News
Hackers and cybercrime prevention
-
August 03, 2007
03
Aug'07
Discovery of malware cesspool triggers attack fears
Trend Micro researchers say a malware-infested Web server in Russia, linked to several Italian Web sites, could lead to a large-scale attack.
-
August 02, 2007
02
Aug'07
Apple releases fixes for Mac OS X, iPhone vulnerabilities
Apple Computer has released software patches fixing critical vulnerabilities in Mac OS X and its newly released iPhone.
-
July 24, 2007
24
Jul'07
New hacking technique exploits common programming error
Researchers at Watchfire Inc. say they discovered a new technique that exploits a common dangling pointer error.
-
July 17, 2007
17
Jul'07
Zero-day auction site complicates security efforts, IT pros say
WabiSabiLabi, the eBay-like marketplace for zero-day flaws, will make it tougher for companies to ward off attackers, some IT security professionals say.
-
July 12, 2007
12
Jul'07
Zero-day auction site highlights ethical debate
A new auction site plans to cash in on flaw research. Executive Editor Dennis Fisher explores if it's a viable business model and if research should be sold to the highest bidder.
-
June 25, 2007
25
Jun'07
PCI Council hears complaints, suggestions for changes
Companies with the most stringent security technologies endure hurdles to comply with PCI DSS. Some firms are turning to the upcoming Burton Group Catalyst Conference for answers.
-
June 25, 2007
25
Jun'07
DHS suffered more than 800 cyber attacks in two years
Senior officials at the US Department of Homeland Security have acknowledged hundreds of security lapses but say improvements have been made.
-
June 20, 2007
20
Jun'07
HP to acquire SPI Dynamics for Web security
HP says it will would bolster Web site assessments and Web application vulnerabilities with its acquisition of Atlanta-based SPI Dynamics Inc.
-
June 18, 2007
18
Jun'07
Will HP do the right thing with SPI Dynamics?
Analysts say HP can dramatically boost its security with the purchase of SPI Dynamics, but some users worry about SPI's technology wilting under the new ownership.
-
June 17, 2007
17
Jun'07
Burton Group Catalyst Conference San Francisco 2007
SearchSecurity.com brings you the latest news, interviews, podcasts and more from the Burton Group Catalyst Conference 2007 in San Francisco.
-
June 13, 2007
13
Jun'07
Microsoft patches Windows Vista, IE 7
Microsoft fixed 15 flaws in a variety of products Tuesday, including Windows XP, Vista and Internet Explorer 7. Attackers could exploit the most serious flaws for remote code execution.
-
June 05, 2007
05
Jun'07
Watchfire will help IBM build application security
Analysts have been pushing the Security 3.0 concept this week at Gartner's IT Security Summit, and one analyst says IBM's acquisition of Watchfire illustrates the trend.
-
June 01, 2007
01
Jun'07
Top spammer indicted on email fraud, identity theft
The arrest may reduce the volume of spam in the short-term, say experts and analysts, but the real spam threat comes from criminal gangs based in Asia and Russia.
-
June 01, 2007
01
Jun'07
Google dives into security market
Search engine giant Google has acquired security startup GreenBorder Technologies, making it a bigger player in the wider information security market.
-
May 24, 2007
24
May'07
IETF approves new weapon to fight spam, phish
DomainKeys Identified Mail specification (DKIM) gained approval as an official IETF standard. The approval is seen as a major step in the fight against spam and phishing attacks.
-
May 21, 2007
21
May'07
Cisco warns of new IOS flaws
The new flaws are classified as "low," but if exploited they could result in a sustained DoS condition, Cisco said.
-
May 17, 2007
17
May'07
VoIP security fundamentals
VoIP security is a challenge for IT staff because IP telephony brings with it not only the security problems of data networks but also new threats specific to VoIP. In this fundamentals guide, learn about network security threats and emerging IP ...
-
May 16, 2007
16
May'07
Screencast: How to configure a UTM device
In this exclusive screencast, expert David Strom demonstrates the configuration options available in SonicWall's unified threat management product.
-
May 02, 2007
02
May'07
Microsoft to release DNS patch Tuesday
In addition to a fix for the DNS Server Service flaw, Microsoft plans to patch critical flaws in Windows, Office, Exchange, CAPICOM and BizTalk.
-
April 16, 2007
16
Apr'07
DNS worm strikes at Microsoft flaw
A new worm called Rinbot.BC exploits the Microsoft DNS flaw by installing an IRC bot on infected machines and scanning for other vulnerable servers.
-
April 15, 2007
15
Apr'07
Malware outbreak 'largest in almost a year'
Security firm Postini and the SANS Internet Storm Center said they are tracking a significant malware outbreak. Postini calls it the biggest email attack in almost a year.
-
April 12, 2007
12
Apr'07
Microsoft investigates DNS server flaw
Attackers could exploit a DNS flaw in Microsoft Windows 2000 Server and Windows Server 2003 and run malicious code on the system. A workaround is suggested until a patch is issued.
-
April 11, 2007
11
Apr'07
Instant messaging threats become more sophisticated
Instant messaging faces greater threats as more enterprises begin to utilize it, making it a more appealing target to hackers.
-
April 10, 2007
10
Apr'07
The changing threat of email attacks
In this Messaging Security School lesson, expert Mike Rothman details the state of next-generation email threats, explores reputation systems and uncovers threats AV can't catch.
-
April 08, 2007
08
Apr'07
Spam campaign uses Storm-like attack technique
Spammers used an attack technique much like last January's "Storm" assault to dupe people into downloading malware over the weekend. This time, they used fake WWIII headlines.
-
April 08, 2007
08
Apr'07
Symantec fixes 'high-risk' flaw in Enterprise Security Manager
Attackers could hijack machines from remote locations by exploiting a flaw in Symantec Enterprise Security Manager (ESM). Kaspersky Lab users also have a flaw to deal with.
-
April 04, 2007
04
Apr'07
Data security breach at UCSF may have exposed thousands
The University of California at San Francisco (UCSF) acknowledged Wednesday that a security hole in a computer server may have exposed 46,000 people to potential identity fraud.
-
March 22, 2007
22
Mar'07
Flaws haunt protocol tied to national infrastructure
Also: A weakness is found in Windows settings, Microsoft investigates a new Vista flaw, and flaws are addressed in OpenOffice.org and Firefox.
-
March 21, 2007
21
Mar'07
Hackers broaden reach of cross-site scripting attacks
An explosion of AJAX-based applications has increased the damage that cross-site scripting (XSS) attacks can inflict on machines. A new tool uses XSS flaws to create a botnet.
-
March 08, 2007
08
Mar'07
Review: eGuardPost a B+ overall
eGuardPost is a well-designed and highly capable product that meets an important need. It has strong security and great forensics capabilities.
-
March 07, 2007
07
Mar'07
Microsoft cancels Patch Tuesday as DST looms
IT administrators who are struggling to apply all their daylight-saving time (DST) patches will get a break from Microsoft next week, as no new security fixes will be released.
-
March 07, 2007
07
Mar'07
Symantec acquires automated risk assessment firm
Symantec has acquired Reston, Va.-based 4FrontSecurity, a maker of automated risk analysis and security management tools. An expert says it's the latest sign that the security risk assessment market is heating up.
-
February 21, 2007
21
Feb'07
Cisco warns of IP phone flaws
Attackers could circumvent security restrictions by exploiting flaws in certain Cisco IP phones, the networking giant warned Wednesday.
-
February 14, 2007
14
Feb'07
New attack technique threatens broadband users
Millions of broadband users across the globe are threatened by a new attack technique called drive-by pharming
-
February 05, 2007
05
Feb'07
Rootkit dangers at an 'all-time high'
Industry experts at RSA Conference 2007 say not only have rootkits become the weapon of choice for malicious hackers, but they've also emerged as useful tools for legitimate businesses trying to exert control over users.
-
February 05, 2007
05
Feb'07
Coviello: In 3 years, no more stand-alone security
RSA President Art Coviello says today's patchwork of monolithic security devices will disappear in the next three years as security is integrated into the larger IT infrastructure.
-
February 04, 2007
04
Feb'07
CISOs mastering 'softer' skills
Why CISOs can no longer rely on technology skills alone and what businesses are looking for when recruiting their next information security leader.
-
January 25, 2007
25
Jan'07
Balancing the cost and benefits of countermeasures
The final tip in our series, "How to assess and mitigate information security threats."
-
January 25, 2007
25
Jan'07
Attacks targeted to specific applications
The fourth tip in our series, "How to assess and mitigate information security threats."
-
January 25, 2007
25
Jan'07
How to assess and mitigate information security threats
Learn how to assess and mitigate information security threats, like rootkits, worms and Trojans in the tip series created in collaboration with Realtimepublishers and Dan Sullivan, author of The Shortcut Guide to Protecting Business Internet Usage.
-
January 25, 2007
25
Jan'07
Malware: The ever-evolving threat
The first tip in our series, "How to assess and mitigate information security threats"
-
January 25, 2007
25
Jan'07
Threats to physical security
Tip No. 6 in our series, "How to assess and mitigate information security threats."
-
January 25, 2007
25
Jan'07
Information theft and cryptographic attacks
The third tip in our series, "How to assess and mitigate information security threats."
-
January 17, 2007
17
Jan'07
Companies take IM threats seriously
Wesabe is a brand new money management community. It takes threats to IM as seriously as those targeting email and web applications
-
January 08, 2007
08
Jan'07
Critical fixes for Excel, Outlook and Windows
Microsoft starts the year with security updates for Excel, Outlook and Windows. Three of the fixes are rated critical.
-
January 08, 2007
08
Jan'07
Attackers hide malicious code using new method
Attackers have designed a new way to thwart virus signatures from antivirus vendors, says a new report.
-
January 07, 2007
07
Jan'07
Bug Briefs: OpenOffice vulnerable to attack
Other flaws were reported in Apple QuickTime, Mac OS X, Adobe Flash Player, VideoLAN VLC, the Opera Web browser, and Cisco Access Control Server.
-
January 04, 2007
04
Jan'07
Adobe Reader users urged to upgrade
Adobe Reader 8 fixes serious flaws attackers could exploit for cross-site scripting and other attacks.
-
January 03, 2007
03
Jan'07
Cisco bolsters security with IronPort buy
Cisco Systems agreed Thursday to buy Internet gateway security vendor IronPort Systems Inc. for $830 million.
-
January 02, 2007
02
Jan'07
Security pros grumble over spam increase
Spim and spam from unexpected sources is challenging enterprises in 2007. Some enterprises are taking action.