Find network and information security news, reviews and analysis, covering data protection, privacy, endpoint security, and security management.
  • Whatever happened to security policies?

    Posted April 18, 2007 - 1:18 pm

    A recent audit found that the U.S. Internal Revenue Service had over 400 laptops lost or stolen in the past three years. As a former Yank who's familiar with the harsh rectitude of the IRS, I find this particularly disconcerting. My gut feeling is that if an agency like the IRS, which wrote the book on how to conduct painful audits, can't get its security policies right, who can?
  • Oracle updates leave critical Windows flaw

    Posted April 18, 2007 - 10:03 am

    Some Oracle Corp. customers using the Windows operating system will have to wait another two weeks to receive a critical software update to their database software, thanks to a glitch that came up in testing the company's latest patches.
  • IRS warns of tax phishing scheme

    Posted April 16, 2007 - 3:03 pm

    The U.S. Internal Revenue Service is warning taxpayers to be wary of e-mail messages that provide links to supposedly free tax-filing services endorsed by the agency.
  • IPods targeted by obscure Linux virus

    Posted April 13, 2007 - 1:32 pm

    As threats go this one is very small but the target happens to be one of the biggest in the digital world -- someone has finally got round to writing an iPod virus.
  • Cisco fixes wireless security holes

    Posted April 13, 2007 - 9:33 am

    Cisco has patched a number of security flaws in the software used to manage its wireless networking products.
  • Microsoft warns of dangerous flaw in DNS server

    Posted April 13, 2007 - 8:11 am

    Attackers are trying to take advantage of a newly-disclosed vulnerability in several of Microsoft Corp.'s server products that could alow them to run unauthorized code on affected computers, the company has warned.
  • U.S. agencies still get low cybersecurity grades

    Posted April 12, 2007 - 2:33 pm

    The U.S. departments of Defense and State received F grades, and Homeland Security a D, in the latest scorecard measuring their information security measures.
  • Sophos: China fixing spam problem; U.S. is not

    Posted April 12, 2007 - 9:02 am

    The amount of spam pumping out of China dropped precipitously in the first three months of 2007, security vendor Sophos PLC reported Wednesday. A year ago, computers in China were sending out 21.1 percent of all spam messages, but that number has steadily dropped over the past year, totalling just 7.5 percent in the most-recent quarter, Sophos said.
  • Microsoft contests reports of new Office flaws

    Posted April 11, 2007 - 1:31 pm

    Microsoft Corp. is disputing reports of new three flaws in its Office software while also taking issue in how the alleged flaws were disclosed, the company said Wednesday.
  • 37 Oracle security fixes coming next week

    Posted April 11, 2007 - 9:07 am

    Oracle Corp. will fix a number of products, including the Oracle Database, Application Server, and E-Business Suite, next week as it releases its quarterly batch of security patches.
  • Microsoft investigates reports of new Office flaws

    Posted April 11, 2007 - 8:55 am

    Security experts have discovered more vulnerabilities in Microsoft Word and other software, although hackers do not appear to be exploiting them yet. The flaws have been reported just as Microsoft Corp. releases its latest round of security patches.
  • Microsoft patches critical Windows, server flaws

    Posted April 10, 2007 - 3:38 pm

    Microsoft Corp. has released its regularly scheduled batch of security patches, fixing critical flaws in Windows and the Microsoft Content Management Server.
  • Security Tip: Patch exploitation

    Posted April 10, 2007 - 3:31 pm

    I ask organizations to look beyond the patch issue and force vendors to come up with some creative ways to move beyond the exploit/patch cycle. Little will change until we vote with our wallets.

  • IRS head: All laptops to be encrypted in weeks

    Posted April 10, 2007 - 8:47 am

    After an auditor found serious security problems in the way it handled sensitive data on laptops, the U.S. Internal Revenue Service said it will have all laptops encrypted within the next few weeks.
  • Over 2,000 sites now exploit .ani security flaw

    Posted April 10, 2007 - 8:28 am

    More than 2,000 unique Web sites have been rigged to exploit the animated cursor security flaw in Microsoft's software, according to security vendor Websense Inc.
  • Apple offers AirPort Base Station security fix

    Posted April 10, 2007 - 8:16 am

    Apple Inc. has published a firmware update for its Airport Extreme Base Station that fixes two security flaws in the Wi-Fi router.
  • Security Tip: Don't be seduced by penetration testing certifications

    Posted April 9, 2007 - 12:00 pm

    There's been a lot of recent talk about certifications for penetration testing, but don't be swayed. You must continue to carefully vet your security partners when it comes to protecting your perimeter. Here's why.
  • Not always encrypted, but IRS PCs do phone home

    Posted April 6, 2007 - 9:38 am

    The U.S. Internal Revenue Service (IRS) may not be doing a very good job of encrypting data on its laptops, but it does have a way to recover its lost equipment.
  • After emergency fix, more Microsoft patches ahead

    Posted April 6, 2007 - 9:23 am

    Microsoft Corp. isn't finished with its security fixes for the month. Next week the software maker plans to release five more sets of patches fixing critical flaws in Windows and the Microsoft Content Management Server.
  • An iPod virus?

    Posted April 5, 2007 - 12:43 pm

    Kaspersky Labs says it's discovered the first virus written for the iPod. A great headline, but a really lame virus.
  • Researcher has new attack for embedded devices

    Posted April 5, 2007 - 9:22 am

    Barnaby Jack, a security researcher at Juniper Networks Inc. says he plans to demonstrate a new class of attack that can be used to compromise electronic devices like routers or mobile phones.
  • Security vendor eEye drops CEO

    Posted April 4, 2007 - 9:03 am

    EEye's board of directors has asked CEO Ross Brown to leave the company after just over six months on the job, replacing him with Kamal Arafeh, the company's senior vice president of sales and marketing.
  • Don't use WEP, say German security researchers

    Posted April 4, 2007 - 8:29 am

    The Wi-Fi security protocol WEP should not be relied on to protect sensitive material, according to three German security researchers who have discovered a faster way to crack it. They plan to demonstrate their findings at a security conference in Hamburg this weekend.
  • Microsoft issues emergency Windows patch

    Posted April 3, 2007 - 3:16 pm

    With attackers finding more ways to exploit a critical flaw in its Windows operating system, Microsoft Corp. has published an emergency software patch. The update, released as expected Tuesday morning, actually fixes seven separate Windows vulnerabilities, but security experts are most concerned about a bug in the way Windows processes .ani Animated Cursor files.
  • Netsky still dominates malware landscape

    Posted April 3, 2007 - 2:20 pm

    Although protection has been available for more than three years, the Netsky family of worms still accounted for almost a third of all malware detected during the month of March, 2007.
Join us:






Join today!

See more content
Ask a Question