News
IT risk management
-
November 28, 2006
28
Nov'06
Symantec fixes NetBackup Puredisk flaw
An unauthorised user could launch malicious code by exploiting a flaw in Symantec's Veritas NetBackup PureDisk product. But a fix is available.
-
November 28, 2006
28
Nov'06
Adware targets Mac OS X
As F-Secure notes what may be the first example of adware designed for Macs, researcher LMH reports more flaws in the operating system as part of the Month of Kernel Bugs.
-
November 28, 2006
28
Nov'06
Study: Some firms balk at mobile security
Companies are failing to safeguard sensitive data on employee mobile devices, according to a survey by the Business Performance Management Forum.
-
November 23, 2006
23
Nov'06
Commentary: We've never met a "thought follower"
A couple of days back, a vendor tried to convince us that their new security consultancy services should be of interest to you, our readers.
-
November 22, 2006
22
Nov'06
Zango defying FTC agreement, researchers say
This week in Security Blog Log: Two researchers accuse Zango of unsavory adware tactics, despite the company's pledge to clean up its act.
-
November 21, 2006
21
Nov'06
New Mac OS X flaw exposed
A Mac OS X flaw was exposed as part of the Month of Kernel Bugs. Also, a new Web site vows to follow the lead of researchers LMH and H.D. Moore with a week of Oracle zero-days.
-
November 21, 2006
21
Nov'06
BakBone brushes up replication software
BakBone's NetVault Replicator version 5.0 includes automatic configuration of replication for remote sites, a capacity planning tool and a higher performance data movement engine.
-
November 20, 2006
20
Nov'06
Insider security threats come in many forms
Insiders could be the greatest threat to a company's security. The best defense is to let them know Big Brother is watching and a plan to deal with troublemakers.
-
November 08, 2006
08
Nov'06
Storage virtualization acquisitions need careful consideration
Storage virtualization alleviates traditional storage growth problems by implementing a layer of abstraction between applications and physical storage, allowing storage to be combined and treated as a ubiquitous resource, regardless of location. ...
-
November 08, 2006
08
Nov'06
Microsoft to patch critical zero-day flaws in Windows
Microsoft plans to repair five critical flaws in Windows and a flaw in XML Core Services as part of its monthly patch update next week.
-
November 07, 2006
07
Nov'06
Mozilla fixes Firefox flaws
Attackers could exploit multiple flaws in Firefox, SeaMonkey and Thunderbird to crash machines, bypass security restrictions and launch malicious code.
-
November 06, 2006
06
Nov'06
How to manage encryption keys
Encryption is an effective way to secure data, but the encryption keys used must be carefully managed to ensure data remains protected and accessible when needed.
-
November 06, 2006
06
Nov'06
Agency improves security grades under CISO's watch
CISO Philip Heneghan has made security a way of life for the U.S. Agency for International Development (USAID). His work earned him a Security 7 award.
-
November 06, 2006
06
Nov'06
Sourcefire IPO could fuel Snort, users say
Snort users frowned when Check Point tried to acquire Sourcefire last year. But they are more optimistic about Sourcefire's plans to go public.
-
November 05, 2006
05
Nov'06
Mobile device encryption - a practice not often applied
Encryption is the best way to protect data on mobile devices -- but too few companies are actually deploying this critical technology.
-
November 02, 2006
02
Nov'06
Review: SPI Dynamics' WebInspect 6.1
SPI Dynamics has created a powerful tool for novices as well as advanced users who will appreciate the time and effort it saves.
-
October 31, 2006
31
Oct'06
Flaw found in Firefox 2.0
Attackers could exploit the security flaw to crash versions 1.5.0.7 and 2.0 of the browser, according to various security advisories.
-
October 31, 2006
31
Oct'06
E-vaulting's many faces can confuse IT efforts
E-vaulting is the process that describes how enterprise IT departments ship backup tapes and replicate data to remote disk arrays and VTLs. E-vaulting is not a new concept, but more recently it has grown to mean remote backups and replication for ...
-
October 30, 2006
30
Oct'06
Messaging Security School
SearchSecurity.com's Messaging Security School has brought together some of the most knowledgeable experts in the messaging security field to offer you personal instruction on how to secure the information handled by your organization's knowledge ...
-
October 30, 2006
30
Oct'06
Survey: Data breach costs surge
A new study by the Ponemon Institute finds a 31% increase in the costs associated with a data breach.
-
October 26, 2006
26
Oct'06
Achieving compliance: a real-world roadmap
A security manager's responsibilities extend beyond the technical aspects of the job. These days, effective governance and compliance are just as essential.
-
October 26, 2006
26
Oct'06
Security Blog Log: The never-ending PatchGuard debate
This week, security vendor fright over the Windows Vista PatchGuard feature permeates the blogosphere. Is Microsoft the boogeyman, or just misunderstood?
-
October 25, 2006
25
Oct'06
Research shows massive botnet growth
Reports from McAfee and Microsoft show bot herders are gaining ground and threatening national infrastructure. Some suppliers hope to strike back by sharing resources.
-
October 23, 2006
23
Oct'06
What storage managers are buying and why, page 6
What storage managers are buying and why
-
October 23, 2006
23
Oct'06
Security researcher, professor influences students for life
Dorothy Denning, a professor of defense analysis at the Naval Postgraduate School, has contributed to the field of data security. Her work earned her a Security 7 award.
-
October 23, 2006
23
Oct'06
SDL expected to help fulfil Vista security promises
Windows Vista is expected to be the most secure Microsoft product released thanks to the company's implementation of the Security Development Lifecycle (SDL).
-
October 22, 2006
22
Oct'06
Enhanced Identity and Access Management
From consolidating directories to automating provisioning and rolling out single sign-on, these sessions identify how leading organizations are strengthening authorization and enforcing access controls.
-
October 22, 2006
22
Oct'06
Snyder On Security: An insider's guide to the essentials
Joel Snyder, senior partner with consultancy Opus One, provides an in-depth look at information security trends and technologies.
-
October 18, 2006
18
Oct'06
Rural Payments Agency project failed after IT system costs spiralled
Delays in implementing a bespoke IT system led to the Rural Payments Agency (RPA) failing to pay subsidies to farmers on time, according to a National Audit Office report.
-
October 16, 2006
16
Oct'06
Security Bytes: Flaws fixed in Bugzilla
Meanwhile, security holes are also plugged in Cisco's Wireless Location Appliance software and Clam AntiVirus.
-
October 10, 2006
10
Oct'06
McAfee CEO Samenuk retires in wake of options probe
The investigation into stock option grants is complete and company president Kevin Weiss has been fired, as well.
-
October 10, 2006
10
Oct'06
Google Code Search gives security experts a sinking feeling
The new search tool from Google can help developers find useful code examples. But security experts worry that it also will make attackers' jobs that much easier.
-
October 09, 2006
09
Oct'06
Banking on the future
As the banking landscape changes and global competition takes hold, IT offers banks a way of differentiating themselves from the competition, so how do they balance innovation and imitation in this tough market sector?
-
October 09, 2006
09
Oct'06
Midmarket IT pros have NAC for identity, access management
Midmarket firms may not have the budgets of large companies, but IT pros can build identity and access management programs that are as effective as what the big guys have.
-
October 09, 2006
09
Oct'06
Symantec unveils Security 2.0 initiative
As part of Security 2.0, Symantec unveiled new products and partnerships with VeriSign and Accenture to help customers secure their databases, manage risk and fight ID theft.
-
October 04, 2006
04
Oct'06
Tiered storage becoming tried and true
Tiered storage matches the value of data with the performance (and expense) of storage. Ideally, tiered storage can save money, while easing the access demands to any single storage tier. While tiered storage has clearly brought storage costs and ...
-
September 26, 2006
26
Sep'06
Stration worm targets Windows machines
The worm uses several fake email messages, including one claiming to be a security update. Users are advised to avoid unsolicited email attachments.
-
September 25, 2006
25
Sep'06
IT pros worried about unsecured devices
IT admins keep working to make networks secure even as more unsecured personal gadgets their way into companies.
-
September 24, 2006
24
Sep'06
Hijacked consumer machines target the enterprise
Attackers continue to strike gold by targeting consumers who lack the security savvy to address desktop application flaws, according to Symantec Corp. Enterprises ultimately pay the price.
-
September 14, 2006
14
Sep'06
Secure network perimeter to result from Symantec-Juniper deal
Juniper and Symantec announced a deal to integrate Symantec's client security software with Juniper's security hardware. The result will allow endpoint compliance and access control platforms to secure the enterprise perimeter.
-
September 14, 2006
14
Sep'06
Three ways to create clustered storage
Clustered storage systems run on storage servers, NAS gateways and hosts. Here's how to determine which clustered file-system architecture is best for your needs and storage environment.
-
September 12, 2006
12
Sep'06
Dell and EMC: Five more years
Dell leans on EMC for support in the face of an SEC investigation and possible delisting from NASDAQ.
-
September 11, 2006
11
Sep'06
Data storage compliance's impact on storage product choices
Data storage compliance is having a tremendous impact on the storage organization, as well as the management practices employed to retain, search, certify and destroy data. It's not just regulations like SOX or HIPAA that influence storage -- there ...
-
September 11, 2006
11
Sep'06
Security Bytes: Hackers target the Terminator
In other news, Symantec upgrades its Norton product line and the Anti-Phishing Working Group says phishing activity soared this summer.
-
September 06, 2006
06
Sep'06
Fast Guide: VoIP encryption
A guide to encryption within VoIP networks
-
September 06, 2006
06
Sep'06
Security Bytes: New flaw in Cisco IOS
Security news including Cisco, Mozilla hires a former Microsoft strategist to bolster security, a new "pump-and-dump" stock spam campaign is discovered and TippingPoint lists info on new flaws.
-
September 05, 2006
05
Sep'06
ControlGuard targets rogue devices
ControlGuard Access Manager is an effective tool for controlling what devices users can add to their workstations and how they are used.
-
September 05, 2006
05
Sep'06
Proofpoint delivers strong messaging security
Proofpoint Messaging Security Gateway is a highly recommended, affordable solution for big enterprises that need protection from email-based attacks.
-
September 04, 2006
04
Sep'06
Revamped Cisco WAFS worth the wait, users say
Months late, Cisco has finally released a combined Wan optimisation and WAFS product, while startups like Riverbed have been snapping up the customers. But some Cisco beta testers say it has been worth the wait.
-
August 31, 2006
31
Aug'06
Attacks against MS06-040 on the rise
Six pieces of malware are now going after the Windows Server Service flaw outlined in MS06-040, and a spike in attacks has led Symantec to raise its ThreatCon to Level 2.