Security

RSS
Find network and information security news, reviews and analysis, covering data protection, privacy, endpoint security, and security management.

  • ITwhirledRSS

    Hardening Windows Systems

    Posted September 13, 2004 - 3:33 pm

    ISBN: 0-07-225354-1

    Posted with permission of McGraw-Hill/Osborne. Click here for a detailed description and to learn how to purchase this title.

  • As It HappensRSS

    Protecting Linux servers

    Posted September 13, 2004 - 12:12 pm

    If you move from Windows to Linux, you need to pick up a whole set of new security skills. This tip will help you get started by explaining your firewall options.

  • ITwhirledRSS

    Symantec launches antiphishing service

    Posted September 13, 2004 - 10:08 am

    Symantec Corp. is fishing for dollars with a new brand protection service that will use its global network of researchers and its desktop software to help companies combat the ongoing epidemic of online identity theft, or "phishing," scams.

  • Author: Insiders top high-tech crime threat

    Posted September 10, 2004 - 1:43 pm

    The author of a new book, High-Tech Crimes Revealed, discusses insider threats, high-tech forensics and real cybercrimes vs. the hype in this Q&A.

  • Firewall/VPN security appliance market heating up as big business deploys solutions

    Posted September 10, 2004 - 1:37 pm

    Secure Socket Layer (SSL) VPN shipments increased by 160% during 2003, in an otherwise soft IT market, driven by the need to provide mobile employees with secure remote access. Overall, firewall/VPN security appliance shipments grew by 27 percent, as large corporations moved from product trials to mass deployment.

  • Telenor takes down 'massive' botnet

    Posted September 10, 2004 - 1:26 pm

    In Norway, telecommunications company Telenor announced that its security staff has located and dismantled a network of more than 10,000 zombie PCs that were being controlled across Internet Relay Chat (IRC) channels.

  • Trillian MSN module flaw warning

    Posted September 10, 2004 - 11:41 am

    Security researchers have found a flaw in the popular Trillian cross-platform instant messaging client that can be exploited to cause a buffer overflow. The vulnerability is within Trillian's MSN module, which connects it to the Microsoft chat network.

  • Tech industry presents less-than-unified defense

    Posted September 10, 2004 - 11:33 am

    In part 2 of a two-part investigative series, security experts and industry executives tell USA Today that relying on end-users to secure their own PCs is "akin to making car drivers responsible for installing their own seat belts," and assert that the industry must join forces to put up a unified defense against cyberattacks.

  • Lies, damned lies and computer security

    Posted September 10, 2004 - 11:21 am

    A corporate executive who regaled attendees of a conference on HIPAA compliance with a story about how his IT security pros had thwarted a phishing attack by breaking into the perpetrator's Hong Kong-based server was himself the victim of an IT spoof, says columnist Paul Murphy. The tactics his team said they used might be doable by someone like the character Marshall on "Alias," but in the real world, unlikely.

  • ITwhirledRSS

    Back-to-school, politics spur spam to new heights

    Posted September 10, 2004 - 10:18 am

    Spurred by back-to-school sales and political pitches, spam e-mail accounted for 82 percent of all the inbound e-mail processed during August, and made up 90 percent of all mail sent during one spam-filled day last month, according to an e-mail security firm.

  • ITwhirledRSS

    Spam on the menu at annual virus conference

    Posted September 10, 2004 - 10:04 am

    Spam - and how to stop it - will be a major topic at this year's Virus Bulletin conference in Chicago. The interest in spam reflects the increasing prominence of the problem and the wandering eyes of antivirus technology companies, which are looking to broaden the number of ailments their products address.

  • ITwhirledRSS

    More big security holes in Linux

    Posted September 9, 2004 - 10:42 am

    Open-source developers have warned of serious security holes in two Linux components that could allow attackers to take over a system by tricking a user into viewing a specially-crafted image file or opening an archive. Patches exist for the bugs, which affect LHA and imlib.

  • ITwhirledRSS

    Leaked memos link spammers to ISP Savvis

    Posted September 8, 2004 - 4:16 pm

    Internal e-mail messages from Savvis Communications Corp. have surfaced on the Internet that show that the St. Louis-based ISP catered to online e-mail marketing companies it suspected of sending out spam e-mail, even using "subversive business methods" to help spammers stay online after their Internet addresses were blacklisted.

  • 'Trusted' systems move to mainstream

    Posted September 7, 2004 - 4:29 pm

    Should you be using a trusted operating system? They can tighten enterprise infrastructure security by placing an access control scheme on servers that is more thorough than the DAC (discretionary access control) found in most operating systems, such as Windows, Unix and Linux.

  • As It HappensRSS

    Open sourcers revolt against Microsoft antispam plan

    Posted September 7, 2004 - 4:12 pm

    Two prominent open source software groups have rejected a proposed technology standard backed by Microsoft that would close a loophole used to send spam, citing unresolved patent and licensing issues with the standard known as Sender ID.

  • As It HappensRSS

    Red Hat offers bug fixes, security upgrades

    Posted September 7, 2004 - 3:56 pm

    Red Hat has released Enterprise Linux 3 Update 3, which offers improved security, fixes of bugs, and support for IBM's Power5 servers.

  • Staff PDAs unprotected, corporate data at risk

    Posted September 7, 2004 - 3:53 pm

    Although 50 percent of the companies surveyed by security specialists Pointsec Mobile Technologies, in its Mobile Vulnerability Survey 2004, have a mobile security policy in place, researchers found that two-thirds of PDAs contain sensitive corporate and personal data but users do not employ a password or encryption to protect the data, leaving companies and employees exposed if the device is lost.

  • Sensitive corporate data just $10 on eBay

    Posted September 7, 2004 - 3:48 pm

    A disk drive purchased for $10 on auction site Ebay exposed a European financial services firm's sensitive data, including employee pension plans, customer databases, financial information, payroll records, and login codes and and admin passwords for the company's intranet. The drive was purchased by researchers from Pointsec Mobile Technologies as part of a study into the accessibility of corporate data via lost laptops and hard drives. The group puchased 100 disks and laptops from various sites and found that seven of 10 contained readable information although they had been "wiped clean" or "reformatted."

  • Spam mushrooms

    Posted September 7, 2004 - 3:41 pm

    Spam continues to plague e-mail inboxes despite the passage of the Can-Spam Act to reduce unsolicited commercial e-mail, according to a new study by research firm IDC, which found that spam comprises 38 percent of all e-mails sent in 2004. That's up two percentage points from a year ago.

  • SP2 vs. the plug-ins

    Posted September 7, 2004 - 3:37 pm

    Since Microsoft's XP SP2 has blocked ActiveX controls, which enable users to load plug-ins in Internet Explorer, from running by default, some companies are worried about their ability to distribute legitimate software via the Web.

  • Strange bedfellows in e-mail case

    Posted September 7, 2004 - 3:22 pm

    A number of civil liberties groups have filed a "friend of the court" brief with the 1st Circuit Court of Appeals supporting the Justice Department's appeal of a court ruling that would allow Internet Service Providers to intercept and monitor their customers' email addresses. The filings stem from the case of an online bookseller who offered his clients free email accounts and then sifted through their emails looking for messages from his biggest competitor, Amazon.com.

  • Army rebuilds networks after hack attack

    Posted September 7, 2004 - 1:34 pm

    The Fort Campbell Network Upgrade, which is estimated to cost as much as $30 million, is underway at the Campbell, Ky., home base for the Army's elite attack helicopter units. The initiative to secure the unit's networks follows a systems hack and is part of its enterprise-wide plan to upgrade all of its computers to MS-Active Directory.

  • Security fears shake up enterprise instant messaging

    Posted September 7, 2004 - 1:30 pm

    Although public instant messaging systems have proliferated among corporate Internet users, security concerns over their use may force companies to ban them and implement enterprise IM systems instead, according to market anlysis by research firm Frost & Sullivan.

  • Spammers skirt IP authentication attempts

    Posted September 7, 2004 - 1:26 pm

    The results of two separate studies into the use of Sender Protection Framework records to reduce spam and phishing attacks suggest that solely adopting the framework does not offer corporations adequate protection. That's because spammers are registering their own SPF records, which authenticate IP addresses of e-mail senders to prevent the forging of return addresses. MX Logic Inc., an e-mail security company, has found that 10 percent of all spam includes SPF records, and e-mail security appliance maker CipherTrust Inc. has released research showing that spam messages registering SPF records exceed legitimate email by 38 percent.

  • Is encryption doomed?

    Posted September 7, 2004 - 1:20 pm

    Researchers at the annual Crypto Conference in Santa Barbara, Calif., last month revealed flaws in a widely used encryption algorithm known as MD5, raising questions about the reliability and long-term viability of currently used encryption techniques.

Join today!

See more content
Ask a Question