News

Hackers and cybercrime prevention

• January 25, 2007 25 Jan'07

  Threats to physical security

  Tip No. 6 in our series, "How to assess and mitigate information security threats."

• January 25, 2007 25 Jan'07

  Information theft and cryptographic attacks

  The third tip in our series, "How to assess and mitigate information security threats."

• January 17, 2007 17 Jan'07

  Companies take IM threats seriously

  Wesabe is a brand new money management community. It takes threats to IM as seriously as those targeting email and web applications

• January 08, 2007 08 Jan'07

  Critical fixes for Excel, Outlook and Windows

  Microsoft starts the year with security updates for Excel, Outlook and Windows. Three of the fixes are rated critical.

• January 08, 2007 08 Jan'07

  Attackers hide malicious code using new method

  Attackers have designed a new way to thwart virus signatures from antivirus vendors, says a new report.

• January 07, 2007 07 Jan'07

  Bug Briefs: OpenOffice vulnerable to attack

  Other flaws were reported in Apple QuickTime, Mac OS X, Adobe Flash Player, VideoLAN VLC, the Opera Web browser, and Cisco Access Control Server.

• January 04, 2007 04 Jan'07

  Adobe Reader users urged to upgrade

  Adobe Reader 8 fixes serious flaws attackers could exploit for cross-site scripting and other attacks.

• January 03, 2007 03 Jan'07

  Cisco bolsters security with IronPort buy

  Cisco Systems agreed Thursday to buy Internet gateway security vendor IronPort Systems Inc. for $830 million.

• January 02, 2007 02 Jan'07

  Security pros grumble over spam increase

  Spim and spam from unexpected sources is challenging enterprises in 2007. Some enterprises are taking action.

• December 26, 2006 26 Dec'06

  Looking back at information security in 2006

  In this special edition of Security Wire Weekly, senior news writer Bill Brenner reviews his top interviews of 2006.

• December 14, 2006 14 Dec'06

  Employers to seek more security talent in '07

  Learn what certifications are growing in demand and how employers are looking at the job market in 2007.

• December 13, 2006 13 Dec'06

  Review: Sky's the limit with Skybox View 3.0

  Hot Pick: Skybox View 3.0 offers a unique and flexible approach for assessing and managing specific threats and overall risk to your digital assets.

• December 12, 2006 12 Dec'06

  Expert offers tips to bolster messaging security

  In this edition of Security Wire Weekly, Burton Group analyst Diana Kelley explains how to lock down messaging programs as part of our three-day special report on the subject.

• December 11, 2006 11 Dec'06

  IT pros look for ways to lock down IM

  Special Report: To control growing IM threats, administrators are trying to limit which programs can be used or ban the technology altogether. But that's not always possible.

• December 03, 2006 03 Dec'06

  Security Bytes: Phishing worm spreads through MySpace

  Round up of security news

• November 30, 2006 30 Nov'06

  Oracle responds to security critics

  Security Blog Log: Oracle takes on researchers who have criticised its security procedures in recent weeks. Meanwhile, Symantec warns of new zombie malware.

• November 29, 2006 29 Nov'06

  Multiple flaws in Adobe Reader, Acrobat

  Multiple flaws in Adobe Reader and Acrobat could allow attackers to execute malicious commands on victims' computers.

• November 22, 2006 22 Nov'06

  Zango defying FTC agreement, researchers say

  This week in Security Blog Log: Two researchers accuse Zango of unsavory adware tactics, despite the company's pledge to clean up its act.

• November 05, 2006 05 Nov'06

  Microsoft eyes second zero-day threat in a week

  This time, attackers are going after a zero-day flaw in Windows, and Microsoft has released some workarounds until a patch is available.

• October 30, 2006 30 Oct'06

  Messaging Security School

  SearchSecurity.com's Messaging Security School has brought together some of the most knowledgeable experts in the messaging security field to offer you personal instruction on how to secure the information handled by your organization's knowledge ...

• October 30, 2006 30 Oct'06

  Countermeasures for malicious email code

  Today's malware continues to raise the security stakes. Enterprises are now facing numerous evolving threats like targeted and blended attacks, zero-day exploits, botnets and phishing schemes. The attacks aren't the only things evolving; so are ...

• October 22, 2006 22 Oct'06

  Information Security Decisions Session Downloads

  Session Downloads from Information Security Decisions 2006 Conference.

• September 26, 2006 26 Sep'06

  Stration worm targets Windows machines

  The worm uses several fake email messages, including one claiming to be a security update. Users are advised to avoid unsolicited email attachments.

• September 24, 2006 24 Sep'06

  Hijacked consumer machines target the enterprise

  Attackers continue to strike gold by targeting consumers who lack the security savvy to address desktop application flaws, according to Symantec Corp. Enterprises ultimately pay the price.

• September 12, 2006 12 Sep'06

  Big security fixes for QuickTime, Flash Player

  Apple and Adobe warned that attackers could exploit multiple flaws in QuickTime and Flash Player to run malicious code on targeted machines.

• August 27, 2006 27 Aug'06

  Third-party patching: Prudent or perilous?

  Security patches issued by third parties have become more prevalent in recent months, and while some security pros endorse them, others say they're more trouble than they're worth.

• August 14, 2006 14 Aug'06

  Mocbot update targets MS06-040 flaw

  Security experts raised the red flag Sunday as new malware targets the Windows flaw addressed in the MS06-040 patch. Attackers are using the flaw to expand IRC-controlled botnets.

• August 10, 2006 10 Aug'06

  Security Blog Log: Israeli-Hezbollah war spills into cyberspace

  This week blogosphere warily watches online attacks inspired by the Mideast conflict and rants over the latest security incidents at AOL and the VA.

• August 10, 2006 10 Aug'06

  Symantec fixes Backup Exec flaw

  Attackers could exploit flaws in Symantec Backup Exec 9.1 and 9.2 for NetWare Servers to cause a denial of service, launch malicious code and gain access to vulnerable machines.

• July 26, 2006 26 Jul'06

  Mozilla issues critical security updates

  New patches to fix 13 software security flaws, eight of which have been deemed critical.

• July 26, 2006 26 Jul'06

  DHS puts Zitz in charge of cybersecurity division

  American career intelligence officer Robert S. Zitz has taken over day-to-day operations of the US National Cyber Security Division, but his department still has numerous digital defence problems to remedy.

• July 24, 2006 24 Jul'06

  Security Bytes: New Microsoft exploits in the wild

  The exploits target issues Microsoft patched earlier this month. Meanwhile, flaws are reported in Oracle for OpenView and a Mozilla Firefox keystroke logger is on the loose.

• July 13, 2006 13 Jul'06

  Security Bytes: Investigators slam VA over data breach

  Meanwhile: Cisco patches a router application flaw, a Washington law firm sues IBM over a server attack; and spammers sucker Web surfers with fake Vladimir Putin death reports.

• July 13, 2006 13 Jul'06

  Trojan targets Microsoft PowerPoint flaw

  Update: The exploit might be tied to an older flaw in Excel. Attackers who exploit the serious flaw could launch arbitrary code. Microsoft says it is investigating.

• July 11, 2006 11 Jul'06

  Microsoft patches seven July security holes, five critical

  The software giant's monthly batch of fixes includes critical repairs for Internet Explorer and Windows' networking features, plus "important" bulletins for Internet Information Server.

• July 10, 2006 10 Jul'06

  Security Bytes: Data breach affects 100,000 military personnel

  Meanwhile: Phishers use a phone trick to dupe PayPal users; the PCI security standard will get more teeth and a survey illustrates an increase in security breaches

• June 30, 2006 30 Jun'06

  More from SearchSecurity -- July 2006

  Highlights from the July 2006 issue of Information Security magazine.

• June 26, 2006 26 Jun'06

  Dundee to teach ethical hacking BSc

  A degree in ethical hacking will be on offer at a Scottish university from the new academic year.

• June 13, 2006 13 Jun'06

  Fifa ready for cyber attack on World Cup

• April 06, 2006 06 Apr'06

  Adding 'fudge' to your passwords

  Safe passwords are integral to web application security. Unfortunately, recalling many complicated passwords is difficult. If you must write down your passwords to remember them, use this tip to create a safer password record.

• December 22, 2005 22 Dec'05

  Gaining access using application and operating system attacks

  In this excerpt from Chapter 7 of Counter Hack Reloaded: A Step-by-Step Guide to Computer Attacks and Effective Defenses, Second Edition, authors Ed Skoudis and Tom Liston explain how security professionals can use exploit frameworks to their ...

• December 14, 2005 14 Dec'05

  Flaws reported in Trend Micro ServerProtect

  Storage and security managers should be wary of vulnerabilities in the AV product that could enable a denial-of-service and malicious code execution. Workarounds are available.

• December 12, 2005 12 Dec'05

  Titan Rain shows need for better training

  SANS says the Chinese-based attacks demonstrate the growing sophistication of hackers, and the need for IT admins who can articulate the dangers to execs.

• December 07, 2005 07 Dec'05

  Security pros gain ground in the board room

  Executives are paying more attention to their IT security managers and taking more responsibility for online threats against their companies, according to a new study.

• December 06, 2005 06 Dec'05

  Cybersecurity policy takes cooperation, trust, experts say

  At the Infosecurity confab, experts explain why sharing information -- even when it's embarrassing -- is vital to securing not only corporations, but also the national infrastructure.

• November 10, 2005 10 Nov'05

  Security Bytes: FTC cracks down on alleged spyware distributors

  Patches fix serious RealPlayer flaws, IM malcode launches phishing attacks; Microsoft warns of Macromedia Flash flaw; Liberty Alliance pushes stronger authentication; FEMA data security is in question; patches fix Veritas flaws and TransUnion ...

• November 09, 2005 09 Nov'05

  Trojans target Sony DRM and Windows

  Security researchers track two new Trojan horses. One exploits the Sony DRM program. The other could possibly take aim at the Windows flaw Microsoft patched this week.

• October 17, 2005 17 Oct'05

  How avian flu could threaten IT security

  Experts say a potential bird flu pandemic could have a disastrous effect on IT infrastructures. But if companies plan well, those infrastructures could also help minimize chaos.

• October 12, 2005 12 Oct'05

  Symantec fixes 'critical' Veritas flaw

  Attackers could launch malicious code by exploiting a security hole in Veritas NetBackup servers and clients. But Symantec has released a fix.

• September 27, 2005 27 Sep'05

  Secure your extended enterprise

  How do you achieve the fine balance between ensuring that there is truly free access to sensitive information, without sacrificing security?