News

IT security

• June 05, 2005 05 Jun'05

  Quiz: Secure Web directories and development

  Evaluate your knowledge of Web threats and how to defeat them. Questions cover security risks of dynamically created content and proper security management.

• June 04, 2005 04 Jun'05

  Top tools for testing your online security, part 2

  Michael Cobb explains what tools are helpful in maintaining Web security, including security scanners, benchmarking tools, monitoring services and online resources.

• June 04, 2005 04 Jun'05

  Top tools for testing your online security

  Learn a structured approach for Web security that can make your security management tasks easier and increase your chances of success.

• June 04, 2005 04 Jun'05

  Life at the edge part 3: Resistance to failure

  Learn how architecture, protocol and application-level protections work together to safeguard a Web infrastructure.

• June 04, 2005 04 Jun'05

  Life at the edge part 4: When things go wrong

  A checklist and other hints to protect your Web servers from a worst-case scenario.

• June 04, 2005 04 Jun'05

  Life at the edge part 2: Divide and conquer with DMZs

  Learn how a DMZ works and how it can protect Web servers.

• June 03, 2005 03 Jun'05

  Quiz: Identify and analyze Web server attacks, answer No. 5

  Quiz: Identify and analyze Web server attacks, answer No. 5

• June 03, 2005 03 Jun'05

  Quiz: Identify and analyze Web server attacks

  Test your knowledge of the material covered in the "Identify and analyze Web server attacks" section of Intrusion Defense School.

• June 03, 2005 03 Jun'05

  Quiz: Identify and analyze Web server attacks, answer No. 3

  Quiz: Identify and analyze Web server attacks, answer No. 3

• June 02, 2005 02 Jun'05

  Quiz: Web attack prevention and defense

  Test your knowledge of the material covered in Web attack prevention and defense, including the fundamentals of securing a Web server.

• June 01, 2005 01 Jun'05

  Zombie machines used in 'brutal' SSH attacks

  IT managers use SSH to gain secure access to remote computers. Hackers are using it to crack your network, with help from their zombie friends.

• May 31, 2005 31 May'05

  Network configuration: IIS SMTP mail relay service and Microsoft Exchange Server

  Learn how to use the IIS SMTP mail relay service to prevent spammers from directly interacting with your Microsoft Exchange Server.

• May 29, 2005 29 May'05

  Patching resource kit

  From vulnerability scanning to patching flubs, here's a collection of other helpful resources to ensure your patching efforts are effective.

• May 23, 2005 23 May'05

  Pre-CISSP: Options for the security newbie

  Shon Harris advises novice security practitioners on the value of entry-level certifications -- and good, old-fashioned experience -- in preparation for the CISSP®.

• May 17, 2005 17 May'05

  Should the government define spyware?

  Who's best qualified to define what is and isn't spyware -- your congressman or your online user community? Security experts say no entity can do it alone.

• May 17, 2005 17 May'05

  Some vendors get labeled as spyware pushers

  To win the battle with spyware, you must be able to spot it. That's not as easy as you think.

• May 11, 2005 11 May'05

  A new era of computer worms: Wireless mobile worms

  In this excerpt of Chapter 9 from "The Art of Computer Virus Research and Defense," author Peter Szor dissects the Cabir worm.

• April 14, 2005 14 Apr'05

  Who should be on (and off) the hook for ID theft?

  An influential cryptographer and a panel of technologists today debate how best to fight false authentication and fraudulent transactions.

• April 03, 2005 03 Apr'05

  Are identities safer on laptops than central databases?

  Microsoft pledges better ID security. Given the theft of a laptop storing 100,000 Social Security numbers, Redmond's approach could prove controversial.

• March 29, 2005 29 Mar'05

  Quiz: Do you have a firm e-mail security foundation?

  This Security School quiz is the first in a series of three on e-mail security essentials.

• March 21, 2005 21 Mar'05

  Linux lags Windows in new security report

  A controversial research paper takes a critical look at two popular platforms' track record on vulnerabilities and fixes. In turn, its findings are facing sharp scrutiny as well.

• March 17, 2005 17 Mar'05

  Botnets more menacing than ever

  Researchers from the Honeynet Project and iDefense say bots are spreading quickly, digging their heels into more than a million machines around the world.

• March 16, 2005 16 Mar'05

  RootkitRevealer turns root kits' tactics back at them

  A contributor reviews freeware RootkitRevealer from Sysinternals.

• March 15, 2005 15 Mar'05

  ID theft and national security

  Check out what some ITKnowledge Exchange members had to say about this controversial issue.

• March 14, 2005 14 Mar'05

  HIPAA causes data security problems for small businesses

  If your local dentist isn't complying with HIPAA's security rules, he's not alone. Experts say most doctors' offices aren't getting it.

• March 14, 2005 14 Mar'05

  HIPAA security rules apply to firms with healthcare plans

• March 14, 2005 14 Mar'05

  HIPAA security rules set hurdles for struggling hospitals

  Most healthcare organizations have one more month to meet the security requirements of the Health Insurance Portability and Accountability Act (HIPAA). Will they make it?

• March 09, 2005 09 Mar'05

  Exploit code targets critical CA flaws

  Anyone who ever evaluated CA software is potentially at risk. The good news is patches are available and a free scanner is out now to identify systems vulnerable to attack.

• March 08, 2005 08 Mar'05

  Small businesses targeted with RFID

• March 08, 2005 08 Mar'05

  Passwords still the weakest link

  Businesses are still struggling to convince their staff of the importance of password security, according to a survey of 67,000...

• March 08, 2005 08 Mar'05

  A sound architecture involves both strong technology and a professional approach

  Although many large organisations need to respond rapidly to changes in the market as well as to competition and globalisation...

• March 07, 2005 07 Mar'05

  Windows vulnerable to LAND attack

  Security researchers say this type of attack leaves enterprise customers of popular Windows products open to a denial of service. There is good news, though.

• February 24, 2005 24 Feb'05

  Security Bytes: Cisco patch available for ACNS flaws

  Workaround outlined for new php exploit. IBM issues patch for DB2 flaw. Payroll service goes offline to investigate security claims , and BoA loses personal data on customers.

• February 15, 2005 15 Feb'05

  Federal agency security still poor, but improving

  Report cards give federal security a D-plus average, but the Homeland Security Department is still failing.

• February 14, 2005 14 Feb'05

  Local mirror

• February 14, 2005 14 Feb'05

  Local backup

• February 14, 2005 14 Feb'05

  Strategic Storage: DR planning blueprint

  Developing a good disaster recovery (DR) plan is similar to good dental hygiene -- and almost as exciting. Similar to going to the dentist twice a year, you should also test your DR plan with the same frequency. Wait too long to clean up your plan ...

• February 09, 2005 09 Feb'05

  The Controversy of Hacking Books and Classes

  Read this excerpt and download Chapter 1, Ethics of Ethical Hacking from Shon Harris' All-in-One Gray Hat Hacking.

• February 07, 2005 07 Feb'05

  CEOs and CIOs split on IT success

  Business and IT directors are still at loggerheads on key technology issues, according to a new survey by the Economist...

• February 02, 2005 02 Feb'05

  Compressed files strike another blow to AV

  The "alternative" .rar files are picking up where popular .zip files left off as attack vectors.

• January 31, 2005 31 Jan'05

  ID theft remains No. 1 worry

  For the fifth straight year, the FTC said most complaints came from identity theft victims. And that's a problem for enterprises.

• January 23, 2005 23 Jan'05

  Cyberstorm chasers: The folks who look out for the latest Internet threats

  They keep a 'round-the-clock watch on conditions in cyberspace. CTO Johannes Ullrich discusses the volunteer effort behind the SANS Internet Storm Center.

• January 19, 2005 19 Jan'05

  Sun develops Centera competitor

• January 11, 2005 11 Jan'05

  A 'critical' Patch Tuesday

  Microsoft issues three security bulletins for January, two of them critical. Attackers have already exploited some of the vulnerabilities.

• January 10, 2005 10 Jan'05

  Security Bytes: George Mason U. hacked; new Trojans on the loose

  Hackers steal personal data of more than 30,000 members of George Mason University. Two new Trojans emerge. BMC Software buys a Parisian company.

• January 10, 2005 10 Jan'05

  Security on a Shoestring: Creating Internet policies on the cheap

  No matter how small the organization, it's impractical to stand over employees and make sure they properly use the Internet. So here's how to write a decent acceptable use policy, and make sure everyone abides by it.

• January 05, 2005 05 Jan'05

  New solutions for the zero hour

  IT vendors are looking to fill the gap between when a virus first hits and when its remedy is released.

• December 20, 2004 20 Dec'04

  Fixes, workaround for Kerberos 5 vulnerability

  A security hole could be exploited to launch malicious code. But there are fixes and a workaround.

• December 19, 2004 19 Dec'04

  Transforming the cybersecurity culture

  Eleven New Year's resolutions can help employees at all levels empower the security function at their organization.

• December 08, 2004 08 Dec'04

  The security lingo of 2004

  This was the year of botnets, zombie PC armies and phishying online schemes.