News

IT risk management

• August 14, 2007 14 Aug'07

  Apple iPhone to provoke complex mobile attacks, expert warns

  Mikko Hypponen, director of antivirus research at F-Secure, said he expects mobile malware attacks to escalate thanks to interest in Apple's iPhone.

• August 13, 2007 13 Aug'07

  Gartner security summit outlines 'Security 3.0'

  Gartner has opened its Sydney Security Summit with a definition of Security 3.0.

• August 09, 2007 09 Aug'07

  NAS appliance purchase considerations

  NAS appliances are frequently touted for bringing convenience and simplicity to network storage. Appliances include their own dedicated disks for storage and RAID, and most NAS appliances can be upgraded with more or larger disks for additional ...

• August 09, 2007 09 Aug'07

  Sun adds virtual tape library to Thumper

  Analysts say the combo of FalconStor's software, Solaris and Thumper is a good sign of integration from Sun after a disorganised year, but it's unclear if users will be convinced.

• August 09, 2007 09 Aug'07

  VeriSign employee data exposed in laptop theft

  Current and former employees of VeriSign were exposed to potential data fraud when a laptop housing their information was stolen from the car of a former employee.

• August 09, 2007 09 Aug'07

  VoIP vulnerability threatens data

  VoIP vulnerabilities have now reached a level of sophistication that allows hackers to steal, view or delete data.

• August 08, 2007 08 Aug'07

  NAS appliance specifications

  NAS appliances are noted for their convenience, offering dedicated internal storage that is relatively straightforward to identify and manage. The biggest issue for NAS appliances is avoiding network bottlenecks and supporting expansion without ...

• August 08, 2007 08 Aug'07

  Cisco warns of critical IOS flaws

  Attackers could exploit multiple flaws in Cisco's IOS to cause a denial of service or remotely execute arbitrary code.

• August 07, 2007 07 Aug'07

  Subpar security compromises compliance

  Pressure to keep trading applications available has nudged security to the back of the development line.

• August 03, 2007 03 Aug'07

  Discovery of malware cesspool triggers attack fears

  Trend Micro researchers say a malware-infested Web server in Russia, linked to several Italian Web sites, could lead to a large-scale attack.

• August 02, 2007 02 Aug'07

  Apple releases fixes for Mac OS X, iPhone vulnerabilities

  Apple Computer has released software patches fixing critical vulnerabilities in Mac OS X and its newly released iPhone.

• August 01, 2007 01 Aug'07

  Users make iSCSI Sans with USB keys

  Users say that Open-E's iSCSI San software, which is delivered on a USB stick, is more affordable than prepackaged systems and has more support than free iSCSI target products.

• July 31, 2007 31 Jul'07

  Security update fixes Yahoo Widgets flaw

  Attackers could exploit a Yahoo Widgets flaw to run malicious code on compromised Windows computers, but a security update is available.

• July 30, 2007 30 Jul'07

  Most antispam technologies get failing grade

  An independent study finds that many enterprises are not satisfied with traditional antispam technologies.

• July 25, 2007 25 Jul'07

  EMC reports Clariion surge, data archiving slump

  EMC's revenues are up this quarter, attributed in part to a big boost in Clariion sales, but CEO Joe Tucci is critical of the company's execution in data archiving.

• July 25, 2007 25 Jul'07

  Cisco issues warning for wireless LAN controller flaws

  Cisco Systems is warning customers of flaws in its wireless LAN controllers that initially crippled a wireless network at Duke University.

• July 24, 2007 24 Jul'07

  Apple iPhone crack discovered by security researchers

  Researchers have found a way to take complete control of the Apple iPhone by sending a user to a malicious Web site.

• July 24, 2007 24 Jul'07

  New hacking technique exploits common programming error

  Researchers at Watchfire Inc. say they discovered a new technique that exploits a common dangling pointer error.

• July 23, 2007 23 Jul'07

  PCI compliance costs often underestimated, study finds

  Companies are moving forward with PCI DSS projects, but many are underestimating the costs associated with compliance.

• July 23, 2007 23 Jul'07

  Core Security CEO to step down

  Paul Paget, the CEO of penetration testing software vendor Core Security Technologies said he is better-suited for start-ups

• July 22, 2007 22 Jul'07

  Black Hat Las Vegas 2007: Special news coverage

  SearchSecurity.com covers all the controversy at this year's show with news, features, podcasts, interviews, exploits and more direct from Las Vegas.

• July 18, 2007 18 Jul'07

  For Boeing, data security, network access still hazy

  Boeing is trying to reshape its network security architecture to better protect sensitive systems from threats without degrading employee productivity.

• July 17, 2007 17 Jul'07

  CDP platform purchase considerations

  Busy IT organizations are employing continuous data protection (CDP) technologies to guard data on the fly, essentially eliminating the backup window and allowing granular file and system restoration -- sometimes down to the individual disk write ...

• July 17, 2007 17 Jul'07

  Zero-day auction site complicates security efforts, IT pros say

  WabiSabiLabi, the eBay-like marketplace for zero-day flaws, will make it tougher for companies to ward off attackers, some IT security professionals say.

• July 17, 2007 17 Jul'07

  Oracle plans 46 security updates for database, software

  Attackers could tamper with database servers and host operating systems by exploiting flaws across Oracle's product line.

• July 17, 2007 17 Jul'07

  CDP platform specifications

  Continuous data protection (CDP) products track changes to files and data -- typically in real time -- recording activity and allowing recovery to an extremely granular level. This effectively reduces backup windows and restore points, allowing busy...

• July 16, 2007 16 Jul'07

  Oracle's July 2007 CPU has 45 security fixes

  Oracle stuffed 45 security updates into its July 2007 CPU, fixing flaws across its product line attackers could exploit remotely to compromise corporate databases.

• July 13, 2007 13 Jul'07

  Antispyware legislation gets tepid reviews

  Congress is debating three different bills that would punish spyware pushers, but some IT professionals have their doubts about legislation as a solution to the problem.

• July 12, 2007 12 Jul'07

  Zero-day auction site highlights ethical debate

  A new auction site plans to cash in on flaw research. Executive Editor Dennis Fisher explores if it's a viable business model and if research should be sold to the highest bidder.

• July 10, 2007 10 Jul'07

  United in threat management part three: how scared are you?

  Wrapping up his look at unified threat management, Ian Yates wonders if the technique will help you sleep better at night.

• July 09, 2007 09 Jul'07

  Microsoft July updates for critical Excel, Windows and .NET flaws

  Of the six security updates Microsoft released Tuesday, experts expressed the most concern about a critical glitch in the .NET Framework that could leave client machines and Web servers open to attack.

• July 09, 2007 09 Jul'07

  Data breaches, compliance drive intellectual property protection

  Recent high profile data breaches and compliance pressures are forcing companies to spend more on technology to protect intellectual property, according to a new study.

• July 09, 2007 09 Jul'07

  Google buy shakes up email archiving

  Google's acquisition of Postini will boost adoption of Gmail, pushing email archiving players to add support for hosted applications.

• July 06, 2007 06 Jul'07

  Microsoft preps six security updates for Windows, Office

  Microsoft will release six security updates on Tuesday 10 July to address flaws attackers could exploit to launch malicious code and access sensitive information on victims' machines.

• July 04, 2007 04 Jul'07

  Cisco users upbeat about security direction

  Cisco customers say the vendor's security strategy is headed in the right direction, which is why they believe the networking giant's IronPort integration will be smooth sailing.

• July 03, 2007 03 Jul'07

  Data storage startups emerge from stealth

  Three new storage firms have come out of stealth mode this June. Analysts predict the next new crop of startups will focus on wireless storage, reporting and alternatives to RAID.

• July 02, 2007 02 Jul'07

  Are PCI auditors pitching products?

  Auditors shouldn't be pitching remediation services or products to bring a company into compliance with PCI DSS rules, but some merchants are reporting the practice

• July 01, 2007 01 Jul'07

  SearchSecurity.com Blogs

• June 29, 2007 29 Jun'07

  CIOs get solutions to meet governance regulations

  CIOs facing a rising bills to meet governance, risk and compliance regulations may be able to control their costs better if they turn to new purpose-built software.

• June 29, 2007 29 Jun'07

  Software to help CIOs meet governance regulations

  CIOs facing a rising bills to meet governance, risk and compliance regulations may be able to control their costs better if they turn to new purpose-built software.

• June 27, 2007 27 Jun'07

  Cisco vows to maintain IronPort tech, talent

  As it completes the purchase of IronPort Systems, Cisco vows to maintain IronPort's talent base and make investments to keep its newly-acquired technology fresh.

• June 25, 2007 25 Jun'07

  Richard Granger's departure may jeopardise NHS IT programme

  Richard Granger's departure from Connecting for Health may jeopardise the stability and success of the politically driven NHS National Programme for IT.

• June 25, 2007 25 Jun'07

  PCI Council hears complaints, suggestions for changes

  Companies with the most stringent security technologies endure hurdles to comply with PCI DSS. Some firms are turning to the upcoming Burton Group Catalyst Conference for answers.

• June 25, 2007 25 Jun'07

  Instant messaging usage increase highlights need for policies

  A Burton Group report suggests that all companies should have an IM usage policy, even if they haven't deployed IM yet

• June 20, 2007 20 Jun'07

  HP to acquire SPI Dynamics for Web security

  HP says it will would bolster Web site assessments and Web application vulnerabilities with its acquisition of Atlanta-based SPI Dynamics Inc.

• June 19, 2007 19 Jun'07

  Endpoint fears drive PatchLink-SecureWave merger

  Experts say the PatchLink-SecureWave merger makes sense since IT pros want a better way to protect their endpoint devices. But PatchLink's market supremacy is far from assured.

• June 18, 2007 18 Jun'07

  Will HP do the right thing with SPI Dynamics?

  Analysts say HP can dramatically boost its security with the purchase of SPI Dynamics, but some users worry about SPI's technology wilting under the new ownership.

• June 17, 2007 17 Jun'07

  Burton Group Catalyst Conference San Francisco 2007

  SearchSecurity.com brings you the latest news, interviews, podcasts and more from the Burton Group Catalyst Conference 2007 in San Francisco.

• June 17, 2007 17 Jun'07

  VoIP security testing fundamentals

  Testing your VoIP security system against all the threats that exist on the network can be a full time job. This guide documents how a VoIP system can be tested and suggest some of the available tools to use -- with a focus on fuzzing tools and ...

• June 13, 2007 13 Jun'07

  Microsoft patches Windows Vista, IE 7

  Microsoft fixed 15 flaws in a variety of products Tuesday, including Windows XP, Vista and Internet Explorer 7. Attackers could exploit the most serious flaws for remote code execution.