M Edwards


Mark Joseph Edwards is a senior contributing editor for Windows IT Pro and writes the weekly email newsletter Security UPDATE (http://www.windowsitpro.com/email). He is a network engineer and the author of Internet Security with Windows NT (29th Street Press).

Microsoft Releases 5 Critical Patches
Microsoft unleashed a series of critical security patches during its September software update cycle.
Wordpress 2.8.4 Fixes A Big Security Hole
Time to upgrade your Wordpress sites. A vulnerability in versions prior to 2.8.4 could let the bad guys reset passwords. And there's a nasty worm infiltrating sites based on an older vulnerability in the code.
SecureTweets for Twitter
Since Twitter is so hugely popular it makes sense that someone would create a tool to help protect users from malicious URLs within the posts at the site.
Sometimes The Cookie Doesn't Crumble
Ever heard of Flash cookies? They're often used to track your activity. And sometimes even if you delete them they reappear.
Chrome OS - Who Would've Guessed?
By now you've heard the news that Google will eventually release an operating system called Chrome OS. There's no big surprise there. But the future of desktops might become surprising.
Making Data "Vanish" Automatically
University of Washington researchers have a created a way to automate encryption key expiration, which means data can become inaccessible over a given period of time.
Firefox's Future Content Security Policy
It appears that Firefox will gain some much-needed Content Security Policy (CSP) that will help defend against XSS attacks, Clickjacking, and packet sniffing.
Adios Milw0rm
It looks like the popular milw0rm site has gone offline - possibly never to return.
Kon-Boot Lets You Bypass Logon for Windows and Linux 6
Kon-Boot looks like a very interesting tool since it can get you into a system without having to logon first.
SANS Reports Internet Explorer 0-Day Exploit
SANS reports (via CSIS in Denmark) that a new 0-day exploit against Microsoft DirectShow is loose on the net.
Will ICANN Ban Top Level DNS Wildcarding?
Some registrars use wildcard DNS systems to redirect users to their own sites when a DNS lookup fails, which can occur in a variety of circumstances. ICANN's Security and Stability Advisory Committee wants to ban the practice.
Wireshark 1.2.0 Sports Lots of New Features
Wireshark 1.2.0 is out. The new version of this popular packet sniffer includes many new features, including GeoIP integration, a 64-bit Windows installer, and more.
SecureBrowsing Extension for IE and Firefox
Finjan released SecureBrowsing, which is a browser extension than scan Web pages in realtime to detect potentially malicious content.
Sniffing Browser History Without Javascript
Someone discovered a way to sniff sites from your browser history without using Javascript. Instead it uses an iframe that loads a server-side PHP script to do all the heavy lifting.
Gmail to go with HTTPS by default 2
Webmail is inherently insecure for several different reasons - one of which being that without SSL your correspondence is easily sniffed and possibly even stored in your browser's cache.
John Savill's PowerShell Master Class

Join John Savill for the ALL NEW PowerShell Master Class!

In this master-level training course, you get 9 hours of technical training that will make you a PowerShell Master!

Thursdays, February 11th through 25th

By the end of the course, you will understanding how to create custom modules to achieve amazing results in your environment, in non-Microsoft environments and in Azure.

Topics covered will include:

* PowerShell Fundamentals
* Remote Management
* Connecting Commands and Mastering Objects
* Scripting and Custom Modules
* State Configuration
* PowerShell Workflows, Orchestrator SMA, and Azure Automation
* And much more!


Join the Conversation

Get answers to questions, share tips, and engage with the IT professional community at myITforum. Are you a data center professional? Join AFCOM for the best data center insights.

Sponsored Introduction Continue on to (or wait seconds) ×