Find network and information security news, reviews and analysis, covering data protection, privacy, endpoint security, and security management.
  • Vaults simplify password management

    Posted April 11, 2005 - 12:21 pm

    Password vaults come in many flavors and run on platforms from cell phones and PDAs to all the various operating systems in common use today. They vary in security as well, from paranoid use of authentication and draconian access rules to easily circumvented and only slightly better than a sticky note. Thus, it is common in organizations using password vaults to identify one particular product and support that product in a secure configuration.
  • Check Point's firewall/VPN now has wireless 'edge'

    Posted April 11, 2005 - 9:31 am

    Check Point's new firewall/VPN appliance aims to please wireless users: it supports the current 802.11b and g standards along with so-called "super G"-speed wireless connections.
  • Mobile application gateways compared

    Posted April 11, 2005 - 9:28 am

    Mobile application gateways provide VPN-level secure access to wireless users without requiring those users to log in repeatedly as they roam from access point to access point. Compare and contrast the different offerings in this article.
  • Comcast suffers DNS outage, denies pharming link

    Posted April 8, 2005 - 2:00 pm

    Problems with the DNS (domain name system) servers at ISP (Internet service provider) Comcast Corp. prevented customers around the U.S. from surfing the Web Thursday, but the company said the interruptions were not linked in any way to a spate of recent DNS attacks known as "pharming" scams.
  • Sun looks to Europe as it develops identity plans

    Posted April 8, 2005 - 1:47 pm

    Regulatory compliance and the delivery of location-based mobile services are two areas in which Sun Microsystems Inc. will sharpen focus over the next 12 months as it seeks to build on the robust growth seen in its identity management business.
  • Sophos warns of fake Microsoft security Trojan

    Posted April 8, 2005 - 1:41 pm

    A new campaign by malicious hackers uses a Web site designed to look like Microsoft Corp.'s Windows update page to trick unwitting Internet users into infecting their computers with a Trojan horse remote access program, according to antivirus experts at Sophos PLC.
  • Critical Microsoft patches coming next week

    Posted April 8, 2005 - 9:11 am

    Microsoft Corp. on Tuesday plans to issue eight security alerts with patches, some critical, for Windows, Office, MSN Messenger and Exchange, it said Thursday.
  • Mozilla readies Firefox security update

    Posted April 7, 2005 - 2:51 pm

    The Mozilla Organization is nearly set to release a maintenance update that will patch recently discovered Java Script vulnerabilities in its Mozilla and Firefox open-source Web browsers.
  • Businesses suffer more downtime from viruses

    Posted April 7, 2005 - 11:47 am

    Virus incidents were up by 50 percent in 2004 over 2003, according to the Virus Prevalence Survey by ICSA Labs, a division of Cybertrust Inc., which found 392 incidents per every 1,000 PCs. Recovery costs were up 25 percent over the previous year.
  • Mobile Trojan kills smart phones

    Posted April 7, 2005 - 11:45 am

    A new smartphone Trojan, dubbed Fontal-A, is spread via warez mobile games and can render Symbian Series 60 phones unusable. Additionally, the only way to get rid of it is to reformat the phone, which will result in total data loss.
  • New domain poisoning attacks Microsoft servers

    Posted April 7, 2005 - 11:45 am

    The DNS cache poisoning attacks that started in March and take advantage of flaws in Microsoft server software are continuing, prompting the Internet Storm Center (ISC) to raise its alert from green to yellow, signifying a significant new threat.
  • Texas bill would replace vehicle inspection stickers with RFID tags

    Posted April 7, 2005 - 11:44 am

    A bill in Texas proposing that vehicle inspection stickers be replaced by RFID tags as a means of enforcing the state's auto insurance laws could result in major privacy violations, two privacy experts say.
  • Bringing security to instant messaging

    Posted April 7, 2005 - 11:43 am

    Although the use of instant messaging in the enterprise is up, many companies fail to factor it into their overall security strategy. But a number of tools are available that require simply adding an extra layer of anti-spam and anti-virus protection to the IM programs.
  • Bigger phishes ready to spawn

    Posted April 7, 2005 - 11:42 am

    In terms of sheer numbers, phishing attacks are slowing down; but in terms of complexity, they're becoming both more sophisticated and more deceptive.
  • Antivirus company warns of new Symbian Trojan

    Posted April 7, 2005 - 10:59 am

    Antivirus company F-Secure Corp. is warning mobile phone users about a new malicious software program that infects phones that use the Symbian Series 60 operating system, preventing the phones from starting.
  • RFID policy panel raises privacy concerns

    Posted April 7, 2005 - 9:42 am

    RFID technology has many current and future benefits, but U.S. policymakers need to be aware of potential privacy and security problems of the rapidly evolving technology, a privacy advocate and a security expert said Wednesday.
  • Security top reason IT pros consider Linux

    Posted April 6, 2005 - 11:28 am

    It appears that the prospect of migrating from Windows to Linux on the desktop has IT professionals in a quandary. While security concerns comprise the top motivator for considering Linux, the migration costs and software compatibility issues mitigate widespread change, according to an online survey of 1,700 IT professionals by market research firm Quorica.
  • Fewer permissions are key to Longhorn security

    Posted April 6, 2005 - 11:27 am

    Software engineers who attend Microsoft Corp.'s annual Windows Hardware Engineering Conference later this month could get their first taste of a new Windows user permissions model that could change the way thousands of programs are developed and run. But as the company prepares for the final Longhorn development push, questions remain about its plans for a new user privileges model called Least-Privilege User Account, or LUA.
  • Open-source security tools touted at InfoSec

    Posted April 6, 2005 - 11:22 am

    Free open-source security tools can help cash-strapped SMBs beef up their network defenses, says a security consultant with Sph3r3 LLC.
  • Report: You may pay too much for handheld security

    Posted April 5, 2005 - 3:33 pm

    According to a study by the Burton Group, many enterprises pay more to secure wireless handheld devices - via antivirus protection, VPNs, and other device security measures - than they spend on the handhelds themselves. The report urges organizations to take a careful look at handheld use to determine what protections are really necessary.
  • Web postcards hide Trojan horse programs

    Posted April 5, 2005 - 12:05 pm

    Beware of Web postcards bearing greetings. That's the advice from The SANS Institute's Internet Storm Center (ISC), which is warning about e-mail messages that pose as Web postcards, then direct recipients to a Web site that installs a Trojan horse program.
  • Firefox, Mozilla bug exposes data

    Posted April 4, 2005 - 2:51 pm

    Security firm Secunia has found a flaw in the Mozilla Organization's Firefox and Mozilla Web browsers that could allow hackers to gain access to private data currently stored in memory. Users are advised to disable JavaScript support until the bug is patched.
  • Germany's Postbank is hit by new phishing attack

    Posted April 4, 2005 - 12:06 pm

    Germany's Postbank AG has been the target of another phishing attack, its third after two back-to-back assaults last year.
  • PHP team patches DoS bugs

    Posted April 4, 2005 - 11:50 am

    The developers behind the open source PHP scripting language have patched versions 4 and 5 of the package to plug up holes that leave PHP-based servers open to denial-of-service attacks.
  • Red Hat patches critical hole

    Posted April 4, 2005 - 11:18 am

    Red Hat is warning enterprise Linux users to update their installations of XFree86 to fix a number of serious security bugs, some of which could allow attackers to take over a system. Affected operating systems include Enterprise Linux AS 3, Enterprise Linux ES 3 and Enterprise Linux WS 3, Red Hat said in an advisory.
Join us:






Join today!

See more content
Ask a Question