News

Antivirus, firewall and IDS products

• August 14, 2006 14 Aug'06

  Mocbot update targets MS06-040 flaw

  Security experts raised the red flag Sunday as new malware targets the Windows flaw addressed in the MS06-040 patch. Attackers are using the flaw to expand IRC-controlled botnets.

• August 10, 2006 10 Aug'06

  Security Blog Log: Israeli-Hezbollah war spills into cyberspace

  This week blogosphere warily watches online attacks inspired by the Mideast conflict and rants over the latest security incidents at AOL and the VA.

• August 10, 2006 10 Aug'06

  Vista kernel limits have security vendors on edge

  Microsoft's PatchGuard feature will prevent extension of Windows Vista kernel, and antivirus vendors say it'll make it harder for them to produce good security products.

• August 06, 2006 06 Aug'06

  Security Bytes: CA fixes eTrust Antivirus flaws

  Online thieves steal $700,000 from personal accounts, researchers expose e-passport vulnerability; and arrests are made in the VA security breach case.

• August 03, 2006 03 Aug'06

  Vendors reject preferential knowledge sharing

  While Cisco continues to investigate a potential PIX firewall flaw, it and other vendors say sharing security information quickly and indiscriminately is always the best policy.

• August 02, 2006 02 Aug'06

  Mobile security begins with policy

  Mobile security can no longer be an afterthought. Mobile experts say security starts, but doesn't end, with policy.

• August 02, 2006 02 Aug'06

  Possible Cisco zero-day exploit revealed at Black Hat

  Details of an alleged flaw related to SIP and PIX appliances, briefly mentioned in a Wednesday Black Hat presentation, are being kept under wraps as Cisco and US-CERT investigate.

• July 31, 2006 31 Jul'06

  Security Bytes: ISS warns of new Microsoft Windows flaw

  Attackers could exploit the latest Microsoft Windows flaw to crash vulnerable machines and Symantec fixes a Brightmail AntiSpam flaw.

• July 26, 2006 26 Jul'06

  DHS puts Zitz in charge of cybersecurity division

  American career intelligence officer Robert S. Zitz has taken over day-to-day operations of the US National Cyber Security Division, but his department still has numerous digital defence problems to remedy.

• July 26, 2006 26 Jul'06

  Blue Cross bears burden of 'no wireless' policy

  Blue Cross of Idaho had a "no wireless" policy on paper but never really enforced it. That is, until a team of auditors said the company had better do something.

• July 19, 2006 19 Jul'06

  Answers: VPN and remote access know-how quiz

  the crucial questions answered

• July 16, 2006 16 Jul'06

  VPNs and remote access quiz

  Take this five-question quiz to see how much you've learned about VPNs and remote access.

• July 14, 2006 14 Jul'06

  CSI survey: Data breaches still being swept under the rug

  The annual CSI/FBI Computer Crime and Security Survey shows companies are reporting fewer financial losses from data breaches. That doesn't mean the good guys are winning.

• July 11, 2006 11 Jul'06

  Critical flaws found in Excel, Flash Player

  FrSIRT says holes in Microsoft's spreadsheet program and Adobe's media player could allow attackers to take control of affected machines and initiate malicious commands.

• July 10, 2006 10 Jul'06

  Security Bytes: Data breach affects 100,000 military personnel

  Meanwhile: Phishers use a phone trick to dupe PayPal users; the PCI security standard will get more teeth and a survey illustrates an increase in security breaches

• June 26, 2006 26 Jun'06

  Dundee to teach ethical hacking BSc

  A degree in ethical hacking will be on offer at a Scottish university from the new academic year.

• June 13, 2006 13 Jun'06

  Fifa ready for cyber attack on World Cup

• June 01, 2006 01 Jun'06

  BlueCat appliance offers rock-solid security

  Hot Pick: The Adonis 1000 appliance bundles DNS and DHCP into an enterprise-class appliance for the centralized secure operation of network addressing.

• March 07, 2006 07 Mar'06

  Networks news in brief

  Short takes from this week's network news

• December 14, 2005 14 Dec'05

  Roundup: 2005's 'curious malicious code'

  These viruses, worms and Trojans sometimes escaped our notice. But it didn't get past one antivirus vendor, who rounded up some of the year's stranger offerings from the underground.

• December 12, 2005 12 Dec'05

  Two Windows patches coming, IE fix uncertain

  It remains to be seen whether the software giant on Dec. 13 will address an outstanding Internet Explorer issue that is currently the target of a malicious Trojan.

• November 14, 2005 14 Nov'05

  Sony rootkit uninstaller causes bigger threat

  Princeton researchers say a security hole that appears when users try to remove Sony's copy protection software presents an even greater risk than the original rootkit.

• November 06, 2005 06 Nov'05

  Hacking Windows: MSRPC vulnerabilities

  In this excerpt from "Hacking Exposed, Fifth Edition: Network Security Secrets & Solutions," authors Stuart McClure, Joel Scambray and George Kurtz introduce MSRPC vulnerabilities and countermeasures.

• October 24, 2005 24 Oct'05

  Reporter's Notebook: NYC 'controls the software industry'

  At Information Security Decisions: a security "rock star" rages against the Microsoft machine; banging the drum for enterprise security; a sour note on zero-day exploits.

• October 20, 2005 20 Oct'05

  Author delves into novel attack methodologies

  Review of Silence on the Wire, a book about security attack methodologies such as passive fingerprinting.

• September 27, 2005 27 Sep'05

  Secure your extended enterprise

  How do you achieve the fine balance between ensuring that there is truly free access to sensitive information, without sacrificing security?

• September 26, 2005 26 Sep'05

  Secure the interests of your extended enterprise

  How do you achieve the fine balance between ensuring that there is truly free access to sensitive information and applications from both inside and outside the firewall, without sacrificing security?

• September 18, 2005 18 Sep'05

  CCSP courses, exam changing next month

  Those seeking Cisco's security credential and specialization in VPN, firewall and IDS will soon follow different curricula that better reflect the vendor's current product lines.

• September 11, 2005 11 Sep'05

  VoIP turns up the heat on firewalls

  New research shows that many organizations are increasingly concerned about VoIP security and plan to augment their firewalls within the next year, changing the landscape of the firewall market.

• September 06, 2005 06 Sep'05

  Firewalls can help or hurt, so plan carefully

• September 05, 2005 05 Sep'05

  Extending perimeters

  The news that, up until 2006, 70% of successful wireless local area network (WLAN) attacks will be because of the misconfiguration of WLAN access points and client software is disquieting on a number of levels.

• September 01, 2005 01 Sep'05

  Symantec glitch could expose user names, passwords

  Symantec announced a fix for a flaw in AntiVirus Corporate Edition Friday afternoon. The security hole could be exploited to view user names and passwords.

• August 26, 2005 26 Aug'05

  High profile breach brings security to top of agenda

  There’s nothing like an apparent breach at a global company to concentrate the mind when it comes to information and data security.

• August 06, 2005 06 Aug'05

  Trusted Computing Group releases server specs

  The Trusted Computing Group released a new set of trusted server specifications it hopes will help vendors protect their platforms against security breaches.

• July 28, 2005 28 Jul'05

  Sarbox compliance costing companies

  Companies’ required investments to attain compliance with the Sarbanes-Oxley data security legislation has come at the expense of dealing with other security threats, according to the Information Security Forum (ISF).

• July 24, 2005 24 Jul'05

  Authentication takes a bite out of spam

  Network and messaging experts offer helpful ammunition for network managers waving the white flag in the battle against spam.

• July 21, 2005 21 Jul'05

  Sarbox draining corporate security budgets

  Corporate investment to comply with the Sarbanes-Oxley data security legislation has come at the expense of dealing with other security threats, according to the Information Security Forum (ISF).

• July 20, 2005 20 Jul'05

  Pop quiz: E-mail security

  Find out how much you know about securing your organization's e-mail.

• July 12, 2005 12 Jul'05

  Sarbox challenge drains security budgets

  International corporate spending on compliance with the Sarbanes-Oxley data security legislation has come at the expense of dealing with other security threats, according to the Information Security Forum.

• June 05, 2005 05 Jun'05

  Quiz: Secure Web directories and development, answer No. 1

  Quiz: Secure Web directories and development, answer No. 1

• June 05, 2005 05 Jun'05

  Quiz: Secure Web directories and development, answer No. 2

  Quiz: Secure Web directories and development, answer No. 2

• June 04, 2005 04 Jun'05

  Life at the edge part 2: Divide and conquer with DMZs

  Learn how a DMZ works and how it can protect Web servers.

• June 03, 2005 03 Jun'05

  Quiz: Identify and analyze Web server attacks

  Test your knowledge of the material covered in the "Identify and analyze Web server attacks" section of Intrusion Defense School.

• June 02, 2005 02 Jun'05

  Quiz: Web attack prevention and defense

  Test your knowledge of the material covered in Web attack prevention and defense, including the fundamentals of securing a Web server.

• May 31, 2005 31 May'05

  Network configuration: IIS SMTP mail relay service and Microsoft Exchange Server

  Learn how to use the IIS SMTP mail relay service to prevent spammers from directly interacting with your Microsoft Exchange Server.

• March 16, 2005 16 Mar'05

  RootkitRevealer turns root kits' tactics back at them

  A contributor reviews freeware RootkitRevealer from Sysinternals.

• January 05, 2005 05 Jan'05

  New solutions for the zero hour

  IT vendors are looking to fill the gap between when a virus first hits and when its remedy is released.

• December 20, 2004 20 Dec'04

  Fixes, workaround for Kerberos 5 vulnerability

  A security hole could be exploited to launch malicious code. But there are fixes and a workaround.

• November 30, 2004 30 Nov'04

  Botnets target the enterprise warn experts

  Versatile and increasingly vicious bots will cause enterprises a lot of grief in 2005, security experts say.

• November 12, 2004 12 Nov'04

  NTFS permissions

  This excerpt from Chapter 5 of "The definitive guide to Windows 2000 security" discusses the advantages of using NTFS for access control.