Find network and information security news, reviews and analysis, covering data protection, privacy, endpoint security, and security management.
  • EMC's DeWalt named new McAfee chief

    Posted March 6, 2007 - 10:31 am

    McAfee's board of directors on Monday named former EMC executive Dave DeWalt as the security software company's CEO and president. DeWalt takes the helm of a company tainted by allegations surrounding backdating of stock options by former executives.
  • Security expert cracks RFID chip in U.K. passport

    Posted March 6, 2007 - 9:50 am

    Security expert Adam Laurie, who has worked with RFID and Bluetooth technology, has cracked one of the U.K.'s new biometric passports. The attack, which uses a common RFID reader and customized code, siphoned data off an RFID chip from a passport in a sealed envelope.
  • Month of PHP bugs gets rolling

    Posted March 5, 2007 - 2:23 pm

    Developer Stefan Esser has launched his Month of PHP Bugs project with 11 bugs in five days, including an old flaw reintroduced in a new version of PHP and several known bugs he says are unlikely ever to be fixed.
  • Rootkits evade hardware detection

    Posted March 5, 2007 - 2:16 pm

    Security researcher Joanna Rutkowska has demonstrated several methods that sophisticated rootkits can use to hide from even the most reliable detection method currently available -- hardware-based products that read a system's RAM.
  • 'Turkey' worm looks for Solaris Telnet flaw

    Posted March 1, 2007 - 3:23 pm

    A new worm targeting a flaw in Sun Microsystems Inc.'s Solaris 10 OS delivers crude artsy payloads, including a drawing of a turkey in ASCII text.
  • Security crisis? Keep your cool, expert says

    Posted March 1, 2007 - 9:40 am

    Security managers have to keep their cool and clearly communicate with CIOs during a crisis affecting company networks, a top security official with Microsoft Corp. said Wednesday.
  • German antiterror data law begins Thursday

    Posted February 28, 2007 - 12:03 pm

    A law allowing security officials in Germany to create the largest and most comprehensive pool of personal data ever amassed in the country goes into effect Thursday as the European Union's largest member state moves to protect itself against possible terrorist attacks.
  • Google sharpens malware alerts for webmasters

    Posted February 27, 2007 - 4:04 pm

    Google Inc. has enhanced the way it notifies webmasters that their sites contain malware, improving on a service the Mountain View, California, company launched in November of last year in a partnership with The Stop Badware Coalition.
  • Gov't agency CIOs: IT security remains top concern

    Posted February 27, 2007 - 9:30 am

    IT security remains a top concern of U.S. government chief information officers, but it's also an area where they're making much progress, according to a survey released Monday by the Information Technology Association of America.
  • Diffie: Privacy laws could hurt the little guy

    Posted February 26, 2007 - 10:11 am

    As a co-inventor of public key cryptography, Whitfield Diffie has been credited with making privacy possible in the digital age. In his day job as Sun Microsystems Inc.'s Chief Security Officer, he works out of a corner office in the Sun Labs. Though he describes his job as a "marketing" position, Diffie doesn't sound anything like a corporate pitch man. In this interview, he shares his thoughts on Microsoft, security, and privacy.
  • Mozilla fixes Firefox bugs

    Posted February 26, 2007 - 9:38 am

    Mozilla Corp. has released an update to its Firefox browser, fixing a number of security flaws in the product.
  • Researchers: Second Google desktop attack possible

    Posted February 23, 2007 - 4:33 pm

    Google Inc.'s PC search software is vulnerable to a variation on a little-known Web-based attack called anti-DNS (Domain Name System) pinning, that could give an attacker access to any data indexed by Google Desktop, security researchers said this week.
  • Security Tip: Password cracking reminder

    Posted February 23, 2007 - 12:57 pm

    In the old days, we measured password strength by the time it took for attackers to crack the passwords from the hashes, or other encoded/encrypted formats that they would be retrieved in. The longer your passwords could withstand brute force cracking attacks, the stronger we considered them. unfortunately, attackers have made a quantum leap in password cracking in the last few years.
  • Toshiba secures quantum key distribution

    Posted February 23, 2007 - 10:04 am

    Researchers at Toshiba Corp. have developed a method that they say makes it possible -- barring a change in the laws of physics -- to absolutely secure distribution of encryption keys across a network.
  • Elaborate 'pharming' attack targeted 50 banks

    Posted February 22, 2007 - 10:01 am

    An attack this week that targeted online customers of at least 50 financial institutions in the U.S., Europe and Asia-Pacific has been shut down, a security expert said Thursday.
  • Norton 360 to ship next month

    Posted February 22, 2007 - 9:17 am

    Retailers have begun taking orders for Symantec Corp.'s next-generation desktop security software, and the product is set to ship in the middle of next month, according to Inc.
  • Google patches serious desktop flaw

    Posted February 21, 2007 - 4:25 pm

    Security researchers have discovered a serious flaw in Google Inc.'s desktop software that could be used to wreak havoc on a victim's computer. While Google is automatically delivering a patch, Google Desktop users who want to be sure they are running the latest version of the software can download it
  • Phishing scam uses Google Maps to locate victims

    Posted February 20, 2007 - 8:59 am

    Account holders with at least two Australian banks have become victims of a phishing scam in which malicious code reveals the physical location of affected IP addresses using Google Maps. Bank account holders in Germany and the U.S. have also been targeted.
  • Dodgy program advertised on MSN Messenger

    Posted February 19, 2007 - 10:45 am

    Banner advertisements for a security application said to report false or inflated threats appeared for at least a few days on Microsoft Corp.'s instant messaging (IM) program, prompting warnings from security analysts.
  • Apple OS X users feeling the exploit pinch

    Posted February 16, 2007 - 4:43 pm

    OS X is my operating system of choice and I use it every day. That said, many Apple users have sat smug about the security of the OS X operating system. Pundits have expounded on its BSD roots, its imperviousness to spyware and malware, and overall lack of public exploits. Some have even lauded Apple's superior responsiveness when threats arose, and its commitment to information security. Unfortunately, a lot has changed.
  • Apple updates Mac security

    Posted February 16, 2007 - 3:16 pm

    Apple has introduced three breeds of security update for Mac OS X systems, supporting Intel and PowerPC Macs as well as systems running OS X 10.3.9 'Panther'.
  • Enterprises are uncertain about mobile security

    Posted February 16, 2007 - 10:02 am

    Uncertainty about how to secure mobile phones in the face of increasing threats is slowing enterprise adoption of mobile applications, experts exhibiting at the 3GSM World Congress in Barcelona this week said.
  • Microsoft patches include a surprise

    Posted February 16, 2007 - 9:21 am

    There was a little surprise buried in Microsoft's monthly security bulletins Tuesday. It turns out that Microsoft had quietly slipped out one of the February fixes, just days before its Jan. 30 Vista launch.
  • Study: 70% of Web sites are hackable

    Posted February 16, 2007 - 2:30 am

    On average, about 90 percent of Web sites have some kind of vulnerability and 70 percent have vulnerabilities rated as medium- or high-risk, according to Web site security firm Acunetix, which scanned 3,200 sites.
  • Zero-day attack hits Word

    Posted February 16, 2007 - 2:28 am

    Microsoft has issued a warning that a security hole in Microsoft Word can be exploited to corrupt system memory, enabling a hacker to gain control over a user's machine.
Join us:






Join today!

See more content
Ask a Question