IT management

Attackers target two Microsoft security flaws

Symantec warned customers about attacks targeting two Microsoft security flaws -- an unpatched DirectX Media vulnerability and the XML Core Services flaw patched in MS07-042. Continue Reading

By

• Bill Brenner

Backup reporting expands to add capacity planning

Aptare adds capacity planning for primary data storage to its product line, joining Symantec in recent attempts to broaden the appeal of reporting software. Continue Reading

By

• Beth Pariseau, Senior News Writer

Sourcefire acquires open source ClamAV

Sourcefire, maker of the popular Snort open source IDS tool, has acquired ClamAV, an open source email gateway scanning tool. Continue Reading

By

• Bill Brenner

VMware acquires HIPS provider Determina

VMware, the leader in virtualization software, has acquired Determina, a provider of host IPS technology. Continue Reading

By

• Dennis Fisher

3PAR, EqualLogic file for IPOs

The emerging storage companies file S-1 forms with the SEC, though some experts warn they could be headed for a volatile market. Continue Reading

By

• Beth Pariseau, Senior News Writer

College campuses prepare for Microsoft Vista challenges

With new Vista machines coming to campus, the IT shops of academia have no choice but to embrace the latest Windows OS and its security implications. Continue Reading

By

• Bill Brenner

Wal-Mart deploys new data security system

Wal-Mart Stores has deployed a data security and encryption system to secure data going over its global network. Continue Reading

By

• Antony Savvas

Compliance, data breaches heighten database security needs

Experts say database platforms lack robust native encryption, monitoring, assessment and management tools to meet demanding new security requirements. Continue Reading

By

• Neil Roiter, TechTarget

TJX profit takes hit over data breach

TJX says it has spent $256 million responding to the massive data breach that exposed 45 million customers to identity fraud, and the bottom line has suffered as a result. Continue Reading

By

• SearchSecurity.com Staff

Latest Microsoft flaws affect Windows, IE, Excel

Microsoft released nine security updates Tuesday -- six of them critical -- for flaws in Internet Explorer, Excel and other programs within the Windows OS. Continue Reading

By

• Bill Brenner

Asterisk PBX solves enterprise's growing communication problem

An Asterisk-based PBX proved to be the solution to one enterprise's communications growing pains. Continue Reading

By

• Kate Dostart, Associate Editor

Novell to acquire Senforce for endpoint security

Novell is acquiring Senforce, an early network access control supplier, to integrate its endpoint security features and develop an endpoint management suite. Continue Reading

By

• Robert Westervelt, TechTarget

Apple iPhone to provoke complex mobile attacks, expert warns

Mikko Hypponen, director of antivirus research at F-Secure, said he expects mobile malware attacks to escalate thanks to interest in Apple's iPhone. Continue Reading

By

• Bill Brenner

VoIP models and services: Complete guide

With clear, concise explanations of existing VoIP business models and deployment methodologies, this guide will enable you to weigh the pros and cons of each based on your needs. Continue Reading

SMEs’ CRM needs catered for in Sage 200

Accounting software specialist Sage has expanded its business automation software portfolio with the launch of a customer relationship management system, Sage 200. Continue Reading

NAS appliance purchase considerations

NAS appliances are frequently touted for bringing convenience and simplicity to network storage. Appliances include their own dedicated disks for storage and RAID, and most NAS appliances can be upgraded with more or larger disks for additional storage space. However, NAS appliances do pose some disadvantages. Consequently, the choice of NAS appliance requires careful evaluation. Now that you've reviewed the essential issues involved in any NAS product, this guide focuses on specific considerations for dedicated NAS appliances. You'll also find a series of specifications to help make on-the-spot product comparisons between vendors. Continue Reading

Sun adds virtual tape library to Thumper

Analysts say the combo of FalconStor's software, Solaris and Thumper is a good sign of integration from Sun after a disorganised year, but it's unclear if users will be convinced. Continue Reading

By

• Beth Pariseau, Senior News Writer

IT pros impede PCI, Sarbanes Oxley compliance

The biggest barrier to collaboration between IT and compliance professionals is the lack of understanding about risk and compliance issues by corporate IT, according to a survey. Continue Reading

By

• Robert Westervelt, TechTarget

VeriSign employee data exposed in laptop theft

Current and former employees of VeriSign were exposed to potential data fraud when a laptop housing their information was stolen from the car of a former employee. Continue Reading

By

• Bill Brenner

VoIP vulnerability threatens data

VoIP vulnerabilities have now reached a level of sophistication that allows hackers to steal, view or delete data. Continue Reading

By

• Andrew R. Hickey, News Editor

NAS appliance specifications

NAS appliances are noted for their convenience, offering dedicated internal storage that is relatively straightforward to identify and manage. The biggest issue for NAS appliances is avoiding network bottlenecks and supporting expansion without having to proliferate additional appliances across the network. The product snapshots in this chapter highlight key specifications for a cross section of major NAS appliance products. Continue Reading

NAS management software specifications

Network attached storage (NAS) appliances and gateways must be configured and managed using NAS management software that allows administrators to allocate space, manage RAID and storage behaviors, perform routine maintenance, and other tasks. Management software ideally provides interoperability with a variety of NAS devices from different vendors and can automate many of the routine management tasks that would otherwise demand manual attention. The product snapshots in this chapter highlight key specifications for a cross section of major NAS management software products. Continue Reading

Cisco warns of critical IOS flaws

Attackers could exploit multiple flaws in Cisco's IOS to cause a denial of service or remotely execute arbitrary code. Continue Reading

By

• SearchSecurity.com Staff

Subpar security compromises compliance

Pressure to keep trading applications available has nudged security to the back of the development line. Continue Reading

Does compliance make encryption always necessary?

Many organisations look to encryption to protect sensitive data. Yet hundreds of millions of people who use the Internet also use encryption, yet most of them don't even know it. Continue Reading

NetApp revenues fall $61M short of forecast

NetApp announces that its revenues are down 15% from last quarter, blaming a continued decline in data storage spending. Continue Reading

By

• Beth Pariseau, Senior News Writer

Discovery of malware cesspool triggers attack fears

Trend Micro researchers say a malware-infested Web server in Russia, linked to several Italian Web sites, could lead to a large-scale attack. Continue Reading

By

• SearchSecurity.com Staff

Users stand by NetApp -- For now

Users say their view of NetApp and its products hasn't been affected by news of a revenue shortfall, but some say the clock is ticking on new product features they'd like to see. Continue Reading

By

• Beth Pariseau, Senior News Writer

Apple releases fixes for Mac OS X, iPhone vulnerabilities

Apple Computer has released software patches fixing critical vulnerabilities in Mac OS X and its newly released iPhone. Continue Reading

By

• Edmund X. DeJesus, Contributor

Security exec Moritz leaving CA

Ron Moritz will depart after five years as CA's chief security strategist. It's the latest in a string of issues that have called the company's strategy into question. Continue Reading

By

• Dennis Fisher

Users make iSCSI Sans with USB keys

Users say that Open-E's iSCSI San software, which is delivered on a USB stick, is more affordable than prepackaged systems and has more support than free iSCSI target products. Continue Reading

By

• Beth Pariseau, Senior News Writer

Security update fixes Yahoo Widgets flaw

Attackers could exploit a Yahoo Widgets flaw to run malicious code on compromised Windows computers, but a security update is available. Continue Reading

By

• Bill Brenner

VoIP services spell trouble for telcos

The rise of VoIP is paving the way for companies that haven't traditionally sold voice services to do so. Telcos slow to move will be hard pressed to keep up Continue Reading

By

• Zeus Kerravala, Vice President, Yankee Group

Most antispam technologies get failing grade

An independent study finds that many enterprises are not satisfied with traditional antispam technologies. Continue Reading

By

• Robert Westervelt, TechTarget

SaaS: Tricks and traps of uploading data in bulk

The dark side of SaaS is losing control over your data. Learn how to stay in control while uploading data in bulk in this new report from Info-Tech Research. Continue Reading

EMC reports Clariion surge, data archiving slump

EMC's revenues are up this quarter, attributed in part to a big boost in Clariion sales, but CEO Joe Tucci is critical of the company's execution in data archiving. Continue Reading

By

• Beth Pariseau, Senior News Writer

Cisco issues warning for wireless LAN controller flaws

Cisco Systems is warning customers of flaws in its wireless LAN controllers that initially crippled a wireless network at Duke University. Continue Reading

By

• Robert Westervelt, TechTarget

Hifn buys Siafu for storage security, data reduction

Chipmaker Hifn is looking to get into storage systems. It says OEMs are already lined up for encrypted iSCSI SAN and primary storage data reduction products. Continue Reading

By

• Beth Pariseau, Senior News Writer

Apple iPhone crack discovered by security researchers

Researchers have found a way to take complete control of the Apple iPhone by sending a user to a malicious Web site. Continue Reading

By

• Dennis Fisher

New hacking technique exploits common programming error

Researchers at Watchfire Inc. say they discovered a new technique that exploits a common dangling pointer error. Continue Reading

By

• Dennis Fisher

PCI compliance costs often underestimated, study finds

Companies are moving forward with PCI DSS projects, but many are underestimating the costs associated with compliance. Continue Reading

By

• Robert Westervelt, TechTarget

LeftHand refreshes iSCSI SAN software

Version 7.0 of LeftHand's iSCSI SAN software contains dozens of new features, including support for four-way replication and brushed-up thin provisioning. Continue Reading

By

• Beth Pariseau, Senior News Writer

Core Security CEO to step down

Paul Paget, the CEO of penetration testing software vendor Core Security Technologies said he is better-suited for start-ups Continue Reading

By

• Dennis Fisher

Black Hat Las Vegas 2007: Special news coverage

SearchSecurity.com covers all the controversy at this year's show with news, features, podcasts, interviews, exploits and more direct from Las Vegas. Continue Reading

For Boeing, data security, network access still hazy

Boeing is trying to reshape its network security architecture to better protect sensitive systems from threats without degrading employee productivity. Continue Reading

By

• Robert Westervelt, TechTarget

CIOs must be act like venture capatalists, says Gartner

CIOs need to adopt a venture-capitalist approach to IT if they are to remain relevant in the prevailing climate of economic growth, according to Dave Aron, vice-president and research director for Gartner executive programs. Continue Reading

By

• Warwick Ashford, Senior analyst

CDP platform purchase considerations

Busy IT organizations are employing continuous data protection (CDP) technologies to guard data on the fly, essentially eliminating the backup window and allowing granular file and system restoration -- sometimes down to the individual disk write operation. Several CDP appliances are available, but many are implemented in software, and all require careful consideration before purchase. This article focuses on the specific purchase considerations for CDP products. Continue Reading

Zero-day auction site complicates security efforts, IT pros say

WabiSabiLabi, the eBay-like marketplace for zero-day flaws, will make it tougher for companies to ward off attackers, some IT security professionals say. Continue Reading

By

• Bill Brenner

Oracle plans 46 security updates for database, software

Attackers could tamper with database servers and host operating systems by exploiting flaws across Oracle's product line. Continue Reading

By

• Bill Brenner

Oracle's July 2007 CPU has 45 security fixes

Oracle stuffed 45 security updates into its July 2007 CPU, fixing flaws across its product line attackers could exploit remotely to compromise corporate databases. Continue Reading

By

• Bill Brenner

ISO 27001 could bridge the regulatory divide, expert says

Karen Worstell, former CISO at Microsoft and AT&T Wireless, now on the advisory board of Neupart A/S, explains how ISO 27001 can be used to help companies comply with a variety of regulations and standards Continue Reading

By

• Bill Brenner

Videoconferencing tool gives Uno an edge

Videoconferencing has given Pizzeria Uno the ability to bring together more than 200 people and has enabled more efficient and cost-effective communication. Continue Reading

By

• Andrew R. Hickey, Senior News Writer

Antispyware legislation gets tepid reviews

Congress is debating three different bills that would punish spyware pushers, but some IT professionals have their doubts about legislation as a solution to the problem. Continue Reading

By

• Bill Brenner

Zero-day auction site highlights ethical debate

A new auction site plans to cash in on flaw research. Executive Editor Dennis Fisher explores if it's a viable business model and if research should be sold to the highest bidder. Continue Reading

Microsoft July updates for critical Excel, Windows and .NET flaws

Of the six security updates Microsoft released Tuesday, experts expressed the most concern about a critical glitch in the .NET Framework that could leave client machines and Web servers open to attack. Continue Reading

By

• Bill Brenner

Data breaches, compliance drive intellectual property protection

Recent high profile data breaches and compliance pressures are forcing companies to spend more on technology to protect intellectual property, according to a new study. Continue Reading

By

• Robert Westervelt, TechTarget

Google buy shakes up email archiving

Google's acquisition of Postini will boost adoption of Gmail, pushing email archiving players to add support for hosted applications. Continue Reading

By

• Beth Pariseau, Senior News Writer

Unified messaging system updates company's voicemail

Installing a new unified messaging system helped one company in its daily struggles with an outdated voicemail system. Continue Reading

By

• Kate Dostart, Associate Editor

Microsoft preps six security updates for Windows, Office

Microsoft will release six security updates on Tuesday 10 July to address flaws attackers could exploit to launch malicious code and access sensitive information on victims' machines. Continue Reading

By

• SearchSecurity.com Staff

Zero-day auction site opened by Swiss lab

Swiss start-up WabiSabiLabi is offering zero-day findings for qualified buyers. The site could fuel new debate over flaw disclosure. Continue Reading

By

• Bill Brenner

Cisco users upbeat about security direction

Cisco customers say the vendor's security strategy is headed in the right direction, which is why they believe the networking giant's IronPort integration will be smooth sailing. Continue Reading

By

• Bill Brenner

Data migration product specifications

Part of the Tiered Storage Buying guide focusing on product specifications for data migration tools. Continue Reading

Data storage startups emerge from stealth

Three new storage firms have come out of stealth mode this June. Analysts predict the next new crop of startups will focus on wireless storage, reporting and alternatives to RAID. Continue Reading

By

• Beth Pariseau, Senior News Writer

Are PCI auditors pitching products?

Auditors shouldn't be pitching remediation services or products to bring a company into compliance with PCI DSS rules, but some merchants are reporting the practice Continue Reading

By

• Robert Westervelt, TechTarget

SearchSecurity.com Blogs

 Continue Reading

CIOs get solutions to meet governance regulations

CIOs facing a rising bills to meet governance, risk and compliance regulations may be able to control their costs better if they turn to new purpose-built software. Continue Reading

Software to help CIOs meet governance regulations

CIOs facing a rising bills to meet governance, risk and compliance regulations may be able to control their costs better if they turn to new purpose-built software. Continue Reading

By

• Ian Grant

Hacking for Dummies: Test your firewall rules

Before someone else hacks your firewall, test your firewall rules during the self-hacking process to test your network's security. Continue Reading

Iron Mountain buys Accutrac for records management

Continuing its effort to reinvent itself as an online backup and records management company, Iron Mountain announces its second acquisition in this market in as many months. Continue Reading

By

• Beth Pariseau, Senior News Writer

Cisco vows to maintain IronPort tech, talent

As it completes the purchase of IronPort Systems, Cisco vows to maintain IronPort's talent base and make investments to keep its newly-acquired technology fresh. Continue Reading

By

• Bill Brenner

Richard Granger's departure may jeopardise NHS IT programme

Richard Granger's departure from Connecting for Health may jeopardise the stability and success of the politically driven NHS National Programme for IT. Continue Reading

By

• Tony Collins

IBM chief engineer talks green storage

IBM engineer Clod Barrera discusses the growing energy crisis in storage, the need for better power efficiency metrics and the future for "green" products. Continue Reading

By

• Beth Pariseau, Senior News Writer

PCI Council hears complaints, suggestions for changes

Companies with the most stringent security technologies endure hurdles to comply with PCI DSS. Some firms are turning to the upcoming Burton Group Catalyst Conference for answers. Continue Reading

By

• Robert Westervelt, TechTarget

Instant messaging usage increase highlights need for policies

A Burton Group report suggests that all companies should have an IM usage policy, even if they haven't deployed IM yet Continue Reading

By

• Kate Dostart, Associate Editor

Green storage gains ground

HP is just latest vendor to throw its hat into the green storage ring following Pillar Data, HDS and EqualLogic. Continue Reading

Storage Decisions Downloads: Executives' storage guide

Ideas of where firms' storage should be and where it's headed. Also key ways to integrate new technologies, processes and ideas without going over budget. Continue Reading

HP to acquire SPI Dynamics for Web security

HP says it will would bolster Web site assessments and Web application vulnerabilities with its acquisition of Atlanta-based SPI Dynamics Inc. Continue Reading

By

• SearchSecurity.com Staff

Prevent network hacks with secure Web browsing

Hackers can penetrate your network in almost unlimited ways these days, and that includes through your Web browser. Learn how to improve Web browser security and keep these hackers out of your network. Continue Reading

Endpoint fears drive PatchLink-SecureWave merger

Experts say the PatchLink-SecureWave merger makes sense since IT pros want a better way to protect their endpoint devices. But PatchLink's market supremacy is far from assured. Continue Reading

By

• Bill Brenner

Big Microsoft Vista concerns for Big Pharma

The second installment of an ongoing series examining the challenges of deploying Windows Vista and the considerations that go into the decision to roll out the new OS. Continue Reading

By

• Bill Brenner

Will HP do the right thing with SPI Dynamics?

Analysts say HP can dramatically boost its security with the purchase of SPI Dynamics, but some users worry about SPI's technology wilting under the new ownership. Continue Reading

By

• Bill Brenner

Training budgets proving hard to justify without business metrics

Surveys show most companies are still complacent about green computing. But ActewAGL CIO Carsten Larsen is one of a growing number of CIOs taking up the call to make sustainable ICT a bigger priority. Continue Reading

By

• Shamus McGillicuddy, Enterprise Management Associates

VoIP security testing fundamentals

Testing your VoIP security system against all the threats that exist on the network can be a full time job. This guide documents how a VoIP system can be tested and suggest some of the available tools to use -- with a focus on fuzzing tools and methods. Continue Reading

Is a merger or acquisition in Sourcefire's future?

Sourcefire founder and Chief Technology Officer Martin Roesch, talks about how Sourcefire fits into Security 3.0 theme and how the firm may be involved in a future merger or acquisition. Continue Reading

By

• Bill Brenner

Why hacking contests, 'month-of' projects don't help

Ivan Arce, chief technology officer of Core Security Technologies explains why he thinks hacking contests and public vulnerability disclosure projects do little to improve IT security. Continue Reading

By

• Bill Brenner

Microsoft patches Windows Vista, IE 7

Microsoft fixed 15 flaws in a variety of products Tuesday, including Windows XP, Vista and Internet Explorer 7. Attackers could exploit the most serious flaws for remote code execution. Continue Reading

By

• Bill Brenner

The Art of Software Security Testing

Identifying software security flaws including the proper methods for examining file formats. Continue Reading

Connecting for Health briefing claims much of NHS NPfIT complete

A confidential Connecting for Health briefing paper for the prime minister has claimed that much of the NHS's £12.4bn National Programme for IT (NPfIT) is complete - although an integrated national care record system has yet to materialise, and software delivered under the scheme has been criticised by some trusts as not yet fit for purpose. Continue Reading

By

• Tony Collins

Data retrieval strategies: Document management software overview

The role of document management software in data storage and how it can mitigate risk for the enterprise. Continue Reading

Serious flaws put Yahoo Messenger users in peril

Attackers could exploit two serious flaws in Yahoo Messenger to run malicious code on targeted machines, vulnerability trackers warned Wednesday. Continue Reading

By

• SearchSecurity.com Staff

IBM to acquire Watchfire for risk, compliance

IBM agreed to acquire Waltham, Mass.-based Watchfire Corp. to add Web application and compliance testing tools into Big Blue's Rational development platform. Continue Reading

By

• SearchSecurity.com Staff

Watchfire will help IBM build application security

Analysts have been pushing the Security 3.0 concept this week at Gartner's IT Security Summit, and one analyst says IBM's acquisition of Watchfire illustrates the trend. Continue Reading

By

• Bill Brenner

SMBs sample SaaS via telecoms

Telecom XO Communications has announced a new, SMB-focused partnership with Jamcracker, a wholesaler of SaaS technology. Analysts say more telecoms will try to offer SMBs IT services with such deals. Continue Reading

By

• Shamus McGillicuddy, Enterprise Management Associates

Unified communication case studies: What you need to know

Learn how others overcame the expected and the unexpected challenges of a UC deployment in our case studies. Continue Reading

By

• SearchVoIP.com editors

IBM: We're No. 1 in storage hardware

A new combined disk and tape tracker from IDC has IBM trumpeting from the rooftops that it's the market leader. But what's IBM's story when it comes to software? Continue Reading

By

• Beth Pariseau, Senior News Writer

Top spammer indicted on email fraud, identity theft

The arrest may reduce the volume of spam in the short-term, say experts and analysts, but the real spam threat comes from criminal gangs based in Asia and Russia. Continue Reading

By

• Robert Westervelt, TechTarget

Check Point promises more VoIP security, fewer slowdowns

Check Point's enhanced Open Performance Architecture is designed for deeper security of technologies like VoIP without the network performance problems that often come with it. Continue Reading

By

• Bill Brenner

Springing leaks: Getting smart about data loss prevention

Companies are showing increased interest in data loss prevention (DLP) products, but they won't work well unless the business needs are understood and well defined. Continue Reading

By

• Neil Roiter, TechTarget

Google dives into security market

Search engine giant Google has acquired security startup GreenBorder Technologies, making it a bigger player in the wider information security market. Continue Reading

By

• Bill Brenner

HDS adds SAN muscle to archive

Hitachi Data Systems integrates its archive software across its product line and adds important new features, including replication, data deduplication and security. Continue Reading

By

• Jo Maitland, TechTarget