News

IT security

• September 20, 2005 20 Sep'05

  SAS drives product roundup

  Serial-attached SCSI (or SAS) drives offer significant storage capacity at a much lower cost, while maintaining reasonable performance. Find out who the vendors are in this market.

• September 20, 2005 20 Sep'05

  Security tools help reduce insider threat.

• September 20, 2005 20 Sep'05

  Insider threat seen as biggest data security issue

  Whether they oversee physical or online defenses, security officers say the disaster scenario that scares them most begins with an insider with malicious intentions.

• September 18, 2005 18 Sep'05

  Ensure that legal responsibilities are clear -- Especially when trouble strikes

  Excerpt from Chapter 15 of Information Nation Warrior: Information Management Compliance Boot Camp.

• September 18, 2005 18 Sep'05

  CCSP courses, exam changing next month

  Those seeking Cisco's security credential and specialization in VPN, firewall and IDS will soon follow different curricula that better reflect the vendor's current product lines.

• September 11, 2005 11 Sep'05

  VoIP turns up the heat on firewalls

  New research shows that many organizations are increasingly concerned about VoIP security and plan to augment their firewalls within the next year, changing the landscape of the firewall market.

• September 06, 2005 06 Sep'05

  Firewalls can help or hurt, so plan carefully

• September 05, 2005 05 Sep'05

  IE 7.0 may usher in wave of RSS exploits

  Experts warn that Web-feed enhancements in Microsoft's new Web browser may be just the thing crackers need to compromise networks and private data.

• September 05, 2005 05 Sep'05

  Extending perimeters

  The news that, up until 2006, 70% of successful wireless local area network (WLAN) attacks will be because of the misconfiguration of WLAN access points and client software is disquieting on a number of levels.

• September 01, 2005 01 Sep'05

  Symantec glitch could expose user names, passwords

  Symantec announced a fix for a flaw in AntiVirus Corporate Edition Friday afternoon. The security hole could be exploited to view user names and passwords.

• August 30, 2005 30 Aug'05

  Myfip's Titan Rain connection

  LURHQ researchers say the Myfip worm is a good example of the malcode Chinese hackers are using in the so-called Titan Rain attacks against U.S. government networks.

• August 30, 2005 30 Aug'05

  Antivirus can introduce dangerous network security holes into any OS

  AV software is one of the most basic security steps available. It's also yet another gateway for security breaches.

• August 30, 2005 30 Aug'05

  Passive fingerprinting: Applications and prevention

  In this excerpt from the book Silence on the Wire, author Michal Zalewski discusses both malicious and beneficial uses for passive fingerprinting, and how to prevent successful passive fingerprinting on your network.

• August 26, 2005 26 Aug'05

  High profile breach brings security to top of agenda

  There’s nothing like an apparent breach at a global company to concentrate the mind when it comes to information and data security.

• August 16, 2005 16 Aug'05

  Reduce risks of disaster recovery testing

  Untested business continuity plans can leave your firm in the lurch, but taking down live environments is risky and complicated.

• August 10, 2005 10 Aug'05

  Strategic Storage: Storage security -- Change old habits and stop data theft

• August 06, 2005 06 Aug'05

  Trusted Computing Group releases server specs

  The Trusted Computing Group released a new set of trusted server specifications it hopes will help vendors protect their platforms against security breaches.

• August 02, 2005 02 Aug'05

  Raising risk prospects with a new SQL injection threat

  "Inference attacks" could deliver up your so-called secure database to an attacker.

• July 31, 2005 31 Jul'05

  Attack: USB could be the death of me

  Seemingly innocent Universal Serial Bus driver bugs may allow device attacks that many won't see coming, according to Black Hat presenters.

• July 28, 2005 28 Jul'05

  Sarbox compliance costing companies

  Companies’ required investments to attain compliance with the Sarbanes-Oxley data security legislation has come at the expense of dealing with other security threats, according to the Information Security Forum (ISF).

• July 27, 2005 27 Jul'05

  Cisco, Black Hat litigation comes to a close

  The vendor and partner ISS settle their dispute over a presentation that resulted in criminal charges and cease and desist orders.

• July 26, 2005 26 Jul'05

  VeriSign raises stakes in battle for threat intelligence

  Not to be outdone by 3Com's "Zero-Day Initiative," VeriSign says it'll shell out more cash for hackers who provide vulnerability intelligence.

• July 26, 2005 26 Jul'05

  Experts weigh in on spyware's defining moment

  We asked IT professionals to review the spyware definitions proposed by a coalition of tech firms and security organizations. They found plenty of room for improvement.

• July 26, 2005 26 Jul'05

  VoIP encryption to have 'Pretty Good Privacy

• July 24, 2005 24 Jul'05

  Authentication takes a bite out of spam

  Network and messaging experts offer helpful ammunition for network managers waving the white flag in the battle against spam.

• July 21, 2005 21 Jul'05

  Users look for value boost from Microsoft licence rejig

  Software Assurance needs to offer better support, say IT directors

• July 21, 2005 21 Jul'05

  Sarbox draining corporate security budgets

  Corporate investment to comply with the Sarbanes-Oxley data security legislation has come at the expense of dealing with other security threats, according to the Information Security Forum (ISF).

• July 21, 2005 21 Jul'05

  Can alcohol mix with your key personnel?

  I persuaded our MD to hire a dedicated IT security expert. I am pleased with his work, but on several occasions he has smelled strongly of drink. How do I nip this in the bud?

• July 20, 2005 20 Jul'05

  Pop quiz: E-mail security

  Find out how much you know about securing your organization's e-mail.

• July 12, 2005 12 Jul'05

  Sarbox challenge drains security budgets

  International corporate spending on compliance with the Sarbanes-Oxley data security legislation has come at the expense of dealing with other security threats, according to the Information Security Forum.

• July 06, 2005 06 Jul'05

  This is not your father's hacker

  While Sasser author Sven Jaschan awaits the outcome of his trial this week in Germany, a new cybercrime report explains why the teenager is becoming an anachronism.

• July 06, 2005 06 Jul'05

  PING with Karen Worstell

  The Microsoft CISO discusses how she keeps Redmond and its products secure.

• July 04, 2005 04 Jul'05

  Sasser author issues courtroom confession

  Sven Jaschan's mea culpa was expected after he earlier admitted to creating the last major malware outbreak more than a year ago.

• June 21, 2005 21 Jun'05

  Continuing education options for CISSPs: Top 10 ways to earn CPEs

  Who says you can't have fun while earning CPE credits? Check out the top 10 ways to meet CISSP® and SSCP continuing professional education requirements.

• June 13, 2005 13 Jun'05

  Gartner underscores five overblown threats

  Two Gartner analysts debunk five overhyped security risks they claim are causing companies to miss out on some key emerging technologies.

• June 07, 2005 07 Jun'05

  Latest Mytob worms phish for trouble

  Mytob's data-drumming tactics and the appearance of new Trojan horse programs add to concern that the underground is perfecting ingredients for a major attack.

• June 06, 2005 06 Jun'05

  Spyware removal checklist

  A step-by-step guide on how to remove spyware using antispyware tools including Spybot -- Search and Destroy, and HijackThis.

• June 06, 2005 06 Jun'05

  Know your enemy: Why your Web site is at risk

  In this Lesson 1 technical paper from Web Security School, guest instructor Michael Cobb outlines the threats to Web sites and who is behind them.

• June 06, 2005 06 Jun'05

  Developer's active content delivery checklist

  Rules for developing secure dynamic content for an IIS Web server.

• June 05, 2005 05 Jun'05

  Quiz: Secure Web directories and development, answer No. 3

  Quiz: Secure Web directories and development, answer No. 3

• June 05, 2005 05 Jun'05

  Quiz: Secure Web directories and development, answer No. 4

  Quiz: Secure Web directories and development, answer No. 4

• June 05, 2005 05 Jun'05

  Quiz: Secure Web directories and development, answer No. 5

  Quiz: Secure Web directories and development, answer No. 5

• June 05, 2005 05 Jun'05

  Quiz: Secure Web directories and development, answer No. 1

  Quiz: Secure Web directories and development, answer No. 1

• June 05, 2005 05 Jun'05

  Quiz: Secure Web directories and development, answer No. 2

  Quiz: Secure Web directories and development, answer No. 2

• June 05, 2005 05 Jun'05

  Analysts say 'cloudy' forecast is OK

• June 05, 2005 05 Jun'05

  Compliance shouldn't be a primary security driver

• June 05, 2005 05 Jun'05

  Quiz: Secure Web directories and development

  Evaluate your knowledge of Web threats and how to defeat them. Questions cover security risks of dynamically created content and proper security management.

• June 04, 2005 04 Jun'05

  Top tools for testing your online security, part 2

  Michael Cobb explains what tools are helpful in maintaining Web security, including security scanners, benchmarking tools, monitoring services and online resources.

• June 04, 2005 04 Jun'05

  Top tools for testing your online security

  Learn a structured approach for Web security that can make your security management tasks easier and increase your chances of success.

• June 04, 2005 04 Jun'05

  Life at the edge part 3: Resistance to failure

  Learn how architecture, protocol and application-level protections work together to safeguard a Web infrastructure.