News

IT security

• December 13, 2006 13 Dec'06

  Third zero-day found in Microsoft Word

  For the third time in a week, a zero-day flaw has been found in Microsoft Word. Users should be cautious when opening attachments from unknown sources.

• December 13, 2006 13 Dec'06

  Host-based replication

  While the lines of distinction among data protection technologies such as backup, continuous data protection and replication have blurred, host-based replication can play a key role in your overall data protection strategy.

• December 12, 2006 12 Dec'06

  Expert offers tips to bolster messaging security

  In this edition of Security Wire Weekly, Burton Group analyst Diana Kelley explains how to lock down messaging programs as part of our three-day special report on the subject.

• December 12, 2006 12 Dec'06

  Symantec issues NetBackup security alert

  Symantec issues an alert and patch to vulnerabilities in NetBackup 6.0, 5.1 and 5.0.

• December 12, 2006 12 Dec'06

  Data breach at Boeing exposes 382,000 employees

  The third theft of a Boeing laptop in the last 13 months has exposed the data of nearly 400,000 employees and retirees.

• December 11, 2006 11 Dec'06

  Storage Decisions Session Downloads: Executive Track (LV 2006)

  Our "Executive track" sessions give C-level technology executivesan idea of where their storage should be and ideas on where it's headed.

• December 11, 2006 11 Dec'06

  Microsoft fixes two zero-day flaws

  The December security update from Microsoft includes patches for zero-day flaws in Visual Studio and Windows Media Player, but two zero-day flaws in Word remain unfixed.

• December 11, 2006 11 Dec'06

  IT pros look for ways to lock down IM

  Special Report: To control growing IM threats, administrators are trying to limit which programs can be used or ban the technology altogether. But that's not always possible.

• December 10, 2006 10 Dec'06

  Zantaz buys data classification partner Singlecast

  Email archiving player Zantaz has purchased data classification startup Singlecast, which can categorise and apply policies to data before an email takes up storage space.

• December 10, 2006 10 Dec'06

  Messaging insecurity fuels data leakage fears

  Special Report: The proliferation of messaging technology means more opportunity for malware to take root and sensitive data to be lifted.

• December 10, 2006 10 Dec'06

  Microsoft suffers third zero-day in a week

  A second zero-day flaw in Word has been uncovered, Microsoft said Sunday. It's the software giant's third zero-day in a week.

• December 10, 2006 10 Dec'06

  Storage Decisions in the wild, wild west

  Dedupe, iSCSI, backup, virtualisation and cowboys in Stetson hats -- Storage Decisions Las Vegas 2006 had it all.

• December 10, 2006 10 Dec'06

  Windows Vista security settings

  Microsoft's Windows Vista is here. Here, Current Analysis senior analyst Andrew Braunberg discusses what network admins need to know about tightening up Vista security.

• December 07, 2006 07 Dec'06

  Dell, Microsoft tout joint NAS product

  The new NX1950 product is vastly more expensive than its counterparts from HP and NetApp, but it scales higher, supports clusters and has redundant controllers.

• December 06, 2006 06 Dec'06

  Microsoft to fix Visual Studio, Windows flaws

  Microsoft plans to release five security updates to address vulnerabilities in Windows and a flaw in Visual Studio as part of its monthly security bulletin release cycle.

• December 06, 2006 06 Dec'06

  Zero-day flaw found in Windows Media Player

  Attackers could exploit a new zero-day flaw in Windows Media Player to cause a denial of service or launch malicious code. The threat is Microsoft's second zero-day flaw in a week.

• December 06, 2006 06 Dec'06

  MP3 search site pushes spyware, watchdogs say

  A Web site that gives users the ability to search for MP3s contains programs that behave like spyware, according to the Center for Democracy and Technology and StopBadware.org.

• December 04, 2006 04 Dec'06

  IBM to acquire compliance software firm

  IBM plans to acquire Consul Risk Management Inc., a Delft, Netherlands-based firm whose software tracks non-compliant behavior of employees.

• December 04, 2006 04 Dec'06

  Spam -- stop it at the network edge

  Spam has become much more than just a nuisance; it can slow or crash the network. F5 recently added a module to its Big IP platform to stop spam at the network edge.

• December 03, 2006 03 Dec'06

  Security Bytes: Phishing worm spreads through MySpace

  Round up of security news

• November 30, 2006 30 Nov'06

  Terrorists may target financial sites

  The U.S. government is warning of an al-Qaida call for a cyberattack against online stock trading and banking Web sites

• November 30, 2006 30 Nov'06

  Symantec blames piracy for Veritas licensing snafu

  Weekly compilation of storage news: Symantec says that software counterfeiting is throwing a wrench in tech support ; FRCP rules take effect.

• November 30, 2006 30 Nov'06

  Oracle responds to security critics

  Security Blog Log: Oracle takes on researchers who have criticised its security procedures in recent weeks. Meanwhile, Symantec warns of new zombie malware.

• November 29, 2006 29 Nov'06

  Multiple flaws in Adobe Reader, Acrobat

  Multiple flaws in Adobe Reader and Acrobat could allow attackers to execute malicious commands on victims' computers.

• November 29, 2006 29 Nov'06

  Podcast: Security certifications pay could rebound in '07

  Security certifications pay is languishing, according to skill and certifications pay expert David Foote of Foote Research. Foote examines the state of the IT security job market.

• November 28, 2006 28 Nov'06

  Symantec fixes NetBackup Puredisk flaw

  An unauthorised user could launch malicious code by exploiting a flaw in Symantec's Veritas NetBackup PureDisk product. But a fix is available.

• November 28, 2006 28 Nov'06

  Adware targets Mac OS X

  As F-Secure notes what may be the first example of adware designed for Macs, researcher LMH reports more flaws in the operating system as part of the Month of Kernel Bugs.

• November 28, 2006 28 Nov'06

  Study: Some firms balk at mobile security

  Companies are failing to safeguard sensitive data on employee mobile devices, according to a survey by the Business Performance Management Forum.

• November 23, 2006 23 Nov'06

  Commentary: We've never met a "thought follower"

  A couple of days back, a vendor tried to convince us that their new security consultancy services should be of interest to you, our readers.

• November 22, 2006 22 Nov'06

  Zango defying FTC agreement, researchers say

  This week in Security Blog Log: Two researchers accuse Zango of unsavory adware tactics, despite the company's pledge to clean up its act.

• November 21, 2006 21 Nov'06

  New Mac OS X flaw exposed

  A Mac OS X flaw was exposed as part of the Month of Kernel Bugs. Also, a new Web site vows to follow the lead of researchers LMH and H.D. Moore with a week of Oracle zero-days.

• November 21, 2006 21 Nov'06

  BakBone brushes up replication software

  BakBone's NetVault Replicator version 5.0 includes automatic configuration of replication for remote sites, a capacity planning tool and a higher performance data movement engine.

• November 20, 2006 20 Nov'06

  Insider security threats come in many forms

  Insiders could be the greatest threat to a company's security. The best defense is to let them know Big Brother is watching and a plan to deal with troublemakers.

• November 19, 2006 19 Nov'06

  Virtualisation: friend or foe? [Day Two: The virtual appliance]

  Virtualisation slashes costs, makes management easier, unshackles software configurations from hardware. And it is being embraced around the world. But is it secure? In this three-part series, Patrick Gray explores the security implications of this ...

• November 13, 2006 13 Nov'06

  Trojan poses as Adobe software update

  The Trojan keylogger comes in an email that asks users to download the latest version of Adobe Reader. It then tries to steal the user's confidential information.

• November 08, 2006 08 Nov'06

  Storage virtualization acquisitions need careful consideration

  Storage virtualization alleviates traditional storage growth problems by implementing a layer of abstraction between applications and physical storage, allowing storage to be combined and treated as a ubiquitous resource, regardless of location. ...

• November 08, 2006 08 Nov'06

  Microsoft to patch critical zero-day flaws in Windows

  Microsoft plans to repair five critical flaws in Windows and a flaw in XML Core Services as part of its monthly patch update next week.

• November 07, 2006 07 Nov'06

  Mozilla fixes Firefox flaws

  Attackers could exploit multiple flaws in Firefox, SeaMonkey and Thunderbird to crash machines, bypass security restrictions and launch malicious code.

• November 06, 2006 06 Nov'06

  How to manage encryption keys

  Encryption is an effective way to secure data, but the encryption keys used must be carefully managed to ensure data remains protected and accessible when needed.

• November 06, 2006 06 Nov'06

  Agency improves security grades under CISO's watch

  CISO Philip Heneghan has made security a way of life for the U.S. Agency for International Development (USAID). His work earned him a Security 7 award.

• November 06, 2006 06 Nov'06

  Sourcefire IPO could fuel Snort, users say

  Snort users frowned when Check Point tried to acquire Sourcefire last year. But they are more optimistic about Sourcefire's plans to go public.

• November 05, 2006 05 Nov'06

  Microsoft eyes second zero-day threat in a week

  This time, attackers are going after a zero-day flaw in Windows, and Microsoft has released some workarounds until a patch is available.

• November 05, 2006 05 Nov'06

  Mobile device encryption - a practice not often applied

  Encryption is the best way to protect data on mobile devices -- but too few companies are actually deploying this critical technology.

• November 02, 2006 02 Nov'06

  Review: SPI Dynamics' WebInspect 6.1

  SPI Dynamics has created a powerful tool for novices as well as advanced users who will appreciate the time and effort it saves.

• November 01, 2006 01 Nov'06

  Tor network privacy could be cracked

  The Tor network is used by those who want to keep their IP addresses private. But new research shows that it's possible to compromise the system and unmask the user.

• October 31, 2006 31 Oct'06

  Flaw found in Firefox 2.0

  Attackers could exploit the security flaw to crash versions 1.5.0.7 and 2.0 of the browser, according to various security advisories.

• October 31, 2006 31 Oct'06

  E-vaulting's many faces can confuse IT efforts

  E-vaulting is the process that describes how enterprise IT departments ship backup tapes and replicate data to remote disk arrays and VTLs. E-vaulting is not a new concept, but more recently it has grown to mean remote backups and replication for ...

• October 30, 2006 30 Oct'06

  Messaging Security School

  SearchSecurity.com's Messaging Security School has brought together some of the most knowledgeable experts in the messaging security field to offer you personal instruction on how to secure the information handled by your organization's knowledge ...

• October 30, 2006 30 Oct'06

  Countermeasures for malicious email code

  Today's malware continues to raise the security stakes. Enterprises are now facing numerous evolving threats like targeted and blended attacks, zero-day exploits, botnets and phishing schemes. The attacks aren't the only things evolving; so are ...

• October 30, 2006 30 Oct'06

  Survey: Data breach costs surge

  A new study by the Ponemon Institute finds a 31% increase in the costs associated with a data breach.