News

IT risk management

  • June 17, 2007 17 Jun'07

    VoIP security testing fundamentals

    Testing your VoIP security system against all the threats that exist on the network can be a full time job. This guide documents how a VoIP system can be tested and suggest some of the available tools to use -- with a focus on fuzzing tools and ...

  • June 13, 2007 13 Jun'07

    Microsoft patches Windows Vista, IE 7

    Microsoft fixed 15 flaws in a variety of products Tuesday, including Windows XP, Vista and Internet Explorer 7. Attackers could exploit the most serious flaws for remote code execution.

  • June 10, 2007 10 Jun'07

    Connecting for Health briefing claims much of NHS NPfIT complete

    A confidential Connecting for Health briefing paper for the prime minister has claimed that much of the NHS's £12.4bn National Programme for IT (NPfIT) is complete - although an integrated national care record system has yet to materialise, and ...

  • June 08, 2007 08 Jun'07

    Serious flaws put Yahoo Messenger users in peril

    Attackers could exploit two serious flaws in Yahoo Messenger to run malicious code on targeted machines, vulnerability trackers warned Wednesday.

  • June 05, 2007 05 Jun'07

    IBM to acquire Watchfire for risk, compliance

    IBM agreed to acquire Waltham, Mass.-based Watchfire Corp. to add Web application and compliance testing tools into Big Blue's Rational development platform.

  • June 05, 2007 05 Jun'07

    Watchfire will help IBM build application security

    Analysts have been pushing the Security 3.0 concept this week at Gartner's IT Security Summit, and one analyst says IBM's acquisition of Watchfire illustrates the trend.

  • June 04, 2007 04 Jun'07

    SMBs sample SaaS via telecoms

    Telecom XO Communications has announced a new, SMB-focused partnership with Jamcracker, a wholesaler of SaaS technology. Analysts say more telecoms will try to offer SMBs IT services with such deals.

  • June 03, 2007 03 Jun'07

    IBM: We're No. 1 in storage hardware

    A new combined disk and tape tracker from IDC has IBM trumpeting from the rooftops that it's the market leader. But what's IBM's story when it comes to software?

  • June 01, 2007 01 Jun'07

    Top spammer indicted on email fraud, identity theft

    The arrest may reduce the volume of spam in the short-term, say experts and analysts, but the real spam threat comes from criminal gangs based in Asia and Russia.

  • June 01, 2007 01 Jun'07

    Check Point promises more VoIP security, fewer slowdowns

    Check Point's enhanced Open Performance Architecture is designed for deeper security of technologies like VoIP without the network performance problems that often come with it.

  • June 01, 2007 01 Jun'07

    Springing leaks: Getting smart about data loss prevention

    Companies are showing increased interest in data loss prevention (DLP) products, but they won't work well unless the business needs are understood and well defined.

  • June 01, 2007 01 Jun'07

    Google dives into security market

    Search engine giant Google has acquired security startup GreenBorder Technologies, making it a bigger player in the wider information security market.

  • June 01, 2007 01 Jun'07

    HDS adds SAN muscle to archive

    Hitachi Data Systems integrates its archive software across its product line and adds important new features, including replication, data deduplication and security.

  • May 29, 2007 29 May'07

    SAN School: Table of contents

    What is a storage area network? What are the benefits and pitfalls of installation? How can a SAN fit into your organization? These questions and more are answered SAN School.

  • May 24, 2007 24 May'07

    McAfee launches IPS for 10g networks, but is IT ready?

    McAfee unveiled a new IPS offering for 10-gigabit Ethernet networks and announced the upgrade and integration of several other products. One analyst offers a mixed assessment.

  • May 24, 2007 24 May'07

    Microsoft fixes Office 2007 patch issues, releases MOICE

    The Microsoft Security Response Center acknowledged that some of the company's May 8 security updates didn't make it to machines running Office 2007 on Windows Vista.

  • May 24, 2007 24 May'07

    IETF approves new weapon to fight spam, phish

    DomainKeys Identified Mail specification (DKIM) gained approval as an official IETF standard. The approval is seen as a major step in the fight against spam and phishing attacks.

  • May 24, 2007 24 May'07

    Microsoft investigates new Office zero-day flaw

    Attackers could exploit a newly-discovered zero-day flaw in Office 2000 to run malicious code on targeted machines, Symantec warned.

  • May 16, 2007 16 May'07

    Screencast: How to configure a UTM device

    In this exclusive screencast, expert David Strom demonstrates the configuration options available in SonicWall's unified threat management product.

  • May 16, 2007 16 May'07

    When signature based antivirus isn't enough

    Zero-day exploits, targeted attacks and increasing demands for endpoint application controls are driving the rapid metamorphosis from signature-based antivirus and antispyware to HIPS-based integrated products.

  • May 11, 2007 11 May'07

    Cisco fixes fresh flaws in IOS

    Attackers could exploit two flaws in Cisco's IOS to cause a denial of service or tamper with data in a device file system.

  • May 08, 2007 08 May'07

    Companies plug FTP holes with secure FTP servers

    Some companies are investing in secure FTP suites to give employees and business partners the ability to transfer large files such as large documents, audio, video and photos.

  • May 03, 2007 03 May'07

    Quiz: Enterprise strategies for protecting data at rest

    A five-question multiple-choice quiz to test your understanding of the e-discovery content presented by expert Perry Carpenter in this lesson of SearchSecurity.com's Data Protection Security School.

  • May 03, 2007 03 May'07

    Quiz: Demystifying data encryption

    A five-question multiple-choice quiz to test your understanding of the data encryption content presented by expert Tom Bowers in this lesson of SearchSecurity.com's Data Protection Security School.

  • May 02, 2007 02 May'07

    Microsoft to release DNS patch Tuesday

    In addition to a fix for the DNS Server Service flaw, Microsoft plans to patch critical flaws in Windows, Office, Exchange, CAPICOM and BizTalk.

  • May 01, 2007 01 May'07

    IM slang glossary

  • April 26, 2007 26 Apr'07

    New image spam sneaks into inboxes

    Researchers at Secure Computing Corp. have discovered a new form of image spam that is sneaking into corporate systems and clogging inboxes.

  • April 24, 2007 24 Apr'07

    Scaling storage networks demands careful consideration

    In the Fibre Channel world, scaling often means adding more and faster switch ports to extend the fabric's bandwidth and connectivity. But IP storage (mainly iSCSI) is a growing area of SAN expansion, using ubiquitous Ethernet network technology to ...

  • April 24, 2007 24 Apr'07

    Apple fixes 25 Mac OS X flaws

    Attackers could exploit about two dozen flaws in Mac OS X to cause a denial of service, bypass security restrictions, disclose sensitive data and run malicious code.

  • April 23, 2007 23 Apr'07

    Weekly compilation of storage news:Dell LTO-4 drive, new Sun array

    Dell is first out of the gate with the new LTO-4 drive, which offers native encryption; Sun unveils new array and deepens its relationship with FalconStor.

  • April 17, 2007 17 Apr'07

    SNW: Users wary of outsourcing backup

    Symantec unveiled plans for outsourced, online data backup services this week, but users at Storage Networking World are more cautious than ever about letting go of their data.

  • April 17, 2007 17 Apr'07

    Storage consolidation: Disks and disk subsystems overview

    Any storage consolidation effort must involve a serious consideration of disk subsystems and the specific disk types that those systems will contain

  • April 16, 2007 16 Apr'07

    DNS worm strikes at Microsoft flaw

    A new worm called Rinbot.BC exploits the Microsoft DNS flaw by installing an IRC bot on infected machines and scanning for other vulnerable servers.

  • April 15, 2007 15 Apr'07

    Malware outbreak 'largest in almost a year'

    Security firm Postini and the SANS Internet Storm Center said they are tracking a significant malware outbreak. Postini calls it the biggest email attack in almost a year.

  • April 12, 2007 12 Apr'07

    Microsoft investigates DNS server flaw

    Attackers could exploit a DNS flaw in Microsoft Windows 2000 Server and Windows Server 2003 and run malicious code on the system. A workaround is suggested until a patch is issued.

  • April 12, 2007 12 Apr'07

    Microsoft DNS server flaw called dangerous

    UPDATE: Microsoft said Sunday that attacks are still limited, but a proof of concept code to exploit the vulnerability is publicly available.

  • April 11, 2007 11 Apr'07

    Instant messaging threats become more sophisticated

    Instant messaging faces greater threats as more enterprises begin to utilize it, making it a more appealing target to hackers.

  • April 11, 2007 11 Apr'07

    Architectural firm swaps online data backup service providers

    As online data backup services take off, one early adopter slashed costs dramatically by switching to a newer service on the market.

  • April 10, 2007 10 Apr'07

    Capacity planning software specifications

    Gauging storage needs over time is one of the biggest challenges faced by IT administrators, and a new generation of capacity planning tools is emerging to help forecast growth and utilisation of storage resources.

  • April 08, 2007 08 Apr'07

    How data deduplication eases storage requirements

    Storage administrators are struggling to handle spiraling volumes of documents, audio, video, images and large email attachments. Adding storage is not always the best solution, and many companies are turning to data reduction technologies such as ...

  • April 08, 2007 08 Apr'07

    Spam campaign uses Storm-like attack technique

    Spammers used an attack technique much like last January's "Storm" assault to dupe people into downloading malware over the weekend. This time, they used fake WWIII headlines.

  • April 08, 2007 08 Apr'07

    Symantec fixes 'high-risk' flaw in Enterprise Security Manager

    Attackers could hijack machines from remote locations by exploiting a flaw in Symantec Enterprise Security Manager (ESM). Kaspersky Lab users also have a flaw to deal with.

  • April 04, 2007 04 Apr'07

    Data security breach at UCSF may have exposed thousands

    The University of California at San Francisco (UCSF) acknowledged Wednesday that a security hole in a computer server may have exposed 46,000 people to potential identity fraud.

  • March 26, 2007 26 Mar'07

    What are some of the best practices for managing the growth of unstructured data?

    It starts with corporate policies around data management...

  • March 26, 2007 26 Mar'07

    Web 2.0: CIOs want it their way

    A new study found CIOs want Web 2.0 technology, but they're a little insecure about getting it from emerging specialized vendors.

  • March 26, 2007 26 Mar'07

    Metasploit Framework 3.0 released

    Brief: Metasploit Framework 3.0 contains 177 exploits, 104 payloads, 17 encoders and 30 auxiliary modules that perform such tasks as host discovery and protocol fuzzing.