News

Enterprise software

• August 14, 2006 14 Aug'06

  Mocbot update targets MS06-040 flaw

  Security experts raised the red flag Sunday as new malware targets the Windows flaw addressed in the MS06-040 patch. Attackers are using the flaw to expand IRC-controlled botnets.

• August 10, 2006 10 Aug'06

  Security Blog Log: Israeli-Hezbollah war spills into cyberspace

  This week blogosphere warily watches online attacks inspired by the Mideast conflict and rants over the latest security incidents at AOL and the VA.

• August 10, 2006 10 Aug'06

  Vista kernel limits have security vendors on edge

  Microsoft's PatchGuard feature will prevent extension of Windows Vista kernel, and antivirus vendors say it'll make it harder for them to produce good security products.

• August 09, 2006 09 Aug'06

  Xiotech resurfaces with data compliance focus

  Xiotech has been busy acquiring a legal discovery software vendor and building a data compliance practice, but what about storage?

• August 06, 2006 06 Aug'06

  Security Bytes: CA fixes eTrust Antivirus flaws

  Online thieves steal $700,000 from personal accounts, researchers expose e-passport vulnerability; and arrests are made in the VA security breach case.

• August 03, 2006 03 Aug'06

  Ajax threats worry researchers

  Black Hat: While it makes smooth Web applications like Google Maps possible, the rush to adopt Ajax may fuel haphazard development and a feeding frenzy among hackers.

• August 03, 2006 03 Aug'06

  Vendors reject preferential knowledge sharing

  While Cisco continues to investigate a potential PIX firewall flaw, it and other vendors say sharing security information quickly and indiscriminately is always the best policy.

• August 03, 2006 03 Aug'06

  EMC updates SAN Advisor design tool

  EMC's SAN design tool now recognises zones and allows users to customise rules; HP and EMC sign five-year cross-licensing deal.

• August 02, 2006 02 Aug'06

  Twelve Microsoft fixes coming on Patch Tuesday

  Microsoft Tuesday will release a dozen new security bulletins for its Windows and Office products, likely including fixes for several outstanding PowerPoint flaws.

• August 02, 2006 02 Aug'06

  Mobile security begins with policy

  Mobile security can no longer be an afterthought. Mobile experts say security starts, but doesn't end, with policy.

• August 02, 2006 02 Aug'06

  Possible Cisco zero-day exploit revealed at Black Hat

  Details of an alleged flaw related to SIP and PIX appliances, briefly mentioned in a Wednesday Black Hat presentation, are being kept under wraps as Cisco and US-CERT investigate.

• August 02, 2006 02 Aug'06

  SRM tools improve storage planning and deployment

  Why are storage administrators struggling to identify their storage resources and utilise those resources to their best potential?

• August 01, 2006 01 Aug'06

  Security Bytes: Exploits targeting freshly patched Apple flaw

  Apple patches nearly two dozen holes in OS X, but not before exploits are unleashed. Plus McAfee fixes a critical flaw and EMC gets the OK to buy RSA.

• August 01, 2006 01 Aug'06

  Litchfield: Database security is 'IT's biggest problem'

  At Black Hat USA 2006, database security guru David Litchfield unveils 20-plus IBM Informix flaws that attackers could exploit to create malicious files, gain DBA-level privileges and access sensitive data.

• July 31, 2006 31 Jul'06

  Security Bytes: ISS warns of new Microsoft Windows flaw

  Attackers could exploit the latest Microsoft Windows flaw to crash vulnerable machines and Symantec fixes a Brightmail AntiSpam flaw.

• July 30, 2006 30 Jul'06

  EqualLogic updates storage provisioning software

  Users have more options when it comes to pooling storage with version 3.0 of EqualLogic's array software, but some are wondering whatever happened to the SAS disks.

• July 26, 2006 26 Jul'06

  Mozilla issues critical security updates

  New patches to fix 13 software security flaws, eight of which have been deemed critical.

• July 26, 2006 26 Jul'06

  DHS puts Zitz in charge of cybersecurity division

  American career intelligence officer Robert S. Zitz has taken over day-to-day operations of the US National Cyber Security Division, but his department still has numerous digital defence problems to remedy.

• July 26, 2006 26 Jul'06

  Blue Cross bears burden of 'no wireless' policy

  Blue Cross of Idaho had a "no wireless" policy on paper but never really enforced it. That is, until a team of auditors said the company had better do something.

• July 25, 2006 25 Jul'06

  Netscape.com hit with cross-site scripting attack

  The popular Web portal was hit by a cross-site scripting attack early on 26 July but Netscape says the problem has been addressed

• July 25, 2006 25 Jul'06

  Longhorn on the road to Linux compatibility

  The next version of Windows Server – codenamed Longhorn – will include virtualisation technology that is interoperable with the open source Linux operating system.

• July 24, 2006 24 Jul'06

  Security Bytes: New Microsoft exploits in the wild

  The exploits target issues Microsoft patched earlier this month. Meanwhile, flaws are reported in Oracle for OpenView and a Mozilla Firefox keystroke logger is on the loose.

• July 24, 2006 24 Jul'06

  Resellers come around to storage virtualization

  Storage virtualisation has been around as a concept for years, but value added resellers are finally finding ways to sell it.

• July 16, 2006 16 Jul'06

  VPNs and remote access quiz

  Take this five-question quiz to see how much you've learned about VPNs and remote access.

• July 14, 2006 14 Jul'06

  CSI survey: Data breaches still being swept under the rug

  The annual CSI/FBI Computer Crime and Security Survey shows companies are reporting fewer financial losses from data breaches. That doesn't mean the good guys are winning.

• July 13, 2006 13 Jul'06

  Trojan targets Microsoft PowerPoint flaw

  Update: The exploit might be tied to an older flaw in Excel. Attackers who exploit the serious flaw could launch arbitrary code. Microsoft says it is investigating.

• July 11, 2006 11 Jul'06

  Critical flaws found in Excel, Flash Player

  FrSIRT says holes in Microsoft's spreadsheet program and Adobe's media player could allow attackers to take control of affected machines and initiate malicious commands.

• July 10, 2006 10 Jul'06

  Skills fears as number of IT students plummets

• July 10, 2006 10 Jul'06

  Security Bytes: Data breach affects 100,000 military personnel

  Meanwhile: Phishers use a phone trick to dupe PayPal users; the PCI security standard will get more teeth and a survey illustrates an increase in security breaches

• July 10, 2006 10 Jul'06

  Application layer logging quiz answers

  The key questions revealed

• June 26, 2006 26 Jun'06

  Dundee to teach ethical hacking BSc

  A degree in ethical hacking will be on offer at a Scottish university from the new academic year.

• June 13, 2006 13 Jun'06

  Fifa ready for cyber attack on World Cup

• June 01, 2006 01 Jun'06

  FullArmor lives up to its name

  PolicyPortal provides an Internet interface to easily configure, monitor and enforce near real-time Active Directory-based policy compliance through client agents.

• June 01, 2006 01 Jun'06

  BlueCat appliance offers rock-solid security

  Hot Pick: The Adonis 1000 appliance bundles DNS and DHCP into an enterprise-class appliance for the centralized secure operation of network addressing.

• April 11, 2006 11 Apr'06

  SOA confuses IT heads

  Confusion surrounding the real benefits of service-oriented architecture (SOA) means CIOs are wrongly dismissing it as a cynical marketing ploy.

• March 07, 2006 07 Mar'06

  Networks news in brief

  Short takes from this week's network news

• February 27, 2006 27 Feb'06

  Not just a big switch

  Fibre Channel directors don't just provide lots of ports, they also offer ways to connect disparate SANs, isolate data and devices within a fabric, and configure throughput for specific applications. We look at how the big three directors match up.

• January 13, 2006 13 Jan'06

  Oracle bundles Fusion tools into one-stop SOA suite

  Oracle is offering a one-stop shop to customers seeking to build a service-oriented architecture (SOA) by bundling together several middleware products.

• December 18, 2005 18 Dec'05

  Trio of trouble: Malcode targets Windows, IM users

  AV firms warn IT shops to guard against Dasher, Bagle and Banbra. Dasher targets a Windows flaw patched in October, while Banbra spreads through IM.

• November 30, 2005 30 Nov'05

  Out-of-cycle IE patch may be imminent

  Microsoft may release a critical Internet Explorer fix before the next Patch Tuesday, amid reports that malicious code is targeting a memory corruption flaw.

• November 16, 2005 16 Nov'05

  Step 3: GnuPG and WinPT: Setup

• November 16, 2005 16 Nov'05

  Step 2: Public keypairs

• November 16, 2005 16 Nov'05

  Step 4: Encrypting e-mail in WinPT

• November 14, 2005 14 Nov'05

  Demand for development skills soars as firms seek business edge

  Computer Weekly salary survey shows IT departments eager to secure skills for the future.

• November 06, 2005 06 Nov'05

  Hacking Windows: MSRPC vulnerabilities

  In this excerpt from "Hacking Exposed, Fifth Edition: Network Security Secrets & Solutions," authors Stuart McClure, Joel Scambray and George Kurtz introduce MSRPC vulnerabilities and countermeasures.

• October 20, 2005 20 Oct'05

  Author delves into novel attack methodologies

  Review of Silence on the Wire, a book about security attack methodologies such as passive fingerprinting.

• October 19, 2005 19 Oct'05

  Elements of a data protection strategy

  In this excerpt from Data Protection and Lifecycle Management, Tom Petrocelli addresses the importance of securing data for regulatory compliance and outlines the five components of a data protection strategy.

• October 07, 2005 07 Oct'05

  Service approach will bring benefits to applications development says Gartner

  Service-oriented development of applications (SODA) is the best way to approach globally distributed application development and maintenance, according to a new report by Gartner.

• September 27, 2005 27 Sep'05

  Secure your extended enterprise

  How do you achieve the fine balance between ensuring that there is truly free access to sensitive information, without sacrificing security?

• September 26, 2005 26 Sep'05

  Secure the interests of your extended enterprise

  How do you achieve the fine balance between ensuring that there is truly free access to sensitive information and applications from both inside and outside the firewall, without sacrificing security?