News

IT risk management

• August 01, 2006 01 Aug'06

  Security Bytes: Exploits targeting freshly patched Apple flaw

  Apple patches nearly two dozen holes in OS X, but not before exploits are unleashed. Plus McAfee fixes a critical flaw and EMC gets the OK to buy RSA.

• August 01, 2006 01 Aug'06

  Litchfield: Database security is 'IT's biggest problem'

  At Black Hat USA 2006, database security guru David Litchfield unveils 20-plus IBM Informix flaws that attackers could exploit to create malicious files, gain DBA-level privileges and access sensitive data.

• July 31, 2006 31 Jul'06

  Security Bytes: ISS warns of new Microsoft Windows flaw

  Attackers could exploit the latest Microsoft Windows flaw to crash vulnerable machines and Symantec fixes a Brightmail AntiSpam flaw.

• July 30, 2006 30 Jul'06

  EqualLogic updates storage provisioning software

  Users have more options when it comes to pooling storage with version 3.0 of EqualLogic's array software, but some are wondering whatever happened to the SAS disks.

• July 26, 2006 26 Jul'06

  Mozilla issues critical security updates

  New patches to fix 13 software security flaws, eight of which have been deemed critical.

• July 26, 2006 26 Jul'06

  DHS puts Zitz in charge of cybersecurity division

  American career intelligence officer Robert S. Zitz has taken over day-to-day operations of the US National Cyber Security Division, but his department still has numerous digital defence problems to remedy.

• July 26, 2006 26 Jul'06

  Blue Cross bears burden of 'no wireless' policy

  Blue Cross of Idaho had a "no wireless" policy on paper but never really enforced it. That is, until a team of auditors said the company had better do something.

• July 25, 2006 25 Jul'06

  Employee monitoring should be done with care

  Employee monitoring is on the rise as firms try to safeguard their sensitive information and increase productivity.

• July 24, 2006 24 Jul'06

  Security Bytes: New Microsoft exploits in the wild

  The exploits target issues Microsoft patched earlier this month. Meanwhile, flaws are reported in Oracle for OpenView and a Mozilla Firefox keystroke logger is on the loose.

• July 18, 2006 18 Jul'06

  Midsized firms reach out to backup service providers

  Data growth and ever-tightening compliance rules are among the factors driving some organizations to turn to service providers for help with backups.

• July 14, 2006 14 Jul'06

  CSI survey: Data breaches still being swept under the rug

  The annual CSI/FBI Computer Crime and Security Survey shows companies are reporting fewer financial losses from data breaches. That doesn't mean the good guys are winning.

• July 14, 2006 14 Jul'06

  Answers: Compliance All-in-One Guide quiz

  The key compliance questions unveiled

• July 13, 2006 13 Jul'06

  Security Bytes: Investigators slam VA over data breach

  Meanwhile: Cisco patches a router application flaw, a Washington law firm sues IBM over a server attack; and spammers sucker Web surfers with fake Vladimir Putin death reports.

• July 13, 2006 13 Jul'06

  Trojan targets Microsoft PowerPoint flaw

  Update: The exploit might be tied to an older flaw in Excel. Attackers who exploit the serious flaw could launch arbitrary code. Microsoft says it is investigating.

• July 11, 2006 11 Jul'06

  Critical flaws found in Excel, Flash Player

  FrSIRT says holes in Microsoft's spreadsheet program and Adobe's media player could allow attackers to take control of affected machines and initiate malicious commands.

• July 11, 2006 11 Jul'06

  Looking ahead to life without passwords

  Security pros know that passwords are nothing but trouble. For them, single-sign on, two-factor authentication and federated ID represent the path to stronger authentication.

• July 10, 2006 10 Jul'06

  Downtime: Now here's an idea for all of you flag flyers...

• July 10, 2006 10 Jul'06

  Security Bytes: Data breach affects 100,000 military personnel

  Meanwhile: Phishers use a phone trick to dupe PayPal users; the PCI security standard will get more teeth and a survey illustrates an increase in security breaches

• July 10, 2006 10 Jul'06

  Application layer logging quiz answers

  The key questions revealed

• July 06, 2006 06 Jul'06

  Strong authentication for businesses large and small

  Product review: Customer service could return calls more quickly when there's a problem. But overall, RSA SecurID Appliance 2.0 delivers robust, scalable protection.

• June 26, 2006 26 Jun'06

  Dundee to teach ethical hacking BSc

  A degree in ethical hacking will be on offer at a Scottish university from the new academic year.

• June 13, 2006 13 Jun'06

  Fifa ready for cyber attack on World Cup

• June 01, 2006 01 Jun'06

  FullArmor lives up to its name

  PolicyPortal provides an Internet interface to easily configure, monitor and enforce near real-time Active Directory-based policy compliance through client agents.

• June 01, 2006 01 Jun'06

  BlueCat appliance offers rock-solid security

  Hot Pick: The Adonis 1000 appliance bundles DNS and DHCP into an enterprise-class appliance for the centralized secure operation of network addressing.

• March 28, 2006 28 Mar'06

  Outsourced way to hire contract staff

  IT services company FDM has launched a "straight through" recruitment service to help IT departments in the finance sector recruit contract staff.

• March 07, 2006 07 Mar'06

  Networks news in brief

  Short takes from this week's network news

• February 27, 2006 27 Feb'06

  Not just a big switch

  Fibre Channel directors don't just provide lots of ports, they also offer ways to connect disparate SANs, isolate data and devices within a fabric, and configure throughput for specific applications. We look at how the big three directors match up.

• January 20, 2006 20 Jan'06

  Tech roundup: WAFS products

  A guide to wide-area file services (WAFS), which allow distant users to access files and applications from the datacentre as if they were local.

• December 21, 2005 21 Dec'05

  Sony struggles to regain trust

  The company is trying to mend a reputation bruised over its antipiracy practices. One advocate for online civil liberties explains why redemption is a long way off.

• December 20, 2005 20 Dec'05

  Guidance turns investigative tools on itself

  The forensics software firm says it was compromised by hackers in November. It's just one in a growing list of companies admitting to recent attacks or lax security.

• December 14, 2005 14 Dec'05

  Flaws reported in Trend Micro ServerProtect

  Storage and security managers should be wary of vulnerabilities in the AV product that could enable a denial-of-service and malicious code execution. Workarounds are available.

• December 14, 2005 14 Dec'05

  Hospital ditches EMC Centera for long-term archiving

  UHCS in Augusta, Ga., is replacing its Centera archiving system from EMC with IBM's GMAS product after performance, reliability and cost issues forced it to seek alternatives.

• December 14, 2005 14 Dec'05

  Roundup: 2005's 'curious malicious code'

  These viruses, worms and Trojans sometimes escaped our notice. But it didn't get past one antivirus vendor, who rounded up some of the year's stranger offerings from the underground.

• December 12, 2005 12 Dec'05

  Two Windows patches coming, IE fix uncertain

  It remains to be seen whether the software giant on Dec. 13 will address an outstanding Internet Explorer issue that is currently the target of a malicious Trojan.

• December 12, 2005 12 Dec'05

  Titan Rain shows need for better training

  SANS says the Chinese-based attacks demonstrate the growing sophistication of hackers, and the need for IT admins who can articulate the dangers to execs.

• December 12, 2005 12 Dec'05

  Experts: Encryption not a security cure-all

  Encrypting data offers some protection, but secure applications require much more than cryptography. Experts weigh in on your security options.

• December 08, 2005 08 Dec'05

  IP cloaking becoming a business necessity

  Just by browsing your competitor's Web site, you might be giving away your company's most guarded secrets. Experts offer advice for countering the subterfuge and keeping secrets safe.

• December 07, 2005 07 Dec'05

  Security pros gain ground in the board room

  Executives are paying more attention to their IT security managers and taking more responsibility for online threats against their companies, according to a new study.

• December 06, 2005 06 Dec'05

  Cybersecurity policy takes cooperation, trust, experts say

  At the Infosecurity confab, experts explain why sharing information -- even when it's embarrassing -- is vital to securing not only corporations, but also the national infrastructure.

• November 30, 2005 30 Nov'05

  Out-of-cycle IE patch may be imminent

  Microsoft may release a critical Internet Explorer fix before the next Patch Tuesday, amid reports that malicious code is targeting a memory corruption flaw.

• November 28, 2005 28 Nov'05

  Step 6: Configuring wireless clients

  With wireless networks proliferating it is a good idea to understand what it takes to build a VPN for a wireless gateway. Contributor and Microsoft MVP Brien Posey details the necessary steps in this step-by-step guide.

• November 21, 2005 21 Nov'05

  Wireless security: Public Wi-Fi could open security holes

  A Michigan county is working to give everyone within its borders wireless Internet access. But when it comes to security, users are on their own.

• November 20, 2005 20 Nov'05

  Wireless security crucial to railway safety

  A transportation firm uses wireless technology to keep the trains running on time. But securing mobile devices isn't easy when they're spread across the globe.

• November 16, 2005 16 Nov'05

  Wireless security: Companies deal with software updates

  A health care provider found it could use wireless technology to dramatically boost patient care. But first it had to figure out how to deploy security updates over a wireless network.

• November 14, 2005 14 Nov'05

  Hackers installing keyloggers at a record rate

  iDefense researchers have found that keylogger infections are up 65% over the year before, putting the private data of tens of millions of users at risk.

• November 14, 2005 14 Nov'05

  Sony rootkit uninstaller causes bigger threat

  Princeton researchers say a security hole that appears when users try to remove Sony's copy protection software presents an even greater risk than the original rootkit.

• November 10, 2005 10 Nov'05

  Security Bytes: FTC cracks down on alleged spyware distributors

  Patches fix serious RealPlayer flaws, IM malcode launches phishing attacks; Microsoft warns of Macromedia Flash flaw; Liberty Alliance pushes stronger authentication; FEMA data security is in question; patches fix Veritas flaws and TransUnion ...

• November 09, 2005 09 Nov'05

  Trojans target Sony DRM and Windows

  Security researchers track two new Trojan horses. One exploits the Sony DRM program. The other could possibly take aim at the Windows flaw Microsoft patched this week.

• November 08, 2005 08 Nov'05

  Sony takes second stab at DRM patch

  But a top executive's response to criticism over the company's use of rootkit technology has added fuel to the backlash.

• October 24, 2005 24 Oct'05

  Reporter's Notebook: NYC 'controls the software industry'

  At Information Security Decisions: a security "rock star" rages against the Microsoft machine; banging the drum for enterprise security; a sour note on zero-day exploits.