News

IT risk management

  • January 03, 2007 03 Jan'07

    Cisco software vulnerable to attack

    Cisco's Clean Access software and Clean Access Manager are at risk to attack. A malicious user can access a database snapshot and download it without authentication.

  • January 03, 2007 03 Jan'07

    Information security market 2006 year in review

    In part two of our two-part special edition of Security Wire Weekly, site editor Eric Parizo reveals his picks for top information security interviews of 2006. Audio clips in this program include Andrew Braunberg of Current Analysis; Johannes ...

  • January 02, 2007 02 Jan'07

    Security pros grumble over spam increase

    Spim and spam from unexpected sources is challenging enterprises in 2007. Some enterprises are taking action.

  • December 26, 2006 26 Dec'06

    Looking back at information security in 2006

    In this special edition of Security Wire Weekly, senior news writer Bill Brenner reviews his top interviews of 2006.

  • December 25, 2006 25 Dec'06

    Top 10 storage stories of 2006

    SAN and NAS converged and shook up the industry, iSCSI went mission-critical, users conquered tiered storage and more.

  • December 20, 2006 20 Dec'06

    Top 10 storage acquisitions of 2006

    Industry consolidation was fast and furious this year. We rank the deals by quality, not quantity.

  • December 19, 2006 19 Dec'06

    Microsoft releases Vista APIs to security vendors

    Microsoft released a draft set of programming interfaces allowing security vendors to develop software using the Windows kernel on 64-bit systems.

  • December 19, 2006 19 Dec'06

    Mozilla fixes multiple Firefox flaws

    Digital miscreants could exploit flaws in Mozilla's popular Firefox browser to bypass security programs, access sensitive information and conduct cross-site scripting attacks.

  • December 19, 2006 19 Dec'06

    Check Point gets big IDS boost from NFR deal

    Analysts say Check Point would gain much-needed intrusion detection and prevention capabilities through its acquisition of NFR Security. The deal should erase bad memories of the aborted Sourcefire deal.

  • December 18, 2006 18 Dec'06

    VoIP hacking exposed in new book

    VoIP hacking is a reality, and in a new book, two VoIP security experts outline the tools and tricks to avoid a system-crushing hack.

  • December 17, 2006 17 Dec'06

    Criminals find safety in cyberspace

    A new report from McAfee shows how criminals are enjoying a sense of safety and anonymity in cyberspace that they never had on the street. And they're making more money.

  • December 14, 2006 14 Dec'06

    Schneier: Data breach at UCLA barely newsworthy

    This week in Security Blog Log: Security luminary Bruce Schneier and others sound off on the UCLA data breach that exposed 800,000 people to identity fraud.

  • December 13, 2006 13 Dec'06

    Review: Sky's the limit with Skybox View 3.0

    Hot Pick: Skybox View 3.0 offers a unique and flexible approach for assessing and managing specific threats and overall risk to your digital assets.

  • December 13, 2006 13 Dec'06

    Hosted VoIP eliminates cost, complexity

    Hosted VoIP is being adopted at increasing rates as more and more companies look to avoid the excess costs and complexities of on-premise solutions.

  • December 13, 2006 13 Dec'06

    Third zero-day found in Microsoft Word

    For the third time in a week, a zero-day flaw has been found in Microsoft Word. Users should be cautious when opening attachments from unknown sources.

  • December 13, 2006 13 Dec'06

    Host-based replication

    While the lines of distinction among data protection technologies such as backup, continuous data protection and replication have blurred, host-based replication can play a key role in your overall data protection strategy.

  • December 12, 2006 12 Dec'06

    Symantec issues NetBackup security alert

    Symantec issues an alert and patch to vulnerabilities in NetBackup 6.0, 5.1 and 5.0.

  • December 12, 2006 12 Dec'06

    Data breach at Boeing exposes 382,000 employees

    The third theft of a Boeing laptop in the last 13 months has exposed the data of nearly 400,000 employees and retirees.

  • December 11, 2006 11 Dec'06

    Storage Decisions Session Downloads: Executive Track (LV 2006)

    Our "Executive track" sessions give C-level technology executivesan idea of where their storage should be and ideas on where it's headed.

  • December 11, 2006 11 Dec'06

    Microsoft fixes two zero-day flaws

    The December security update from Microsoft includes patches for zero-day flaws in Visual Studio and Windows Media Player, but two zero-day flaws in Word remain unfixed.

  • December 11, 2006 11 Dec'06

    IT pros look for ways to lock down IM

    Special Report: To control growing IM threats, administrators are trying to limit which programs can be used or ban the technology altogether. But that's not always possible.

  • December 10, 2006 10 Dec'06

    Zantaz buys data classification partner Singlecast

    Email archiving player Zantaz has purchased data classification startup Singlecast, which can categorise and apply policies to data before an email takes up storage space.

  • December 10, 2006 10 Dec'06

    Microsoft suffers third zero-day in a week

    A second zero-day flaw in Word has been uncovered, Microsoft said Sunday. It's the software giant's third zero-day in a week.

  • December 10, 2006 10 Dec'06

    Storage Decisions in the wild, wild west

    Dedupe, iSCSI, backup, virtualisation and cowboys in Stetson hats -- Storage Decisions Las Vegas 2006 had it all.

  • December 07, 2006 07 Dec'06

    Dell, Microsoft tout joint NAS product

    The new NX1950 product is vastly more expensive than its counterparts from HP and NetApp, but it scales higher, supports clusters and has redundant controllers.

  • December 06, 2006 06 Dec'06

    Microsoft to fix Visual Studio, Windows flaws

    Microsoft plans to release five security updates to address vulnerabilities in Windows and a flaw in Visual Studio as part of its monthly security bulletin release cycle.

  • December 06, 2006 06 Dec'06

    Zero-day flaw found in Windows Media Player

    Attackers could exploit a new zero-day flaw in Windows Media Player to cause a denial of service or launch malicious code. The threat is Microsoft's second zero-day flaw in a week.

  • December 06, 2006 06 Dec'06

    MP3 search site pushes spyware, watchdogs say

    A Web site that gives users the ability to search for MP3s contains programs that behave like spyware, according to the Center for Democracy and Technology and StopBadware.org.

  • December 04, 2006 04 Dec'06

    IBM to acquire compliance software firm

    IBM plans to acquire Consul Risk Management Inc., a Delft, Netherlands-based firm whose software tracks non-compliant behavior of employees.

  • December 03, 2006 03 Dec'06

    Security Bytes: Phishing worm spreads through MySpace

    Round up of security news

  • November 30, 2006 30 Nov'06

    Terrorists may target financial sites

    The U.S. government is warning of an al-Qaida call for a cyberattack against online stock trading and banking Web sites

  • November 30, 2006 30 Nov'06

    Symantec blames piracy for Veritas licensing snafu

    Weekly compilation of storage news: Symantec says that software counterfeiting is throwing a wrench in tech support ; FRCP rules take effect.

  • November 30, 2006 30 Nov'06

    Oracle responds to security critics

    Security Blog Log: Oracle takes on researchers who have criticised its security procedures in recent weeks. Meanwhile, Symantec warns of new zombie malware.

  • November 29, 2006 29 Nov'06

    Multiple flaws in Adobe Reader, Acrobat

    Multiple flaws in Adobe Reader and Acrobat could allow attackers to execute malicious commands on victims' computers.

  • November 29, 2006 29 Nov'06

    Podcast: Security certifications pay could rebound in '07

    Security certifications pay is languishing, according to skill and certifications pay expert David Foote of Foote Research. Foote examines the state of the IT security job market.

  • November 28, 2006 28 Nov'06

    Symantec fixes NetBackup Puredisk flaw

    An unauthorised user could launch malicious code by exploiting a flaw in Symantec's Veritas NetBackup PureDisk product. But a fix is available.

  • November 28, 2006 28 Nov'06

    Adware targets Mac OS X

    As F-Secure notes what may be the first example of adware designed for Macs, researcher LMH reports more flaws in the operating system as part of the Month of Kernel Bugs.

  • November 28, 2006 28 Nov'06

    Study: Some firms balk at mobile security

    Companies are failing to safeguard sensitive data on employee mobile devices, according to a survey by the Business Performance Management Forum.

  • November 23, 2006 23 Nov'06

    Commentary: We've never met a "thought follower"

    A couple of days back, a vendor tried to convince us that their new security consultancy services should be of interest to you, our readers.

  • November 22, 2006 22 Nov'06

    Zango defying FTC agreement, researchers say

    This week in Security Blog Log: Two researchers accuse Zango of unsavory adware tactics, despite the company's pledge to clean up its act.

  • November 21, 2006 21 Nov'06

    New Mac OS X flaw exposed

    A Mac OS X flaw was exposed as part of the Month of Kernel Bugs. Also, a new Web site vows to follow the lead of researchers LMH and H.D. Moore with a week of Oracle zero-days.

  • November 21, 2006 21 Nov'06

    BakBone brushes up replication software

    BakBone's NetVault Replicator version 5.0 includes automatic configuration of replication for remote sites, a capacity planning tool and a higher performance data movement engine.

  • November 20, 2006 20 Nov'06

    Insider security threats come in many forms

    Insiders could be the greatest threat to a company's security. The best defense is to let them know Big Brother is watching and a plan to deal with troublemakers.

  • November 08, 2006 08 Nov'06

    Storage virtualization acquisitions need careful consideration

    Storage virtualization alleviates traditional storage growth problems by implementing a layer of abstraction between applications and physical storage, allowing storage to be combined and treated as a ubiquitous resource, regardless of location. ...

  • November 08, 2006 08 Nov'06

    Microsoft to patch critical zero-day flaws in Windows

    Microsoft plans to repair five critical flaws in Windows and a flaw in XML Core Services as part of its monthly patch update next week.

  • November 07, 2006 07 Nov'06

    Mozilla fixes Firefox flaws

    Attackers could exploit multiple flaws in Firefox, SeaMonkey and Thunderbird to crash machines, bypass security restrictions and launch malicious code.

  • November 06, 2006 06 Nov'06

    How to manage encryption keys

    Encryption is an effective way to secure data, but the encryption keys used must be carefully managed to ensure data remains protected and accessible when needed.

  • November 06, 2006 06 Nov'06

    Agency improves security grades under CISO's watch

    CISO Philip Heneghan has made security a way of life for the U.S. Agency for International Development (USAID). His work earned him a Security 7 award.

  • November 06, 2006 06 Nov'06

    Sourcefire IPO could fuel Snort, users say

    Snort users frowned when Check Point tried to acquire Sourcefire last year. But they are more optimistic about Sourcefire's plans to go public.

  • November 05, 2006 05 Nov'06

    Mobile device encryption - a practice not often applied

    Encryption is the best way to protect data on mobile devices -- but too few companies are actually deploying this critical technology.