Fahmida Y. Rashid

Contributor

Fahmida Y. Rashid is a freelance writer who wrote for CSO and focused on information security. Before joining CSO, she wrote about networking and security for various technology publications, including InfoWorld, eWeek, PC Magazine, Dark Reading, and CRN. She also spent years as an IT administrator, software developer, and data analyst. "I, for one, welcome our new computer overlords."

Encryption in 2016: Small victories add up

Encryption in 2016: Small victories add up

The move from SHA-1 to SHA-2, a Congressional victory over backdoors, and the rise of encrypted communications are leading us toward a more secure world

Nmap security scanner gets new scripts, performance boosts

Nmap security scanner gets new scripts, performance boosts

Nmap 7.40 has new scripts that give IT administrators improved network mapping and port scanning capabilities

Google open-sources test suite to find crypto bugs

Google open-sources test suite to find crypto bugs

Developers can use Project Wycheproof to test cryptographic algorithms against a library of known attacks to uncover potential weaknesses

10 essential PowerShell security scripts for Windows administrators

10 essential PowerShell security scripts for Windows administrators

PowerShell is a valuable tool for automating Windows administration tasks, including laborious security chores

How Windows 10 data collection trades privacy for security

How Windows 10 data collection trades privacy for security

Here's what data each telemetry level collects and the price you pay to send the least telemetry to Microsoft

10 AWS security blunders and how to avoid them

10 AWS security blunders and how to avoid them

Amazon Web Services is easy to work with -- but can easily compromise your environment with a single mistake

Stupid encryption mistakes criminals make

Stupid encryption mistakes criminals make

Blown cover: Malware authors show how easy it is to get encryption wrong and, in the process, help security pros crack their code

ICANN will generate new DNSSec key

ICANN will generate new DNSSec key

The update is a serious and critical undertaking that will ensure greater DNS security

What’s in your code? Why you need a software bill of materials

What’s in your code? Why you need a software bill of materials

When developers and suppliers carefully list the tools used to build an application and what third-party components are included, IT can improve software patching and updates

Lockdown! Harden Windows 10 for maximum security

Lockdown! Harden Windows 10 for maximum security

To make the most of Windows 10's security improvements, you must target the right edition and hardware for your needs

Rugged devops: Build security into software development

Rugged devops: Build security into software development

Devops improved software development and deployment. Rugged devops brings together security pros, developers, and operations to deliver better application security faster

New collision attacks against triple-DES, Blowfish break HTTPS sessions

New collision attacks against triple-DES, Blowfish break HTTPS sessions

Legacy ciphers such as triple-DES and Blowfish are vulnerable to Sweet32 attacks, which let attackers decrypt HTTPS sessions even without the encryption key

Automate, integrate, collaborate: Devops lessons for security

Automate, integrate, collaborate: Devops lessons for security

Devops is transforming application development; the same principles of automation, integration, and collaboration can vastly improve security as well

Keep using password managers -- bugs and all

Keep using password managers -- bugs and all

A furor over bugs in password managers left users in a jam. Self-proclaimed security empress Jessy Irwin clears up the confusion

Respect: Windows 10 security impresses hackers

Respect: Windows 10 security impresses hackers

Windows is a popular attack target for criminals and researchers alike, but Microsoft has done a good job of making it harder to target security flaws in the OS

Want secure code? Give devs the right tools

Want secure code? Give devs the right tools

With the appropriate tools and environments, developers can take the first step forward in safeguarding app security

The advanced security techniques of criminal hackers

The advanced security techniques of criminal hackers

InfoWorld talks with Digital Shadows' Rick Holland about the security tools hackers use to protect themselves while ripping you off

Do developers really care about security?

Do developers really care about security?

InfoWorld talks with GitHub's Jamesha Fisher about the cultural shifts necessary for baking security early into the devops process

The threat hunter's guide to securing the enterprise

The threat hunter's guide to securing the enterprise

You're already breached. Here's how to track down attackers on your network before they wreak havoc

Jeremiah Grossman: Focus on ransomware, SDLC, and endpoints

Jeremiah Grossman: Focus on ransomware, SDLC, and endpoints

The noted web security guru worries that the key web and application threats aren't getting the right level of focus

Load More