Hackers and cybercrime prevention
-
News
06 Dec 2024
TfL cyber attack cost over £30m to date
TfL provides more detail on the financial impact of the September 2024 cyber attack that crippled several of its online systems Continue Reading
By- Alex Scroxton, Security Editor
-
News
05 Dec 2024
Government agencies urged to use encrypted messaging after Chinese Salt Typhoon hack
Chinese hacking of US telecom networks raises questions about the exploitation by hostile hacking groups of government backdoors to provide lawful access to telecoms services Continue Reading
By- Bill Goodwin, Computer Weekly
-
Feature
02 Oct 2006
ZERT rekindles third-party patching debate
This week in Security Blog Log: IT security pros express more reservations about third-party patching, including the CEO of a company that released one a few months ago. Continue Reading
-
Feature
28 Sep 2006
More from SearchSecurity September 2006
This month's round up weighs the pros and cons of security information management systems (SIMs) plus four case studies illustrating the different roadblocks security managers can encounter Continue Reading
-
News
26 Sep 2006
Stration worm targets Windows machines
The worm uses several fake email messages, including one claiming to be a security update. Users are advised to avoid unsolicited email attachments. Continue Reading
By -
Feature
25 Sep 2006
Symantec Dark Vision app monitors underground IRC servers
New research project keeps tabs on the hacker underground, providing new insight on activities like credit card theft and spamming. Continue Reading
-
News
24 Sep 2006
Hijacked consumer machines target the enterprise
Attackers continue to strike gold by targeting consumers who lack the security savvy to address desktop application flaws, according to Symantec Corp. Enterprises ultimately pay the price. Continue Reading
By -
News
12 Sep 2006
Big security fixes for QuickTime, Flash Player
Apple and Adobe warned that attackers could exploit multiple flaws in QuickTime and Flash Player to run malicious code on targeted machines. Continue Reading
By -
Feature
06 Sep 2006
Security Blog Log: Word doc scam evades spam filters
Also this week: A researcher gets a harsh reward after flagging a University of Southern California Web site flaw, and more blogs are keeping an eye on the latest security breaches. Continue Reading
-
News
27 Aug 2006
Third-party patching: Prudent or perilous?
Security patches issued by third parties have become more prevalent in recent months, and while some security pros endorse them, others say they're more trouble than they're worth. Continue Reading
By -
Feature
17 Aug 2006
Security blog log: Fear and loathing in MS06-040's wake
This week, security bloggers wonder if some of the MS06-040 warnings have gone too far. Meanwhile, Symantec uses its blog to warn about the timed release of exploits. Continue Reading
-
News
14 Aug 2006
Mocbot update targets MS06-040 flaw
Security experts raised the red flag Sunday as new malware targets the Windows flaw addressed in the MS06-040 patch. Attackers are using the flaw to expand IRC-controlled botnets. Continue Reading
By -
News
10 Aug 2006
Security Blog Log: Israeli-Hezbollah war spills into cyberspace
This week blogosphere warily watches online attacks inspired by the Mideast conflict and rants over the latest security incidents at AOL and the VA. Continue Reading
By -
News
10 Aug 2006
Symantec fixes Backup Exec flaw
Attackers could exploit flaws in Symantec Backup Exec 9.1 and 9.2 for NetWare Servers to cause a denial of service, launch malicious code and gain access to vulnerable machines. Continue Reading
By -
Feature
07 Aug 2006
Inside MSRC: Time to rethink security workarounds
Christopher Budd of the Microsoft Security Response Center recommends implementing one of several security workarounds to ensure a secure infrastructure until this month's most important Windows update can be installed. Continue Reading
-
Feature
03 Aug 2006
Countering attackers with NAC, IPS
Product review: Information Security magazine's Wayne Rash says ForeScout Technologies' flexible CounterACT appliance combines NAC with IPS and is worth the investment. Continue Reading
By- Wayne Rash
-
Feature
03 Aug 2006
Security event management, no strings attached
Product review: Information Security magazine's Joel Snyder says Check Point's vendor-agnostic Eventia Analyzer 2.0/Eventia Reporter is worth consideration despite limited BI options. Continue Reading
By- Joel Snyder, Opus One
- Feature 01 Aug 2006
-
News
26 Jul 2006
Mozilla issues critical security updates
New patches to fix 13 software security flaws, eight of which have been deemed critical. Continue Reading
By- Eric Parizo, Senior Analyst
-
News
26 Jul 2006
DHS puts Zitz in charge of cybersecurity division
American career intelligence officer Robert S. Zitz has taken over day-to-day operations of the US National Cyber Security Division, but his department still has numerous digital defence problems to remedy. Continue Reading
-
News
24 Jul 2006
Security Bytes: New Microsoft exploits in the wild
The exploits target issues Microsoft patched earlier this month. Meanwhile, flaws are reported in Oracle for OpenView and a Mozilla Firefox keystroke logger is on the loose. Continue Reading
By- SearchSecurity.com Staff
-
Feature
16 Jul 2006
Endpoint security quiz
Take this five-question quiz to see how much you've learned about endpoint security. Continue Reading
-
News
13 Jul 2006
Security Bytes: Investigators slam VA over data breach
Meanwhile: Cisco patches a router application flaw, a Washington law firm sues IBM over a server attack; and spammers sucker Web surfers with fake Vladimir Putin death reports. Continue Reading
By- SearchSecurity.com Staff
-
News
13 Jul 2006
Trojan targets Microsoft PowerPoint flaw
Update: The exploit might be tied to an older flaw in Excel. Attackers who exploit the serious flaw could launch arbitrary code. Microsoft says it is investigating. Continue Reading
By -
News
11 Jul 2006
Microsoft patches seven July security holes, five critical
The software giant's monthly batch of fixes includes critical repairs for Internet Explorer and Windows' networking features, plus "important" bulletins for Internet Information Server. Continue Reading
By -
News
10 Jul 2006
Security Bytes: Data breach affects 100,000 military personnel
Meanwhile: Phishers use a phone trick to dupe PayPal users; the PCI security standard will get more teeth and a survey illustrates an increase in security breaches Continue Reading
By- SearchSecurity.com Staff
-
News
30 Jun 2006
More from SearchSecurity -- July 2006
Highlights from the July 2006 issue of Information Security magazine. Continue Reading
-
News
26 Jun 2006
Dundee to teach ethical hacking BSc
A degree in ethical hacking will be on offer at a Scottish university from the new academic year. Continue Reading
By - News 13 Jun 2006
-
News
06 Apr 2006
Adding 'fudge' to your passwords
Safe passwords are integral to web application security. Unfortunately, recalling many complicated passwords is difficult. If you must write down your passwords to remember them, use this tip to create a safer password record. Continue Reading
By- T. Martin Brown
-
Feature
02 Mar 2006
Industry chiefs to declare war on for-profit cyber criminals
IT industry leaders reaffirm the importance of security to a digital economy beset by money-driven cyber criminals. Continue Reading
By- Brian McKenna, Senior Analyst, Business Applications
-
News
22 Dec 2005
Gaining access using application and operating system attacks
In this excerpt from Chapter 7 of Counter Hack Reloaded: A Step-by-Step Guide to Computer Attacks and Effective Defenses, Second Edition, authors Ed Skoudis and Tom Liston explain how security professionals can use exploit frameworks to their advantage. Continue Reading
-
News
14 Dec 2005
Flaws reported in Trend Micro ServerProtect
Storage and security managers should be wary of vulnerabilities in the AV product that could enable a denial-of-service and malicious code execution. Workarounds are available. Continue Reading
By -
News
12 Dec 2005
Titan Rain shows need for better training
SANS says the Chinese-based attacks demonstrate the growing sophistication of hackers, and the need for IT admins who can articulate the dangers to execs. Continue Reading
By -
News
07 Dec 2005
Security pros gain ground in the board room
Executives are paying more attention to their IT security managers and taking more responsibility for online threats against their companies, according to a new study. Continue Reading
By -
News
06 Dec 2005
Cybersecurity policy takes cooperation, trust, experts say
At the Infosecurity confab, experts explain why sharing information -- even when it's embarrassing -- is vital to securing not only corporations, but also the national infrastructure. Continue Reading
By -
News
10 Nov 2005
Security Bytes: FTC cracks down on alleged spyware distributors
Patches fix serious RealPlayer flaws, IM malcode launches phishing attacks; Microsoft warns of Macromedia Flash flaw; Liberty Alliance pushes stronger authentication; FEMA data security is in question; patches fix Veritas flaws and TransUnion suffers a security breach. Continue Reading
By- SearchSecurity.com Staff
-
News
09 Nov 2005
Trojans target Sony DRM and Windows
Security researchers track two new Trojan horses. One exploits the Sony DRM program. The other could possibly take aim at the Windows flaw Microsoft patched this week. Continue Reading
By -
News
17 Oct 2005
How avian flu could threaten IT security
Experts say a potential bird flu pandemic could have a disastrous effect on IT infrastructures. But if companies plan well, those infrastructures could also help minimize chaos. Continue Reading
By -
News
12 Oct 2005
Symantec fixes 'critical' Veritas flaw
Attackers could launch malicious code by exploiting a security hole in Veritas NetBackup servers and clients. But Symantec has released a fix. Continue Reading
By -
News
27 Sep 2005
Secure your extended enterprise
How do you achieve the fine balance between ensuring that there is truly free access to sensitive information, without sacrificing security? Continue Reading
-
News
22 Sep 2005
Telework key to surviving security disaster, expert says
Cybersecurity Industry Alliance Executive Director Paul Kurtz explains why telework may be crucial to surviving The Big One. Continue Reading
By -
News
21 Sep 2005
Leave no trace: Understanding attackers' motives
This excerpt from Chapter 1 of "Rootkits: Subverting the Windows Kernel," explains the purpose of back doors and how hackers use them, as well as how stealth plays a major role in most successful attacks. Continue Reading
-
News
21 Sep 2005
IT infrastructure risks key to averting major cyberattack
Predictions of a cataclysmic disaster have been around for awhile. But one security officer cites reasons why the Internet can never be brought down. Continue Reading
By -
News
21 Sep 2005
Catastrophic cyberattack unlikely, experts say
Predictions of a cataclysmic disaster have been around for awhile. But one security officer cites reasons why the Internet can never be brought down. Continue Reading
By -
News
31 Jul 2005
Attack: USB could be the death of me
Seemingly innocent Universal Serial Bus driver bugs may allow device attacks that many won't see coming, according to Black Hat presenters. Continue Reading
By- Victor R. Garza, Contributor
-
Feature
28 Jul 2005
Lost at sea: securing the channel
As attacks seem to proliferate almost unabated, it’s worrying to think that of the three interested parties in the security technology market — the technology makers, the technology sellers and the technology users—not everyone shares a common view on the importance of the technology. Continue Reading
-
News
26 Jul 2005
VeriSign raises stakes in battle for threat intelligence
Not to be outdone by 3Com's "Zero-Day Initiative," VeriSign says it'll shell out more cash for hackers who provide vulnerability intelligence. Continue Reading
By -
News
26 Jul 2005
Experts weigh in on spyware's defining moment
We asked IT professionals to review the spyware definitions proposed by a coalition of tech firms and security organizations. They found plenty of room for improvement. Continue Reading
By -
News
21 Jul 2005
Can alcohol mix with your key personnel?
I persuaded our MD to hire a dedicated IT security expert. I am pleased with his work, but on several occasions he has smelled strongly of drink. How do I nip this in the bud? Continue Reading
-
Feature
06 Jul 2005
Phishing for the missing piece of the CardSystems puzzle
A banking insider examines the ties between customized phishing attacks this spring and the CardSystems breach announced soon after. Don't miss his revelations on how they're linked and what the phishers really needed. Continue Reading
-
News
06 Jul 2005
This is not your father's hacker
While Sasser author Sven Jaschan awaits the outcome of his trial this week in Germany, a new cybercrime report explains why the teenager is becoming an anachronism. Continue Reading
By- Anne Saita, TechTarget
-
News
07 Jun 2005
Latest Mytob worms phish for trouble
Mytob's data-drumming tactics and the appearance of new Trojan horse programs add to concern that the underground is perfecting ingredients for a major attack. Continue Reading
By -
News
06 Jun 2005
Know your enemy: Why your Web site is at risk
In this Lesson 1 technical paper from Web Security School, guest instructor Michael Cobb outlines the threats to Web sites and who is behind them. Continue Reading
-
News
05 Jun 2005
Quiz: Secure Web directories and development
Evaluate your knowledge of Web threats and how to defeat them. Questions cover security risks of dynamically created content and proper security management. Continue Reading
-
News
04 Jun 2005
Top tools for testing your online security, part 2
Michael Cobb explains what tools are helpful in maintaining Web security, including security scanners, benchmarking tools, monitoring services and online resources. Continue Reading
-
News
04 Jun 2005
Top tools for testing your online security
Learn a structured approach for Web security that can make your security management tasks easier and increase your chances of success. Continue Reading
-
News
03 Jun 2005
Quiz: Identify and analyze Web server attacks, answer No. 5
Quiz: Identify and analyze Web server attacks, answer No. 5 Continue Reading
-
News
03 Jun 2005
Quiz: Identify and analyze Web server attacks, answer No. 3
Quiz: Identify and analyze Web server attacks, answer No. 3 Continue Reading
-
News
23 May 2005
Pre-CISSP: Options for the security newbie
Shon Harris advises novice security practitioners on the value of entry-level certifications -- and good, old-fashioned experience -- in preparation for the CISSP®. Continue Reading
- Opinion 25 Apr 2005
-
News
14 Mar 2005
HIPAA security rules set hurdles for struggling hospitals
Most healthcare organizations have one more month to meet the security requirements of the Health Insurance Portability and Accountability Act (HIPAA). Will they make it? Continue Reading
By -
News
09 Mar 2005
Exploit code targets critical CA flaws
Anyone who ever evaluated CA software is potentially at risk. The good news is patches are available and a free scanner is out now to identify systems vulnerable to attack. Continue Reading
By -
News
08 Mar 2005
Passwords still the weakest link
Businesses are still struggling to convince their staff of the importance of password security, according to a survey of 67,000... Continue Reading
-
Opinion
03 Mar 2005
SMBs' real risk of being online
Stuart King CISSP, is responsible for online security and risk assessment for the Reed Elsevier Group. Continue Reading
-
News
24 Feb 2005
Security Bytes: Cisco patch available for ACNS flaws
Workaround outlined for new php exploit. IBM issues patch for DB2 flaw. Payroll service goes offline to investigate security claims , and BoA loses personal data on customers. Continue Reading
By- SearchSecurity.com Staff
-
News
15 Feb 2005
Federal agency security still poor, but improving
Report cards give federal security a D-plus average, but the Homeland Security Department is still failing. Continue Reading
By- Keith Regan, Contributing Writer
-
News
02 Feb 2005
Compressed files strike another blow to AV
The "alternative" .rar files are picking up where popular .zip files left off as attack vectors. Continue Reading
By- Shawna McAlearney, News Editor
-
News
11 Jan 2005
A 'critical' Patch Tuesday
Microsoft issues three security bulletins for January, two of them critical. Attackers have already exploited some of the vulnerabilities. Continue Reading
By -
News
10 Jan 2005
Security on a Shoestring: Creating Internet policies on the cheap
No matter how small the organization, it's impractical to stand over employees and make sure they properly use the Internet. So here's how to write a decent acceptable use policy, and make sure everyone abides by it. Continue Reading
By- Mathew Schwartz, Contributor
-
News
19 Dec 2004
Transforming the cybersecurity culture
Eleven New Year's resolutions can help employees at all levels empower the security function at their organization. Continue Reading
By- Shawna McAlearney, News Editor
-
News
08 Dec 2004
The security lingo of 2004
This was the year of botnets, zombie PC armies and phishying online schemes. Continue Reading
By -
News
03 Oct 2004
Training for CISSP Certification: SearchSecurity.com's Security School
Study guides for each of the ten domains of the CBK for those preparing to take the CISSP exam or expanding their knowledge of security concepts and practices. Continue Reading
-
News
26 Sep 2004
Authorize.Net says it has 'learned' from attack
The credit card processing service was unprepared for the kind of attack it suffered last week, but it will use the experience to improve security. Continue Reading
By -
News
19 Sep 2004
Hackers costing enterprises billions
Symantec's semi-annual Internet Threat Report finds hackers continued adding billions to the cost of doing business on the Internet. Continue Reading
By -
News
27 Jul 2004
New attacks and vulnerability trends highlighted at Black Hat
Presentations beginning today will analyze vulnerabilities, zero-day code, phishing and secure wireless deployment, among many other topics. Continue Reading
By- Shawna McAlearney, News Writer
- News 25 Jul 2004
-
News
18 Jul 2004
Debian fixes multiple flaws
Denial-of-service, buffer overflow and format string vulnerabilities in Debian GNU/Linux that an attacker could use to remotely execute malicious code has been fixed. Continue Reading
By -
News
21 Jun 2004
Users at risk after web host attack
Users have been warned to brace themselves for attacks on sites which provide patch downloads and web hosting services. Continue Reading
By -
News
23 May 2004
Hacking for Dummies: Chapter 10 -- Wireless LANs
Read Chapter 10, Wireless LANs, from the book "Hacking for Dummies" written by Kevin Beaver. Continue Reading
-
News
13 May 2004
Hacking For Dummies: Chapter 7 -- Passwords
In his latest book, "Hacking For Dummies," Kevin Beaver takes the reader into the mindset of a hacker in order to help admins fend off vulnerabilities and attacks. Continue Reading
- News 11 Apr 2004
-
News
04 Jan 2004
Security legislation: Where's the breach?
Security legislation isn't all that it's cracked up to be. Find out how California's SB 1386 is letting some breaches fall through the cracks. Continue Reading
By- Michael Fitzgerald, Contributing Writer
-
Feature
24 May 2002
Essential contacts
The security arena is like every other aspect of the IT industry, suppliers and special interest groups come and go. However,... Continue Reading
-
Feature
31 May 2000
MoD slated for unresolved Chinook testing issues
BCS member Andrew Rivers has raised a series of questions with his local MP about the computer systems on board the Chinook helicopter which crashed over the Mull of Kintyre in 1994, killing 29 security officers and four crew Continue Reading
By