Network intrusion detection and prevention and malware removal
Top Stories
-
Answer
16 Nov 2018
How does Thanatos ransomware decryptor tool restore data?
Cisco Talos' Thanatos ransomware decryptor can recover files affected by new ransomware that won't decrypt ransomed files even when a ransom has been paid. Continue Reading
-
Answer
14 Nov 2018
How does signed software help mitigate malware?
Okta researchers found a bypass that allows macOS malware to pose as signed Apple files. Discover how this is possible and how to mitigate this attack. Continue Reading
-
Definition
14 Apr 2022
Network File System (NFS)
Network File System (NFS) is a networking protocol for distributed file sharing. Continue Reading
-
Definition
09 Dec 2021
ISA Server
Microsoft's ISA Server (Internet Security and Acceleration Server) was the successor to Microsoft's Proxy Server 2.0 and was part of Microsoft's .NET support. Continue Reading
-
Answer
16 Nov 2018
How does Thanatos ransomware decryptor tool restore data?
Cisco Talos' Thanatos ransomware decryptor can recover files affected by new ransomware that won't decrypt ransomed files even when a ransom has been paid. Continue Reading
-
Answer
14 Nov 2018
How does signed software help mitigate malware?
Okta researchers found a bypass that allows macOS malware to pose as signed Apple files. Discover how this is possible and how to mitigate this attack. Continue Reading
-
Answer
13 Nov 2018
How does the Mylobot botnet differ from a typical botnet?
The new Mylobot botnet demonstrated new, complex tools and techniques that are modifying botnet attacks. Learn how this botnet differs from a typical botnet with Nick Lewis. Continue Reading
-
Answer
18 Oct 2018
How does the resurgent VPNFilter botnet target victims?
After a comeback of the Russian-built VPNFilter botnet, home network devices are at risk. Learn how this malware targets victims with expert Nick Lewis. Continue Reading
-
Tutorial
11 Oct 2018
Tips to track down and neutralize PowerShell malware
The benefit of PowerShell is its wide-ranging access to Windows systems, but industrious hackers can exploit its abilities to launch attacks from inside your data center. Continue Reading
-
Answer
04 Oct 2018
How does stegware malware exploit steganography techniques?
Researchers at the 2018 RSA Conference discussed the increasing availability of malware that uses steganography, dubbed stegware. Discover how this works with expert Nick Lewis. Continue Reading
-
Answer
02 Oct 2018
How can GravityRAT check for antimalware sandboxes?
A remote access Trojan -- dubbed GravityRAT -- was discovered checking for antimalware sandboxes by Cisco Talos. Learn how this technique works and how it can be mitigated. Continue Reading
-
Answer
25 Sep 2018
Can monitoring help defend against Sanny malware update?
Changes to the Sanny malware were recently discovered by FireEye researchers. Learn who is at risk and how elevated privileges can help protect you with Nick Lewis. Continue Reading
-
Answer
06 Sep 2018
IonCube malware: Who do these malicious files put at risk?
Malicious files posing as legitimate ionCube files were recently found by WordPress and Joomla admins. Learn how the ionCube malware works with expert Nick Lewis. Continue Reading
-
Answer
29 Aug 2018
ATM jackpotting: How does the Ploutus.D malware work?
Ploutus.D malware recently started popping up in the U.S. after several ATM jackpotting attacks. Discover how this is possible and what banks can do to prevent this with Nick Lewis. Continue Reading
-
Answer
03 Jul 2018
What are the Windows Defender management tools?
If you're using Windows Defender AV to protect your company, it's imperative to configure the malware protection properly. This tip lays out the management options for admins. Continue Reading
-
Tip
29 May 2018
Desktop and mobile malware detection takes on high priority
End-user computing professionals must embrace modern Windows and mobile malware protection technologies to defend against ransomware and other attacks. Continue Reading
-
Tip
21 May 2018
Create an effective email phishing test in 7 steps
The best way for IT to improve email phishing security is through comprehensive testing, which helps identify which users are susceptible and what type of fake email is most effective. Continue Reading
- 21 May 2018
-
Answer
17 May 2018
How do I avoid Windows Defender compatibility issues?
Microsoft offers a free antimalware tool for client and server systems, but administrators need to tune the layers of protection to avoid problems. Continue Reading
-
Answer
17 Apr 2018
How does Windows Defender Antivirus protect against malware?
Microsoft offers Windows Defender Antivirus as its native tool to prevent malware attacks. Discover how it works and what advanced protections it provides. Continue Reading
-
Answer
28 Feb 2018
Fileless malware: What tools can jeopardize your system?
A report from CrowdStrike highlights the growth of malware-less attacks using certain command-line tools. Learn how to handle these growing attacks with Matt Pascucci. Continue Reading
-
Answer
30 Jan 2018
CopyCat malware: How does this Android threat operate?
Check Point researchers discovered new Android malware named CopyCat, which has infected 14 million devices. Learn how this malware works and how it spread from expert Nick Lewis. Continue Reading
-
Answer
27 Oct 2017
EternalRocks malware: What exploits are in it?
When NSA cyberweapons went public, attackers bundled them into the EternalRocks malware. Nick Lewis takes a closer look at this new threat and explains what's lurking inside. Continue Reading
-
Feature
01 Sep 2017
Why WannaCry and other computer worms may inherit the earth
A vast majority of APT attacks and malware delivery happens via spear phishing. But worms have always had a place in the toolkit when the delivery method fit the mission. Continue Reading
-
Answer
24 Aug 2017
ATMitch malware: Can fileless ATM malware be stopped?
How was the ATMitch malware able to loot cash machines, then delete itself? Expert Nick Lewis explains how the fileless malware works and how it spreads. Continue Reading
-
Tip
13 Jun 2017
Windows 10 security tools to have handy
Cyberthreats lurk around every corner, so it's always a good time to fortify Windows 10 defenses. These top security tools can help make that happen. Continue Reading
-
Answer
06 Apr 2017
How can you whitelist apps and fight ransomware with Windows 10 AppLocker?
With application whitelisting, admins can create a list of approved apps users can work with. This way, users cannot accidentally open an app containing ransomware. Continue Reading
-
Definition
09 Mar 2015
WIPS (wireless intrusion prevention system)
A wireless intrusion prevention system (WIPS) is a dedicated security device or integrated software application that monitors a wireless LAN network's radio spectrum for rogue access points and other wireless threats. Continue Reading
-
Answer
25 Feb 2015
What are some alternatives to Windows Defender?
Windows Defender is useful for Windows 8 security, but it can't keep up with malicious software alone. Several third-party products can help. Continue Reading
-
Answer
11 Feb 2015
How does Windows 8.1 support affect Active Directory?
Windows 8.1 support for endpoint security includes Open MDM and biometrics, but removing Remote Server Administration Tools can affect Active Directory. Continue Reading
-
Answer
03 Feb 2015
What Web application monitoring tools exist for desktops?
Microsoft Intune and other mobile device management tools are also useful for desktop management from the cloud and Web application monitoring. Continue Reading
-
Tip
28 Jan 2015
Tighten Windows 8.1 security in five simple steps
Microsoft has improved Windows 8.1 security, but no OS is free of vulnerabilities. Some basic settings can further protect Windows 8.x systems. Continue Reading
-
Answer
05 Jan 2015
How do I remove admin restrictions from Windows 7 laptops?
To relax the usual restrictions on Windows 7 laptops, use the Windows administrator account, but remember to record your password. Continue Reading
-
Definition
28 Nov 2014
Microsoft Click-To-Run
Microsoft Click-to-Run is a way to quickly install Microsoft products, including versions of Office 2010 and Office 2013. Continue Reading
-
Definition
15 Sep 2014
Microsoft Windows Recovery Environment (Windows RE)
The Microsoft Windows Recovery Environment, or Windows RE, is a simplified, scaled-back version of the Windows operating system that is used to boot the system when Windows 8.x, Windows Server 2012 or Windows Server 2012 R2 can't. Continue Reading
-
Feature
24 Jun 2014
Finding and fixing Office 2013 installation problems
Desktop administrators can streamline Office deployments by understanding fixes to important installation problems. Continue Reading
-
Photo Story
10 Apr 2014
Five Windows Sysinternals utilities can aid in desktop troubleshooting
There are many free tools in the Windows Sysinternals suite, but some might help admins more than others for viewing data and managing desktops. Continue Reading
-
Tip
17 Sep 2013
Click-to-Run and MSI provide Office 2013 installation options
The Microsoft Installer has competition for Office 2013 installation. See how Office Click-to-Run allows Office 2013 to run without a full download. Continue Reading
-
Tip
22 Jan 2013
Windows Server Update Services weaknesses you may not know about
Built-in tools such as WSUS can help with Windows patching, but you may still need other tools to verify that enterprise systems are safe. Continue Reading
-
Tip
25 Aug 2010
Where does Windows store its temporary files?
The temporary files generated by Windows can pile up and become a security hazard. Learn how to track them down and tidy up your systems. Continue Reading
-
Tip
20 Jan 2010
Five network security resolutions for 2010
Tighten your enterprise's network security this year with these simple steps, which include regularly changing passwords, keeping patches up to date and talking to end users. Continue Reading
-
Tip
13 Jan 2010
What can Windows 7's AppLocker do for you?
Control applications on individual workstations more efficiently with AppLocker, an improved application management feature in Windows 7. Continue Reading
-
Feature
24 Sep 2008
Hacking Exposed Windows: Windows security features and tools
In Hacking Exposed Windows, by Joel Scambray, you can learn how to prevent malicious attackers from hacking into your network and damaging or stealing the business critical data you have stored in your Windows machines. Continue Reading
-
Tutorial
03 Jul 2007
Rootkit and malware detection and removal guide
This malware learning guide will provide several tips and tools on rootkit prevention, spyware and adware removal, antivirus tools, malware removal best practices and more. Continue Reading
-
Tutorial
18 Oct 2006
Step-by-Step Guide: Finding and removing a rootkit
It's difficult -- but not impossible -- to be totally sure that your system is 100% rootkit free, says Windows security expert Kevin Beaver. In this step-by-step guide, Beaver shows you how to strengthen your Windows systems against the rootkit threat. Continue Reading
-
News
26 Jan 2006
Microsoft takes another anti-rootkit step
Writing kernel-mode Windows programs was never easy, but as of 64-bit Windows Vista, Microsoft won't even let just anyone do it. It will help stop some rootkits, but it's not a complete answer. Continue Reading
-
News
15 Dec 2005
Anti-spyware battles rootkits with rootkit tactics
Security software is going after malicious code where it attacks – at the Windows kernel, or core processing center, level. Continue Reading
-
News
08 Dec 2005
Clock's ticking on new Sober onslaught
Security experts warn that a new attack of the mass-mailing worm was coded into the version responsible for the last outbreak. The next wave is set to start on January 5. Continue Reading
-
News
08 Dec 2005
Where are rootkits coming from?
Adware and spyware manufacturers are using rootkits to hide processes and defeat uninstall efforts. Security expert Mikko Hypponen discusses where rootkit malware may embed itself. Continue Reading
-
News
07 Dec 2005
November breaks all malware records
November was the worst month for malicious software attacks since the industry began to keep record in the 1980s, according to Sophos, and antivirus company. The security firm says it detected more than 1,900 new pieces of malware last month. Continue Reading
-
News
07 Dec 2005
Blaster worm affected 25m PCs: Microsoft
In the first month after its arrival in August of 2003, the Blaster worm affected 25 million computers, the most ever hit by any single malware attack, according to a Microsoft white paper. Continue Reading
-
News
05 Dec 2005
Which is the best antispyware?
This analysis of popular reviews highlights five top consumer antispyware contenders. Continue Reading
-
News
01 Dec 2005
Sober storms charts as month's biggest attack
E-mails bearing a new variant of the Sober virus accounted for as much as 43% of malware traffic in November, at one point representing 1 in every 13 messages, according to security experts. The worm threatens to overwhelm e-mail servers, since it attempts to send copies of itself to all the e-mail addresses it can find in victim hard drives. Continue Reading
-
News
29 Nov 2005
Attack code out for 'critical' Windows flaw
New exploit code was posted on the Web over the weekend for a Windows MSDTC flaw. Microsoft reports that patch MS05-051 released last month will block attacks based on the flaw, but some users have had trouble installing the patch. Continue Reading
-
News
16 Nov 2005
Employee gadgets pose security risk to companies
When workers plug smart phones, thumb drives, digital cameras and MP3 players into PCs at work, they may be importing malicious code straight past the firewall – or walking off with confidential business information. Continue Reading
-
News
03 Nov 2005
IT security weakened by compliance issues
Companies are spending too much of their IT budgets on compliance issues and skimping on security, according to Ernst & Young's latest security report. Continue Reading
-
News
31 Oct 2005
Anti-spyware definitions finalized
An alliance of software companies, security firms and consumer groups called the Anti-Spyware Coalition, on Thursday finalized its definitions of spyware, and published a "risk modeling" report explaining how vendors determine that a piece of software is spyware. Continue Reading
-
News
17 Oct 2005
Price war looms as Microsoft enters security market
Analysts at Gartner predict Microsoft Client Protection enterprise security product will push competitor prices down by at least 10 percent. Continue Reading
-
News
06 Oct 2005
British cybercrime guru to keep tabs on Microsoft
Neil Barrett, a well-known computer expert and criminologist, has been hired by the European Commission to oversee Microsoft's compliance with a 2004 antitrust decision. Continue Reading
-
News
06 Oct 2005
Enterprise anti-virus has bug
Enterprise systems running Symantec AntiVirus Scan Engine are at risk due to what the company calls a serious security flaw. Continue Reading
-
News
10 Jan 2005
IE flaw threat hits the roof
A security company rated vulnerabilities in Microsoft's browser at "extremely critical" because exploit code was published on the Internet. The vulnerabilities could allow hackers to execute spyware or pornography dialers on a machine without the users knowledge. Continue Reading
-
News
05 Jan 2005
Can Spam hasn't canned much
As the Can Spam Act marks its first anniversary, a new study finds that few are complying with the new law. Software maker MX Logic said that during the past year, compliance ranged from less than half a percent in July to a high of 7% in December. More than three-quarters of all e-mails sent in 2004 were classified as spam. Continue Reading
-
News
04 Jan 2005
'Hygiene' software reflects changes in e-mail threats
Messaging administrators have greater choices to protect the network perimeter at a time when constant threats are the norm. Continue Reading
-
News
29 Dec 2004
2005 outlook: Desktops to see Linux, search war and more spyware
TechTarget group publisher Paul Gillin offers up his annual predictions for the year ahead, and forecasts a pay hike for IT pros, a potential new owner for Apple and the rise of Linux, spyware and searching on the desktop. Continue Reading
-
News
23 Dec 2004
Fixes, workaround for Kerberos 5 vulnerability
A security hole in Kerberos 5 could be exploited to launch malicious code. But there are fixes and a workaround. Continue Reading
-
News
20 Dec 2004
Giant partner not in loop for Microsoft buyout
When Microsoft announced its acquisition of an antispyware company last week, no one was more surprised than Sunbelt Software, which is a partner of the company being bought. However, as part of Microsoft's deal for Giant Company Software, Sunbelt will continue to get spyware signature updates for its own antispyware product through the middle of 2007. Continue Reading
-
News
20 Dec 2004
Flaw found in Google's new desktop search
Researchers have found a vulnerability in the recently released Google search tool that could allow desktops to be searched via the Internet. The research team at Rice University said a similar search tool from Microsoft doesn't appear to be affected because it doesn't combine Web and local search results in the way that Google does. Continue Reading
-
News
19 Dec 2004
#9: How antivirus software affects SQL Server
Antivirus software can create performance bottlenecks, which is why Kevin Beaver offers his advice for running AV software efficiently Continue Reading
-
News
08 Dec 2004
Challenge: IM versus security
Instant messaging poses many risks to organizations, but there are remedies. Continue Reading
-
News
07 Dec 2004
Advanced tool to find security holes in Windows XP
For more advanced IT professionals, the Windows XP Security Configuration and Analysis tool will help you find weaknesses by comparing system settings to a security template. Learn how to use this snap-in in this tip by Brien Posey. Continue Reading
-
News
07 Dec 2004
IM threat service pledges cooperation
To combat attacks on enterprise networks delivered by rogue instant messages, software companies such as Microsoft, McAfee, AOL and Yahoo have thrown their support behind an IM threat center that promises to work in concert with other security centers. Continue Reading
-
News
23 Nov 2004
How to patch vulnerabilities and keep them sealed
Time is the enemy of every IT manager charged with patching systems; implementing the right process can simplify the challenge. Continue Reading
-
News
19 Nov 2004
Antivirus industry needs to get its act together
Here's a poorly kept secret in security circles: The virus name game has gotten out of hand. Security professionals deserve better. Continue Reading
-
News
18 Nov 2004
Isolate and protect your Windows NT servers now
In the conclusion of this two-part series, Brien Posey offers several highly-effective, advanced techniques for securing outdated Window NT servers. Continue Reading
-
News
16 Nov 2004
Caught in the virus name game
As this month's malware outbreaks attest, it's confusing when antivirus vendors attach different names to the same malware. Continue Reading
-
News
11 Nov 2004
E-mail authentication will not end spam, panelists say
Experts, including those who make a living providing e-mail security, say the tactics of criminals are too advanced to put an end to spam. Speaking at an event host by the U.S. Federal Trade Commission, industry executives said measures such as e-mail authentication will only solve part of the spam problem. Continue Reading
-
News
02 Nov 2004
Bagles leave behind new spamming servers
There are indications Bagle's weekend attack left behind new proxy servers for spamming. Continue Reading
-
News
29 Oct 2004
AV-disabling Bagle variants gaining traction
Antivirus firms say several new Bagle variants are spreading, capable of helping attackers take remote control of vulnerable machines. Continue Reading
-
News
27 Oct 2004
Ask Microsoft: When Windows crashes
Microsoft support executive Gabriel Aul talks about the Windows Error Reporting service and how it interprets "crash patterns." Continue Reading
-
News
08 Oct 2004
Flaw found in older Office versions
Microsoft has chastised security vendor Secunia for publicly releasing information about a vulnerability it found in Office 2000. The buffer overrun flaw, which Secunia rated critical, is caused by a problem in how Word processes Outlook files. Microsoft says Secunia should have notified it first before releasing the information. Continue Reading
-
News
06 Oct 2004
House OKs bill imposing spyware fines
Companies that deploy monitoring software without getting permission from end users first will be heavily fined under a bill passed Tuesday by the U.S. House of Representatives. Another House antispyware bill -- that provides for criminal penalties -- is expected to pass today. Continue Reading
-
News
29 Sep 2004
AV-disabling Bagle variant may take off
A new variant of the Bagle worm that turns off antivirus and personal firewalls is likely to spread rapidly, warn antivirus experts. Continue Reading
-
News
23 Sep 2004
House may vote on spyware bill next week
Leaders in the U.S. House of Representatives are combining two antispyware proposals and plan to bring the unified bill up for a vote next week. A similar bill passed in the Senate last week. Continue Reading
-
News
16 Sep 2004
Fix issued for SMTP bug in Exchange 2003
Microsoft has issued a fix for users of Exchange Server 2003 who may have problems performing DNS lookups via SMTP. Continue Reading
-
News
10 Sep 2004
Failed talks fueled open source rejection of Sender ID
The open source community's mistrust of Microsoft cuts so deep, it appears that nothing will be able to heal the wound. Not even a royalty-free protocol to help fight spam. Continue Reading
-
News
09 Sep 2004
German teen indicted over Sasser worm
German authorities have formally indicted a teen on charges he created the highly destructive Sasser worm. Identified in court documents only as "Sven J.," the 18-year-old is also suspected of creating the Netsky worm. He was arrested in May on a tip provided by Microsoft and faces up to five years in prison if convicted. Continue Reading
-
News
01 Sep 2004
Bagle strikes again
A new variant of the Bagle worm is gaining traction, with more than 11,000 interceptions identified within the first few hours of its spread on Tuesday. Continue Reading
-
News
31 Aug 2004
How secure are you?
A bias-free security testing methodology can help your organization move beyond general best-security practices, to discern exactly how many systems are actually protected. Continue Reading
-
News
30 Aug 2004
America is the world's spam king
America is the undisputed spam-producing capital of the world, according to antivirus firm Sophos. This week, the company published a report on the top 12 spam-producing countries on its Web site. Continue Reading
-
News
25 Aug 2004
'DNA analysis' spots e-mail spam
You might say IBM researchers have antispam technology in their DNA. Computational biologists at an IBM research center have created a spam filter that uses the same technique that scientists use to analyze genetic sequences. In tests, the filter only incorrectly labeled one out of 6,000 messages as spam. Continue Reading
-
News
19 Aug 2004
BONUS: Tips collection of 2004 -- 10 Windows hardening tips in 10 minutes
Take a proactive approach to Windows security with help from Roberta Bragg's book "Hardening Windows systems." These 10 tips are excerpted from Chapter 1, "An immediate call to action," and offer advice you can use today to harden Windows, from strengthening the password policy to disabling infrared file transfer. Continue Reading
-
News
10 Aug 2004
'Highly critical' flaw in AOL Instant Messenger
An attacker could use a vulnerability in AIM to take over compromised machines, Secunia said in an advisory. Continue Reading
-
News
09 Aug 2004
Can a firewall prevent spyware from entering the internal network?
Expert Serdar Yegulalp explains why a firewall can not prevent spyware from entering an internal server. Continue Reading
-
News
09 Aug 2004
Get rid of spyware and popups
Get advice on how to cut down on spyware pop-ups from SearchWindowsSecurity.com contributor Serdar Yegulalp. (June 11, 2003) Continue Reading
-
News
02 Aug 2004
Crafty spammers hiding behind HTTPS
A Symantec executive speaking at an international antispam conference said some spam creators are using secure URLs as shields. Continue Reading
-
News
29 Jul 2004
Details of Microsoft antivirus software leak out
The leader of a Microsoft security project in France has disclosed details about the software maker's plans for an antivirus product. Nicolas Mirail said the product will encompass technology acquired from GeCad and Pelican Software, including two different methods of detecting destructive files. He said the technology will be compatible with Windows XP and the Longhorn version of Windows. Continue Reading
-
News
26 Jul 2004
Beware of Bin Laden Trojan horse
An e-mail-distributed file posing as photographic evidence that Osama Bin Laden has killed himself is in fact infected by the Hackarmy Trojan horse. Continue Reading