, botnet, career, information security, information technology, infosec, IT, network analysis, professional, Security, service level, support, trojan

In America, October is the time when haunting, evil spirits and curses come to mind. Earlier today I posted a blog entry titled Can IT education bring an end to the...

Bookmark and Share     1 Comment     RSS Feed     Email a friend


September 30, 2009  1:36 PM

I resemble that award winning case study – wait, it IS me!



Posted by: Troy Tate
case study, frame relay, industry award, information security, ipsec, mpls, network management, remote access, Security, security management, SSL, ssl vpn, vpn, WAN

Have you ever wondered if vendor case studies are actually solutions to real life issues or if they are stories about compensated organizations using a particular vendor solution? Well, I am here to tell you that I know of at least one case study that is about an organization addressing real-life...


September 16, 2009  6:41 PM

Google search results serve up malware – I’ve had the crime of my life



Posted by: Troy Tate
browser security, drive-by attack, Google, information security, malicious software, malware, search results, software, software security

Well, that may not be news to you. However, there is a recent trend in malware propagation that uses Google as the portal to deliver payloads to visitors. Unsuspecting users go to Google and search for topics such as Patrick Swayze's death or the controversy about Serena Williams cursing at the...


September 16, 2009  6:31 PM

Would you click if it showed on the NY Times website? – Really would you?



Posted by: Troy Tate
ad revenue, browser security, computer network, hardware, information security, information security management, licensing, malicious software, malware, network access, PC, permit, Security, social engineering, software, user education

Yesterday Fierce CIO reported that New York Times falls victim to rogue ad. This is a trend that seems to be happening more frequently. Rogue...


September 14, 2009  1:49 PM

Microsoft does not patch vulnerability for supported version of Windows



Posted by: Troy Tate
information security, Microsoft, Microsoft support, patches, risk, risk management, support, tcp, tcp-ip, tcp/ip, threat, vulnerability, Windows, windows 2000

Last week was the September issue of Microsoft "patch Tuesday". The September 2009 Microsoft Security Bulletin lists a number of vulnerabilities. Microsoft held the


August 28, 2009  4:21 PM

BlackHat USA technical presentations available online – not just for hackers



Posted by: Troy Tate
antivirus, blackhat, bootkit, Database, Development, education, hacker, information security, infosec, least user authority, least user privilege, malware, research, rootkit, threats, vulnerabilities

The media archives have now been posted on the BlackHat website from the BlackHat technical conference held in July 2009. This is the place to go if you want to see some of the latest information security...


August 24, 2009  8:33 PM

Red alert – automated SHIELDS Up – malware becomes smarter!



Posted by: Troy Tate
bot, command and control, information security, malware, malware research, threat, vulnerability

If you haven't recently kept up to date on the malware front, a recent article at DarkReading may come as a surprise to you. ALERT: Malware has become intelligent!


July 24, 2009  6:03 PM

Using Wireshark to analyze a bot infected host



Posted by: Troy Tate
bot, data capture, education, ethereal, information security, Laura Chappell, network analysis, network security, packet analysis, packet capture, Security, tutorial, wireshark

My favorite Bitgirl (Laura Chappell) is at it again in this 15 minute presentation. She came across a host on a network that appears to be infected with some bot application. Take a few...


Forgot Password

No problem! Submit your e-mail address below. We'll send you an e-mail containing your password.

Your password has been sent to: