Find network and information security news, reviews and analysis, covering data protection, privacy, endpoint security, and security management.
  • Anti-virus vulnerabilities strike again

    Posted March 21, 2005 - 3:57 am

    Security researchers have discovered an LHA file processing flaw in the McAfee Anti-Virus Library that makes it vulnerable to stack overflow attacks.
  • Boston College reports network breach

    Posted March 21, 2005 - 3:56 am

    Following a breach of an apparently unpatched on-campus computer managed by a third-party company, officials at Boston College said they have purged the computer of all social security numbers of the school's alumni.
  • Wireless Internet opens new path for thieves

    Posted March 21, 2005 - 3:55 am

    WiFi connections have opened up vast new terrain for cybercriminals, who can commandeer wireless connections to conduct illegal activity and are largely untraceable, law enforcement officials warn.
  • Scam artists dial for dollars on Internet phones

    Posted March 21, 2005 - 3:54 am

    Users of Voice over IP (VoIP) telephony services are wide open to potential security breaches, including worms that could attack VoIP lines, spam (known as SPIT, or "spam over Internet telephony") and, particularly, identity theft. The latter is the most pressing threat, experts say, because of the ease with which scam artists can spoof caller ID.
  • Windows firewalls lacking

    Posted March 21, 2005 - 3:53 am

    A good Windows firewall is hard to find, laments columnist Mark Burnett, who assesses the current options for host-based firewalls for Windows servers.
  • Controversial report finds Windows more secure than Linux

    Posted March 21, 2005 - 3:52 am

    A new study by two security researchers who weighed Windows Server 2003 against Red Hat Enterprise Linux ES3 concludes that in 2004 the Windows OS had fewer vulnerabilities than the Linux flavor and were easier to patch.
  • Symantec, McAfee expand offerings

    Posted March 18, 2005 - 10:58 am

    Anti-virus vendors McAeee and Symantec have each announced expansions to their security products aimed at the SMB customer. McAfee is adding anti-spyware capabilities to ProtectionPilot, the management console in its antivirus suite, while Symantec has introduced a systems continuity service to ensure network uptime.
  • Reversing the phishing life cycle

    Posted March 17, 2005 - 2:37 pm

    The phishing threat continues to grow, although serious efforts to stop it are making inroads.
  • RFID crack raises spectre of weak encryption

    Posted March 17, 2005 - 2:29 pm

    With a little bit of technical acumen and a few hundred dollars, enterprising thieves can walk away with some late model cars and gas them up for free to boot, according to research published by computer security experts at The Johns Hopkins University (JHU) in Baltimore and RSA Security Inc.'s RSA Laboratories in Bedford, Massachusetts.
  • Hackers no longer the focus of information security

    Posted March 17, 2005 - 10:11 am

    Information security today is not about tackling the hacker question but using security models to create business value, according to KPMG risk advisory associate director Rob Goldberg.
  • Holy Father on rootkit writing for fun, profit

    Posted March 16, 2005 - 6:13 pm

    The software developer behind a leading rootkit program says he is motivated by necessity, curiosity and a desire to expose weaknesses in the Windows operating system and security technology. He also isn't too worried about how others might use his software.
  • Alternative browsers and Java lead spyware to IE

    Posted March 16, 2005 - 2:34 pm

    Many users have switched from Internet Explorer to Firefox or other alternative browsers to avoid security problems. But a new spyware program hosted on a Neil Diamond lyrics site can use non-IE browsers and Java to infect Internet Explorer even when it's not running.
  • Companies lining up to root out rootkits

    Posted March 16, 2005 - 9:41 am

    Stealthy, remote system access programs called "rootkits" could fuel the next big wave of malicious code, and are already beginning to influence the design of new Internet worms and viruses, according to security experts. Now security software companies are sitting up and taking notice, releasing software that can spot and remove rootkits from infected systems.
  • Microsoft defends patch previews

    Posted March 16, 2005 - 3:15 am

    Microsoft is defending its Update Validation Program (SUVP) in which it provides a select number of organizations previews of its security patches for additional field testing, saying that the program enables better quality assurance.
  • Microsoft security practice raises concerns

    Posted March 16, 2005 - 3:14 am

    Microsoft has raised concerns within the security community over its practice of giving large customers such as the U.S. Air Force advance versions of its software security patches. While the software vendor says the practice allows for more thorough testing of the patches, skeptics say the information could be leaked to hackers who would exploit unpatched vulnerabilities.
  • Symantec expands Managed Security Services

    Posted March 16, 2005 - 3:13 am

    Symantec has announced that it is adding intrusion prevention technology to its Network Security 7100 series appliances.
  • Johnson & Johnson tackles security pain

    Posted March 16, 2005 - 3:12 am

    New security policies implemented a year ago at healthcare giant Johnson & Johnson have reduced the threats introduced by business partners granted access to the company's network.
  • Study: European IT heads have false sense of security

    Posted March 15, 2005 - 11:41 am

    Many European IT managers find their jobs extremely stressful, and even those that feel that they have done as much as they can to protect their companies against emerging threats are operating under a false sense of security, according to a study out Tuesday.
  • Sprint unveils wireless services

    Posted March 15, 2005 - 11:37 am

    At the CITA conference, Sprint has announced a host of new business-oriented connectivity services, including one that allows the use of a VPN connection over both WLANs and Sprint's wireless data service.
  • Desktop anti-spyware simply doesn't cut it

    Posted March 15, 2005 - 10:42 am

    Desktop anti-spyware solutions alone are ineffective against the malicious software, according to a survey of 300 IT professionals, of whom 84 percent said the spyware problem is worse than or, at best the same as, it was three months ago.
  • The Paris Hilton hacking hoax

    Posted March 14, 2005 - 5:45 pm

    West of lawlessness and anarchy, but why do so many mainstream reporters go brain dead when talking about Paris Hilton? Take, for example, the recent hacking of Hilton's cell phone address book, which frankly was little more than a brazen publicity stunt.

  • Should I worry about cell phone viruses?

    Posted March 14, 2005 - 3:32 pm

    The answer to this question used to be an easy "no"; now it's "that depends." Read on to find out if your phone is at risk.
  • Deceptive duo hacker changes plea

    Posted March 14, 2005 - 11:06 am

    Robert Lyttle, one of the pair known as the "Deceptive Duo" who in 2002 hacked into a classified U.S. Navy database and other sites containing confidential data, has accepted a plea agreement in the federal case against him.
  • What to expect of 'Spamalot'? A lot of spam

    Posted March 14, 2005 - 11:05 am

    About 31,000 Broadway musical fans who had signed up for newsletters associated with the shows "Monty Python's Spamalot" and "Movin' Out" had their names, postal and email addresses exposed due to a security glitch on the musicals' Web sites.
  • SurfControl updates filters to combat phishing attacks

    Posted March 14, 2005 - 11:04 am

    SurfControl has added URL content databases to its Web and email filtering products to help business users better monitor and track phishing threats.
Join us:






Join today!

See more content
Ask a Question