News

IT security

• June 28, 2007 28 Jun'07

  Network security: Overlay versus perimeter security model debated at Catalyst

  Traditional network perimeter security -- firewalls, and even network access control -- may soon be pushed out in favour of using VPNs for network security, which could ease the security burden for networking staff, according to Dave Passmore. The ...

• June 27, 2007 27 Jun'07

  Cisco vows to maintain IronPort tech, talent

  As it completes the purchase of IronPort Systems, Cisco vows to maintain IronPort's talent base and make investments to keep its newly-acquired technology fresh.

• June 25, 2007 25 Jun'07

  Richard Granger's departure may jeopardise NHS IT programme

  Richard Granger's departure from Connecting for Health may jeopardise the stability and success of the politically driven NHS National Programme for IT.

• June 25, 2007 25 Jun'07

  PCI Council hears complaints, suggestions for changes

  Companies with the most stringent security technologies endure hurdles to comply with PCI DSS. Some firms are turning to the upcoming Burton Group Catalyst Conference for answers.

• June 25, 2007 25 Jun'07

  DHS suffered more than 800 cyber attacks in two years

  Senior officials at the US Department of Homeland Security have acknowledged hundreds of security lapses but say improvements have been made.

• June 25, 2007 25 Jun'07

  Instant messaging usage increase highlights need for policies

  A Burton Group report suggests that all companies should have an IM usage policy, even if they haven't deployed IM yet

• June 20, 2007 20 Jun'07

  HP to acquire SPI Dynamics for Web security

  HP says it will would bolster Web site assessments and Web application vulnerabilities with its acquisition of Atlanta-based SPI Dynamics Inc.

• June 19, 2007 19 Jun'07

  Securing the enterprise VoIP perimeter

  How to make VoIP work without sacrificing firewalls or network perimeter security.

• June 19, 2007 19 Jun'07

  Endpoint fears drive PatchLink-SecureWave merger

  Experts say the PatchLink-SecureWave merger makes sense since IT pros want a better way to protect their endpoint devices. But PatchLink's market supremacy is far from assured.

• June 18, 2007 18 Jun'07

  Will HP do the right thing with SPI Dynamics?

  Analysts say HP can dramatically boost its security with the purchase of SPI Dynamics, but some users worry about SPI's technology wilting under the new ownership.

• June 17, 2007 17 Jun'07

  Burton Group Catalyst Conference San Francisco 2007

  SearchSecurity.com brings you the latest news, interviews, podcasts and more from the Burton Group Catalyst Conference 2007 in San Francisco.

• June 17, 2007 17 Jun'07

  VoIP security testing fundamentals

  Testing your VoIP security system against all the threats that exist on the network can be a full time job. This guide documents how a VoIP system can be tested and suggest some of the available tools to use -- with a focus on fuzzing tools and ...

• June 13, 2007 13 Jun'07

  Microsoft patches Windows Vista, IE 7

  Microsoft fixed 15 flaws in a variety of products Tuesday, including Windows XP, Vista and Internet Explorer 7. Attackers could exploit the most serious flaws for remote code execution.

• June 10, 2007 10 Jun'07

  Connecting for Health briefing claims much of NHS NPfIT complete

  A confidential Connecting for Health briefing paper for the prime minister has claimed that much of the NHS's £12.4bn National Programme for IT (NPfIT) is complete - although an integrated national care record system has yet to materialise, and ...

• June 08, 2007 08 Jun'07

  Serious flaws put Yahoo Messenger users in peril

  Attackers could exploit two serious flaws in Yahoo Messenger to run malicious code on targeted machines, vulnerability trackers warned Wednesday.

• June 06, 2007 06 Jun'07

  Network access controlled via biometrics

  Fingerprint readers, a form of biometrics, have been used to protect data and endpoints, but now IT is using the security technology to control network access

• June 05, 2007 05 Jun'07

  IBM to acquire Watchfire for risk, compliance

  IBM agreed to acquire Waltham, Mass.-based Watchfire Corp. to add Web application and compliance testing tools into Big Blue's Rational development platform.

• June 05, 2007 05 Jun'07

  Watchfire will help IBM build application security

  Analysts have been pushing the Security 3.0 concept this week at Gartner's IT Security Summit, and one analyst says IBM's acquisition of Watchfire illustrates the trend.

• June 04, 2007 04 Jun'07

  SMBs sample SaaS via telecoms

  Telecom XO Communications has announced a new, SMB-focused partnership with Jamcracker, a wholesaler of SaaS technology. Analysts say more telecoms will try to offer SMBs IT services with such deals.

• June 03, 2007 03 Jun'07

  IBM: We're No. 1 in storage hardware

  A new combined disk and tape tracker from IDC has IBM trumpeting from the rooftops that it's the market leader. But what's IBM's story when it comes to software?

• June 01, 2007 01 Jun'07

  Top spammer indicted on email fraud, identity theft

  The arrest may reduce the volume of spam in the short-term, say experts and analysts, but the real spam threat comes from criminal gangs based in Asia and Russia.

• June 01, 2007 01 Jun'07

  Check Point promises more VoIP security, fewer slowdowns

  Check Point's enhanced Open Performance Architecture is designed for deeper security of technologies like VoIP without the network performance problems that often come with it.

• June 01, 2007 01 Jun'07

  Springing leaks: Getting smart about data loss prevention

  Companies are showing increased interest in data loss prevention (DLP) products, but they won't work well unless the business needs are understood and well defined.

• June 01, 2007 01 Jun'07

  Google dives into security market

  Search engine giant Google has acquired security startup GreenBorder Technologies, making it a bigger player in the wider information security market.

• June 01, 2007 01 Jun'07

  HDS adds SAN muscle to archive

  Hitachi Data Systems integrates its archive software across its product line and adds important new features, including replication, data deduplication and security.

• May 29, 2007 29 May'07

  SAN School: Table of contents

  What is a storage area network? What are the benefits and pitfalls of installation? How can a SAN fit into your organization? These questions and more are answered SAN School.

• May 24, 2007 24 May'07

  Microsoft NAP-TNC compatibility won't speed adoption, users say

  Users hail the new compatibility of Microsoft NAP and the Trusted Computing Group's TNC architecture. But they say it won't speed up their adoption timetables.

• May 24, 2007 24 May'07

  McAfee launches IPS for 10g networks, but is IT ready?

  McAfee unveiled a new IPS offering for 10-gigabit Ethernet networks and announced the upgrade and integration of several other products. One analyst offers a mixed assessment.

• May 24, 2007 24 May'07

  Microsoft fixes Office 2007 patch issues, releases MOICE

  The Microsoft Security Response Center acknowledged that some of the company's May 8 security updates didn't make it to machines running Office 2007 on Windows Vista.

• May 24, 2007 24 May'07

  Sourcefire, Nmap deal to open vulnerability scanning

  Sourcefire and Insecure.org have inked an agreement to develop open source vulnerability scanning tools based on Insecure's Nmap scripting engine.

• May 24, 2007 24 May'07

  IETF approves new weapon to fight spam, phish

  DomainKeys Identified Mail specification (DKIM) gained approval as an official IETF standard. The approval is seen as a major step in the fight against spam and phishing attacks.

• May 24, 2007 24 May'07

  Microsoft investigates new Office zero-day flaw

  Attackers could exploit a newly-discovered zero-day flaw in Office 2000 to run malicious code on targeted machines, Symantec warned.

• May 22, 2007 22 May'07

  Microsoft unveils unified communications devices

  Microsoft unveils unified communications devices.

• May 21, 2007 21 May'07

  Cisco warns of new IOS flaws

  The new flaws are classified as "low," but if exploited they could result in a sustained DoS condition, Cisco said.

• May 17, 2007 17 May'07

  VoIP security fundamentals

  VoIP security is a challenge for IT staff because IP telephony brings with it not only the security problems of data networks but also new threats specific to VoIP. In this fundamentals guide, learn about network security threats and emerging IP ...

• May 16, 2007 16 May'07

  Screencast: How to configure a UTM device

  In this exclusive screencast, expert David Strom demonstrates the configuration options available in SonicWall's unified threat management product.

• May 16, 2007 16 May'07

  When signature based antivirus isn't enough

  Zero-day exploits, targeted attacks and increasing demands for endpoint application controls are driving the rapid metamorphosis from signature-based antivirus and antispyware to HIPS-based integrated products.

• May 11, 2007 11 May'07

  Cisco fixes fresh flaws in IOS

  Attackers could exploit two flaws in Cisco's IOS to cause a denial of service or tamper with data in a device file system.

• May 09, 2007 09 May'07

  Symantec fixes flaws in Norton, pcAnywhere

  Attackers could exploit flaws in Symantec's Norton AntiVirus and pcAnywhere to launch malicious code or compromise a user's session credentials.

• May 08, 2007 08 May'07

  Companies plug FTP holes with secure FTP servers

  Some companies are investing in secure FTP suites to give employees and business partners the ability to transfer large files such as large documents, audio, video and photos.

• May 03, 2007 03 May'07

  Quiz: Preventing data leaks

  A six-question multiple-choice quiz to test your understanding of the content presented by expert Richard Bejtlich in this lesson of SearchSecurity.com's Data Protection Security School.

• May 03, 2007 03 May'07

  Quiz: Enterprise strategies for protecting data at rest

  A five-question multiple-choice quiz to test your understanding of the e-discovery content presented by expert Perry Carpenter in this lesson of SearchSecurity.com's Data Protection Security School.

• May 03, 2007 03 May'07

  Quiz: Demystifying data encryption

  A five-question multiple-choice quiz to test your understanding of the data encryption content presented by expert Tom Bowers in this lesson of SearchSecurity.com's Data Protection Security School.

• May 03, 2007 03 May'07

  Microsoft users sticking with third-party security vendors

  IT pros are pleased with Microsoft's security advances, including those found in Forefront. But don't expect them to drop their third-party security vendors.

• May 02, 2007 02 May'07

  Microsoft to release DNS patch Tuesday

  In addition to a fix for the DNS Server Service flaw, Microsoft plans to patch critical flaws in Windows, Office, Exchange, CAPICOM and BizTalk.

• May 01, 2007 01 May'07

  IM slang glossary

• April 26, 2007 26 Apr'07

  New image spam sneaks into inboxes

  Researchers at Secure Computing Corp. have discovered a new form of image spam that is sneaking into corporate systems and clogging inboxes.

• April 26, 2007 26 Apr'07

  Websense to acquire SurfControl

  Websense says its planned $400 million acquisition of SurfControl will allow it to better compete in the global security market.

• April 24, 2007 24 Apr'07

  Scaling storage networks demands careful consideration

  In the Fibre Channel world, scaling often means adding more and faster switch ports to extend the fabric's bandwidth and connectivity. But IP storage (mainly iSCSI) is a growing area of SAN expansion, using ubiquitous Ethernet network technology to ...

• April 24, 2007 24 Apr'07

  Apple fixes 25 Mac OS X flaws

  Attackers could exploit about two dozen flaws in Mac OS X to cause a denial of service, bypass security restrictions, disclose sensitive data and run malicious code.