News

Hackers and cybercrime prevention

  • May 24, 2007 24 May'07

    IETF approves new weapon to fight spam, phish

    DomainKeys Identified Mail specification (DKIM) gained approval as an official IETF standard. The approval is seen as a major step in the fight against spam and phishing attacks.

  • May 21, 2007 21 May'07

    Cisco warns of new IOS flaws

    The new flaws are classified as "low," but if exploited they could result in a sustained DoS condition, Cisco said.

  • May 17, 2007 17 May'07

    VoIP security fundamentals

    VoIP security is a challenge for IT staff because IP telephony brings with it not only the security problems of data networks but also new threats specific to VoIP. In this fundamentals guide, learn about network security threats and emerging IP ...

  • May 16, 2007 16 May'07

    Screencast: How to configure a UTM device

    In this exclusive screencast, expert David Strom demonstrates the configuration options available in SonicWall's unified threat management product.

  • May 02, 2007 02 May'07

    Microsoft to release DNS patch Tuesday

    In addition to a fix for the DNS Server Service flaw, Microsoft plans to patch critical flaws in Windows, Office, Exchange, CAPICOM and BizTalk.

  • April 16, 2007 16 Apr'07

    DNS worm strikes at Microsoft flaw

    A new worm called Rinbot.BC exploits the Microsoft DNS flaw by installing an IRC bot on infected machines and scanning for other vulnerable servers.

  • April 15, 2007 15 Apr'07

    Malware outbreak 'largest in almost a year'

    Security firm Postini and the SANS Internet Storm Center said they are tracking a significant malware outbreak. Postini calls it the biggest email attack in almost a year.

  • April 12, 2007 12 Apr'07

    Microsoft investigates DNS server flaw

    Attackers could exploit a DNS flaw in Microsoft Windows 2000 Server and Windows Server 2003 and run malicious code on the system. A workaround is suggested until a patch is issued.

  • April 11, 2007 11 Apr'07

    Instant messaging threats become more sophisticated

    Instant messaging faces greater threats as more enterprises begin to utilize it, making it a more appealing target to hackers.

  • April 10, 2007 10 Apr'07

    The changing threat of email attacks

    In this Messaging Security School lesson, expert Mike Rothman details the state of next-generation email threats, explores reputation systems and uncovers threats AV can't catch.

  • April 08, 2007 08 Apr'07

    Spam campaign uses Storm-like attack technique

    Spammers used an attack technique much like last January's "Storm" assault to dupe people into downloading malware over the weekend. This time, they used fake WWIII headlines.

  • April 08, 2007 08 Apr'07

    Symantec fixes 'high-risk' flaw in Enterprise Security Manager

    Attackers could hijack machines from remote locations by exploiting a flaw in Symantec Enterprise Security Manager (ESM). Kaspersky Lab users also have a flaw to deal with.

  • April 04, 2007 04 Apr'07

    Data security breach at UCSF may have exposed thousands

    The University of California at San Francisco (UCSF) acknowledged Wednesday that a security hole in a computer server may have exposed 46,000 people to potential identity fraud.

  • March 22, 2007 22 Mar'07

    Flaws haunt protocol tied to national infrastructure

    Also: A weakness is found in Windows settings, Microsoft investigates a new Vista flaw, and flaws are addressed in OpenOffice.org and Firefox.

  • March 21, 2007 21 Mar'07

    Hackers broaden reach of cross-site scripting attacks

    An explosion of AJAX-based applications has increased the damage that cross-site scripting (XSS) attacks can inflict on machines. A new tool uses XSS flaws to create a botnet.

  • March 08, 2007 08 Mar'07

    Review: eGuardPost a B+ overall

    eGuardPost is a well-designed and highly capable product that meets an important need. It has strong security and great forensics capabilities.

  • March 07, 2007 07 Mar'07

    Microsoft cancels Patch Tuesday as DST looms

    IT administrators who are struggling to apply all their daylight-saving time (DST) patches will get a break from Microsoft next week, as no new security fixes will be released.

  • March 07, 2007 07 Mar'07

    Symantec acquires automated risk assessment firm

    Symantec has acquired Reston, Va.-based 4FrontSecurity, a maker of automated risk analysis and security management tools. An expert says it's the latest sign that the security risk assessment market is heating up.

  • February 21, 2007 21 Feb'07

    Cisco warns of IP phone flaws

    Attackers could circumvent security restrictions by exploiting flaws in certain Cisco IP phones, the networking giant warned Wednesday.

  • February 14, 2007 14 Feb'07

    New attack technique threatens broadband users

    Millions of broadband users across the globe are threatened by a new attack technique called drive-by pharming

  • February 05, 2007 05 Feb'07

    Rootkit dangers at an 'all-time high'

    Industry experts at RSA Conference 2007 say not only have rootkits become the weapon of choice for malicious hackers, but they've also emerged as useful tools for legitimate businesses trying to exert control over users.

  • February 05, 2007 05 Feb'07

    Coviello: In 3 years, no more stand-alone security

    RSA President Art Coviello says today's patchwork of monolithic security devices will disappear in the next three years as security is integrated into the larger IT infrastructure.

  • February 04, 2007 04 Feb'07

    CISOs mastering 'softer' skills

    Why CISOs can no longer rely on technology skills alone and what businesses are looking for when recruiting their next information security leader.

  • January 25, 2007 25 Jan'07

    Balancing the cost and benefits of countermeasures

    The final tip in our series, "How to assess and mitigate information security threats."

  • January 25, 2007 25 Jan'07

    Attacks targeted to specific applications

    The fourth tip in our series, "How to assess and mitigate information security threats."

  • January 25, 2007 25 Jan'07

    How to assess and mitigate information security threats

    Learn how to assess and mitigate information security threats, like rootkits, worms and Trojans in the tip series created in collaboration with Realtimepublishers and Dan Sullivan, author of The Shortcut Guide to Protecting Business Internet Usage.

  • January 25, 2007 25 Jan'07

    Malware: The ever-evolving threat

    The first tip in our series, "How to assess and mitigate information security threats"

  • January 25, 2007 25 Jan'07

    Threats to physical security

    Tip No. 6 in our series, "How to assess and mitigate information security threats."

  • January 25, 2007 25 Jan'07

    Information theft and cryptographic attacks

    The third tip in our series, "How to assess and mitigate information security threats."

  • January 17, 2007 17 Jan'07

    Companies take IM threats seriously

    Wesabe is a brand new money management community. It takes threats to IM as seriously as those targeting email and web applications

  • January 08, 2007 08 Jan'07

    Critical fixes for Excel, Outlook and Windows

    Microsoft starts the year with security updates for Excel, Outlook and Windows. Three of the fixes are rated critical.

  • January 08, 2007 08 Jan'07

    Attackers hide malicious code using new method

    Attackers have designed a new way to thwart virus signatures from antivirus vendors, says a new report.

  • January 07, 2007 07 Jan'07

    Bug Briefs: OpenOffice vulnerable to attack

    Other flaws were reported in Apple QuickTime, Mac OS X, Adobe Flash Player, VideoLAN VLC, the Opera Web browser, and Cisco Access Control Server.

  • January 04, 2007 04 Jan'07

    Adobe Reader users urged to upgrade

    Adobe Reader 8 fixes serious flaws attackers could exploit for cross-site scripting and other attacks.

  • January 03, 2007 03 Jan'07

    Cisco bolsters security with IronPort buy

    Cisco Systems agreed Thursday to buy Internet gateway security vendor IronPort Systems Inc. for $830 million.

  • January 02, 2007 02 Jan'07

    Security pros grumble over spam increase

    Spim and spam from unexpected sources is challenging enterprises in 2007. Some enterprises are taking action.

  • December 26, 2006 26 Dec'06

    Looking back at information security in 2006

    In this special edition of Security Wire Weekly, senior news writer Bill Brenner reviews his top interviews of 2006.

  • December 14, 2006 14 Dec'06

    Employers to seek more security talent in '07

    Learn what certifications are growing in demand and how employers are looking at the job market in 2007.

  • December 13, 2006 13 Dec'06

    Review: Sky's the limit with Skybox View 3.0

    Hot Pick: Skybox View 3.0 offers a unique and flexible approach for assessing and managing specific threats and overall risk to your digital assets.

  • December 12, 2006 12 Dec'06

    Expert offers tips to bolster messaging security

    In this edition of Security Wire Weekly, Burton Group analyst Diana Kelley explains how to lock down messaging programs as part of our three-day special report on the subject.

  • December 11, 2006 11 Dec'06

    IT pros look for ways to lock down IM

    Special Report: To control growing IM threats, administrators are trying to limit which programs can be used or ban the technology altogether. But that's not always possible.

  • December 03, 2006 03 Dec'06

    Security Bytes: Phishing worm spreads through MySpace

    Round up of security news

  • November 30, 2006 30 Nov'06

    Oracle responds to security critics

    Security Blog Log: Oracle takes on researchers who have criticised its security procedures in recent weeks. Meanwhile, Symantec warns of new zombie malware.

  • November 29, 2006 29 Nov'06

    Multiple flaws in Adobe Reader, Acrobat

    Multiple flaws in Adobe Reader and Acrobat could allow attackers to execute malicious commands on victims' computers.

  • November 22, 2006 22 Nov'06

    Zango defying FTC agreement, researchers say

    This week in Security Blog Log: Two researchers accuse Zango of unsavory adware tactics, despite the company's pledge to clean up its act.

  • November 05, 2006 05 Nov'06

    Microsoft eyes second zero-day threat in a week

    This time, attackers are going after a zero-day flaw in Windows, and Microsoft has released some workarounds until a patch is available.

  • October 30, 2006 30 Oct'06

    Messaging Security School

    SearchSecurity.com's Messaging Security School has brought together some of the most knowledgeable experts in the messaging security field to offer you personal instruction on how to secure the information handled by your organization's knowledge ...

  • October 30, 2006 30 Oct'06

    Countermeasures for malicious email code

    Today's malware continues to raise the security stakes. Enterprises are now facing numerous evolving threats like targeted and blended attacks, zero-day exploits, botnets and phishing schemes. The attacks aren't the only things evolving; so are ...

  • October 22, 2006 22 Oct'06

    Information Security Decisions Session Downloads

    Session Downloads from Information Security Decisions 2006 Conference.

  • September 26, 2006 26 Sep'06

    Stration worm targets Windows machines

    The worm uses several fake email messages, including one claiming to be a security update. Users are advised to avoid unsolicited email attachments.