Find network and information security news, reviews and analysis, covering data protection, privacy, endpoint security, and security management.
  • Mobile malware writers 'think outside the square'

    Posted August 27, 2004 - 11:15 am

    Just days after the alleged first Windows CE Trojan horse was identified, a Trojan for rival mobile operating system, Symbian, was discovered.
  • Stopping spam at the source

    Posted August 24, 2004 - 8:48 pm

    In an effort to shut down spammers through reliable e-mail authentication, the Internet Engineering Task Force (IETF) has agreed to fast-track a proposal from Microsoft called "Sender ID," which is designed to ensure that, for all incoming e-mail, the sender's return address is an actual address.
  • Barbarians inside the gate

    Posted August 24, 2004 - 8:42 pm

    While most organizations have built up their defenses against external attacks, many are still underprotected against insider attacks, this article states. Companies need to rethink their definition of "insider" and take steps to protect their IT assets from these "barabarians."
  • Threats and your assets - what is really at risk?

    Posted August 23, 2004 - 11:58 am

    Establishing an IT security policy can be completely befuddling, but a clear analysis of the assets you need to protect and the threats that endanger them will help you get started. Use this tutorial to assess your risk and formulate a security strategy that's right for your small business.
  • Biometric tech puts ID at your fingertips

    Posted August 20, 2004 - 11:37 am

    Biometrics are finding their way into commonplace consumer-facing applications, but are testing the patience of some users. Fingerprint scanning has replaced keys for public lockers at the newly reopened Statue of Liberty, for example, but some tourists said the technology is too cumbersome.
  • Blaster's anniversary shows its impact

    Posted August 20, 2004 - 11:32 am

    A year after the Blaster worm infected nearly 10 million PCs, analysts attribute the event with changing corporate security policies, particularly with regard to patch installation schedules and intrusion prevention strategies.
  • Spam, viruses challenge CIOs

    Posted August 17, 2004 - 8:50 am

    Spam, and the bandwidth it wastes, is the most pressing problem IT managers face. Not only does it slow down production and clog the network, but according to Paul Ducklin, head of technology for Sophos PLC, the real case for clamping down on spam is the huge amount of useless traffic it creates in unwanted replies, which doubles the flow on a network.
  • Hack...hack back...repeat

    Posted August 10, 2004 - 4:31 pm

    A first person account of last week's DefCon, the world's largest annual computer hacker convention. Eight teams of experienced hackers and serious security professionals played predator and prey as they tried to hack into competitors' networks while defending their own. Lessons learned? Five things come to mind.
  • Five security myths

    Posted August 10, 2004 - 3:14 pm

    You've shored up your network perimeter with firewalls and admirable patch management practices. However, those wiley hackers have just moved up the software stack to your Web site. You're probably covered, but just to be on the safe side, make sure you're not clinging to one of these five misconceptions.
  • Small security firm puts spotlight on big vendor bugs

    Posted August 9, 2004 - 10:20 am

    News earlier this week that Oracle Corp. was sitting on patches for 34 undisclosed vulnerabilities in its database software may have come as a surprise to some, but not to David Litchfield, the researcher who discovered the holes.
  • Large numbers of Gaobot Worm variants proliferating

    Posted July 29, 2004 - 4:46 pm

    This article outlines what the maximum protection is against the Gaobot family, as well as its remote access functionality.
  • IT admins find breaking up with IE is hard to do

    Posted July 12, 2004 - 11:18 am

    Security concerns have driven many to reconsider their browser technology choices, but those tasked with removing Microsoft
  • Gartner sees growing need for wireless security policies

    Posted June 14, 2004 - 2:04 pm

    Escalating use of wireless technology means it
  • Linux gets trial NX security support

    Posted June 9, 2004 - 7:41 pm

    Manufacturers of x86-compatible chips have been developing a security technology called NX that is built into computers at the hardware level. The technology needs support in the OS to work, and Red Hat has released a patch to Linux that will allow the open source operating system to take advantage of NX-enabled chips.
  • Canadian bank tackles 'processing glitch'

    Posted June 7, 2004 - 9:25 am

    The Royal Bank of Canada reported that the error resulted in many client transactions not being reflected in customers' accounts.
  • IT managers ready defenses against flaw in wireless LANs

    Posted June 1, 2004 - 1:50 pm

    Recently, researchers discovered that WLANs are vulnerable to a particular kind of denial-of-service attack. But many IT managers contacted by a reporter say that they are aware of the flaw and have a plan to keep their networks up and running.
  • Viruses nip Russia after the Cold War

    Posted May 25, 2004 - 11:26 am

    For all its disadvantages, the former Soviet Union had one hugely overlooked advantage: it kept hackers, crackers and virus writers confined inside the country by restricting their access to the Internet. A decade later, Internet penetration is booming in the region, particularly in Russia, and viruses are epidemic.
  • Spamming for dollars

    Posted May 21, 2004 - 3:39 pm

    The antispam market is hot, hot, hot, but despite the IPO fever, some companies are opting for mergers as an alternative to going public in order to raise capital. (Registration may be required).
  • IP San Security a matter of dedication

    Posted May 20, 2004 - 3:59 pm

    Spoofing, sniffing, denial of service attacks, untrusted networks, and basic physical security (including keypads, armed guards and the like) are just things that can bring your IP SANs to its knees. This article explains how security is very much a discipline that requires regular follow-through and sensible attention.
  • Who owns your e-mail address?

    Posted May 19, 2004 - 4:41 pm

    Despite observations to the contrary, most people believe that their e-mail address belongs to them, and that they have some control over its use and that it should be protected from abuse. A step in the right direction would be to give individuals legal standing to file suit against spammers.
  • Why do spammers spam?

    Posted May 19, 2004 - 4:33 pm

    According to a study by anti-spam vendor Vircom, "Most spammers can get started for under $1,500 and may earn back their initial investment within a few days." Hear from three spammers on why they spam.
  • 802.11 has DoS vulnerability

    Posted May 18, 2004 - 12:49 pm

    Australian researchers have discovered a denial-of-service vulnerability in the 802.11 protocol that underlies all Wi-Fi networks. An attacker could use this hole to disable a network in only a few seconds.
  • China wrestles with growing spam problem

    Posted May 17, 2004 - 7:56 am

    Suresh Ramasubramanian knows about outsourcing. The company he works for, Hong Kong-based Outblaze Ltd., has made a business out of running e-mail and Internet services on behalf of other companies. But there is an outsourcing trend he and others are fighting to stop: A growing number of spammers have moved part or all of their operations to China.
  • Medium-risk holes are biggest problem

    Posted May 14, 2004 - 3:48 pm

    Security-conscious companies are getting better at eliminating high-risk vulnerabilities from their networks, but are beginning to slack off where it comes to medium-risk security holes, according to NTA Monitor Ltd.'s sixth-annual security audit.
  • Show me the numbers

    Posted May 13, 2004 - 11:21 am

    You're talking risk; he's talking ROI. You're talking IP theft; he's talking process protocol. Any CSO who has stood in front of a skeptical CEO and talked about security knows how difficult it is to make IT security a priority for corporate decision-makers.
Join us:






Join today!

See more content
Ask a Question