News
IT strategy
-
December 14, 2005
14
Dec'05
Roundup: 2005's 'curious malicious code'
These viruses, worms and Trojans sometimes escaped our notice. But it didn't get past one antivirus vendor, who rounded up some of the year's stranger offerings from the underground.
-
December 12, 2005
12
Dec'05
Two Windows patches coming, IE fix uncertain
It remains to be seen whether the software giant on Dec. 13 will address an outstanding Internet Explorer issue that is currently the target of a malicious Trojan.
-
December 12, 2005
12
Dec'05
Titan Rain shows need for better training
SANS says the Chinese-based attacks demonstrate the growing sophistication of hackers, and the need for IT admins who can articulate the dangers to execs.
-
December 07, 2005
07
Dec'05
Security pros gain ground in the board room
Executives are paying more attention to their IT security managers and taking more responsibility for online threats against their companies, according to a new study.
-
December 06, 2005
06
Dec'05
Cybersecurity policy takes cooperation, trust, experts say
At the Infosecurity confab, experts explain why sharing information -- even when it's embarrassing -- is vital to securing not only corporations, but also the national infrastructure.
-
November 30, 2005
30
Nov'05
Out-of-cycle IE patch may be imminent
Microsoft may release a critical Internet Explorer fix before the next Patch Tuesday, amid reports that malicious code is targeting a memory corruption flaw.
-
November 29, 2005
29
Nov'05
By the numbers: The new SOX breakdown
SOX spending for 2006 is expected to be on par with last year but it's not quite dÉjÀ vu all over again. More dough will go to technology.
-
November 28, 2005
28
Nov'05
Who owns and administers the internet's addresses?
Given that IPv4 addresses are a finite resource, we can expect concerns over their distribution to increase in the coming years.
-
November 28, 2005
28
Nov'05
Step 6: Configuring wireless clients
With wireless networks proliferating it is a good idea to understand what it takes to build a VPN for a wireless gateway. Contributor and Microsoft MVP Brien Posey details the necessary steps in this step-by-step guide.
-
November 21, 2005
21
Nov'05
Wireless security: Public Wi-Fi could open security holes
A Michigan county is working to give everyone within its borders wireless Internet access. But when it comes to security, users are on their own.
-
November 20, 2005
20
Nov'05
Wireless security crucial to railway safety
A transportation firm uses wireless technology to keep the trains running on time. But securing mobile devices isn't easy when they're spread across the globe.
-
November 16, 2005
16
Nov'05
Wireless security: Companies deal with software updates
A health care provider found it could use wireless technology to dramatically boost patient care. But first it had to figure out how to deploy security updates over a wireless network.
-
November 14, 2005
14
Nov'05
Sony rootkit uninstaller causes bigger threat
Princeton researchers say a security hole that appears when users try to remove Sony's copy protection software presents an even greater risk than the original rootkit.
-
November 14, 2005
14
Nov'05
Hackers installing keyloggers at a record rate
iDefense researchers have found that keylogger infections are up 65% over the year before, putting the private data of tens of millions of users at risk.
-
November 14, 2005
14
Nov'05
Demand for development skills soars as firms seek business edge
Computer Weekly salary survey shows IT departments eager to secure skills for the future.
-
November 10, 2005
10
Nov'05
Security Bytes: FTC cracks down on alleged spyware distributors
Patches fix serious RealPlayer flaws, IM malcode launches phishing attacks; Microsoft warns of Macromedia Flash flaw; Liberty Alliance pushes stronger authentication; FEMA data security is in question; patches fix Veritas flaws and TransUnion ...
-
November 09, 2005
09
Nov'05
Trojans target Sony DRM and Windows
Security researchers track two new Trojan horses. One exploits the Sony DRM program. The other could possibly take aim at the Windows flaw Microsoft patched this week.
-
November 08, 2005
08
Nov'05
Sony takes second stab at DRM patch
But a top executive's response to criticism over the company's use of rootkit technology has added fuel to the backlash.
-
October 24, 2005
24
Oct'05
Reporter's Notebook: NYC 'controls the software industry'
At Information Security Decisions: a security "rock star" rages against the Microsoft machine; banging the drum for enterprise security; a sour note on zero-day exploits.
-
October 19, 2005
19
Oct'05
Elements of a data protection strategy
In this excerpt from Data Protection and Lifecycle Management, Tom Petrocelli addresses the importance of securing data for regulatory compliance and outlines the five components of a data protection strategy.
-
October 17, 2005
17
Oct'05
How avian flu could threaten IT security
Experts say a potential bird flu pandemic could have a disastrous effect on IT infrastructures. But if companies plan well, those infrastructures could also help minimize chaos.
-
October 12, 2005
12
Oct'05
Quiz: What's your infosec IQ?
We've collected our toughest questions to see how well you stand up to a challenge. Put your knowledge to the test and let us know how you do.
-
September 27, 2005
27
Sep'05
Secure your extended enterprise
How do you achieve the fine balance between ensuring that there is truly free access to sensitive information, without sacrificing security?
-
September 26, 2005
26
Sep'05
IT spending at midsized companies: How much does size matter?
-
September 26, 2005
26
Sep'05
Secure the interests of your extended enterprise
How do you achieve the fine balance between ensuring that there is truly free access to sensitive information and applications from both inside and outside the firewall, without sacrificing security?
-
September 22, 2005
22
Sep'05
Telework key to surviving security disaster, expert says
Cybersecurity Industry Alliance Executive Director Paul Kurtz explains why telework may be crucial to surviving The Big One.
-
September 22, 2005
22
Sep'05
Who best to avert data security disaster: government or business?
People look to government to prevent catastrophe. But in the Information Age, some of those people, namely those working in IT shops, need to do their part to protect us.
-
September 21, 2005
21
Sep'05
Leave no trace: Understanding attackers' motives
This excerpt from Chapter 1 of "Rootkits: Subverting the Windows Kernel," explains the purpose of back doors and how hackers use them, as well as how stealth plays a major role in most successful attacks.
-
September 21, 2005
21
Sep'05
Catastrophic cyberattack unlikely, experts say
Predictions of a cataclysmic disaster have been around for awhile. But one security officer cites reasons why the Internet can never be brought down.
-
September 20, 2005
20
Sep'05
Security tools help reduce insider threat.
-
September 20, 2005
20
Sep'05
SAS drives product roundup
Serial-attached SCSI (or SAS) drives offer significant storage capacity at a much lower cost, while maintaining reasonable performance. Find out who the vendors are in this market.
-
September 20, 2005
20
Sep'05
Insider threat seen as biggest data security issue
Whether they oversee physical or online defenses, security officers say the disaster scenario that scares them most begins with an insider with malicious intentions.
-
September 18, 2005
18
Sep'05
Ensure that legal responsibilities are clear -- Especially when trouble strikes
Excerpt from Chapter 15 of Information Nation Warrior: Information Management Compliance Boot Camp.
-
September 11, 2005
11
Sep'05
VoIP turns up the heat on firewalls
New research shows that many organizations are increasingly concerned about VoIP security and plan to augment their firewalls within the next year, changing the landscape of the firewall market.
-
September 06, 2005
06
Sep'05
Firewalls can help or hurt, so plan carefully
-
September 05, 2005
05
Sep'05
Which data backup software is best? - Page 2
-
September 05, 2005
05
Sep'05
Which data backup software is best? - Page 3
-
September 05, 2005
05
Sep'05
IE 7.0 may usher in wave of RSS exploits
Experts warn that Web-feed enhancements in Microsoft's new Web browser may be just the thing crackers need to compromise networks and private data.
-
September 05, 2005
05
Sep'05
Which data backup software is best? - Page 4
-
September 05, 2005
05
Sep'05
Extending perimeters
The news that, up until 2006, 70% of successful wireless local area network (WLAN) attacks will be because of the misconfiguration of WLAN access points and client software is disquieting on a number of levels.
-
August 30, 2005
30
Aug'05
Myfip's Titan Rain connection
LURHQ researchers say the Myfip worm is a good example of the malcode Chinese hackers are using in the so-called Titan Rain attacks against U.S. government networks.
-
August 30, 2005
30
Aug'05
Antivirus can introduce dangerous network security holes into any OS
AV software is one of the most basic security steps available. It's also yet another gateway for security breaches.
-
August 30, 2005
30
Aug'05
Passive fingerprinting: Applications and prevention
In this excerpt from the book Silence on the Wire, author Michal Zalewski discusses both malicious and beneficial uses for passive fingerprinting, and how to prevent successful passive fingerprinting on your network.
-
August 26, 2005
26
Aug'05
High profile breach brings security to top of agenda
There’s nothing like an apparent breach at a global company to concentrate the mind when it comes to information and data security.
-
August 23, 2005
23
Aug'05
HP sales boost as restructuring costs
HP reported a 10% increase in sales for the third quarter, and said it would spend $900m (£530m) on redundancy costs in the final quarter.
-
August 16, 2005
16
Aug'05
Reduce risks of disaster recovery testing
Untested business continuity plans can leave your firm in the lurch, but taking down live environments is risky and complicated.
-
August 02, 2005
02
Aug'05
Raising risk prospects with a new SQL injection threat
"Inference attacks" could deliver up your so-called secure database to an attacker.
-
July 31, 2005
31
Jul'05
Attack: USB could be the death of me
Seemingly innocent Universal Serial Bus driver bugs may allow device attacks that many won't see coming, according to Black Hat presenters.
-
July 28, 2005
28
Jul'05
Sarbox compliance costing companies
Companies’ required investments to attain compliance with the Sarbanes-Oxley data security legislation has come at the expense of dealing with other security threats, according to the Information Security Forum (ISF).
-
July 27, 2005
27
Jul'05
Combining technology and social engineering: Hacking behind bars
In this excerpt from Chapter 11 of "The Art of Deception: Controlling the Human Element of Security," authors Kevin Mitnick and William L. Simon begin a story that shows how social engineering can be used with technology.