Find network and information security news, reviews and analysis, covering data protection, privacy, endpoint security, and security management.
  • Microsoft releases critical Internet Explorer patch

    Posted April 11, 2006 - 4:05 pm

    Microsoft Corp. has released its security software patches for April, addressing an unpatched bug in the Internet Explorer browser that hackers had been exploiting for several weeks.
  • HP: Enterprises struggling with privacy management

    Posted April 11, 2006 - 2:13 pm

    Enterprises are under increasing pressure to safeguard the privacy and security of personal data, but the complexity of the task is making it difficult to meet higher expectations, a Hewlett-Packard Co. project manager said Tuesday.
  • Identity Theft Primer

    Posted April 11, 2006 - 12:49 pm

    Learn best practices for approaching the challenge of identity theft using a detailed matrix that explores the various types of identity theft and possible mitigating strategies as well as an identity theft lifecycle that presents discrete stages of the identity theft problem. (PDF)
  • McAfee unveils threat center portal

    Posted April 11, 2006 - 10:12 am

    McAfee Inc. has jazzed up its Web site with a new online portal designed to help users research a wide range of security problems. Called the McAfee Threat Center, the portal was launched Monday as part of a redesign of the Web site.
  • Oracle releases, then pulls, database exploit code

    Posted April 10, 2006 - 4:42 pm

    Oracle Corp. appears to have accidentally released details about an unpatched security vulnerability in its database software, including sample code that could be used to exploit the problem. Details of the vulnerability were published last Thursday in a note that was briefly posted to Oracle's Metalink customer support portal.
  • Study: Employees emerging as biggest security threat

    Posted April 10, 2006 - 1:33 pm

    According to the IBM Global Business Security Index released last month, insider attacks represent an emerging security threat for business. The CSI/FBI 2005 Computer Crime and Security Survey echoes these findings, indicating that 56 percent of organizations reported some level of security breach from within their organization.
  • File Sharing Continues to be a Serious Risk

    Posted April 10, 2006 - 9:57 am

    File sharing is indeed a risk to consider. Whether you choose to embrace technical solutions to help protect against information being removed from your company control or policy and awareness solutions to help your users understand the risks of file sharing, it is a very good idea to have this risk on your radar. While it is certainly not a new risk or even one with growing importance, it remains yet another exposure that folks should be knowledgeable of. If you haven't spent some time looking for keywords and filenames associated with your organization on some of the networks, such an assessment may be in order. It is likely to turn up some interesting results.
  • Virus threatens PCs running Linux or Windows

    Posted April 7, 2006 - 6:19 pm

    Hackers have released a sample code for a virus that could infect both Linux and Windows PCs.
  • Companies spooked about smart phone security

    Posted April 7, 2006 - 11:02 am

    More than 60 percent of the respondents to a Symantec survey said mobile security concerns were the main reason they had not provided their employees with Smartphones.
  • HP warns of new printer flaw

    Posted April 7, 2006 - 11:00 am

    Hewlett-Packard has found a vulnerability in the software that controls two of its color printers that could allow hackers to access private information on users' PCs. The company released a patch through its HP Color LaserJet 2500/4600 Software Update version 3.1
  • Another security hole found in IE

    Posted April 7, 2006 - 10:59 am

    Security research firm Secunia has advised that a newly discovered flaw in the way Internet Explorer loads Web pages and Flash animations could aid phishing scams. The flaw exists in IE 6.0 with all current patches as well as IE7 Beta.
  • Compliance, not spyware, drives IT budgets, security execs say

    Posted April 7, 2006 - 10:58 am

    Regulatory compliance is the top-ranked IT security budget driver, according to a group of 50 leading chief security officers surveyed by Merrill Lynch & Co. Protecting against intrusions and unplanned downtime placed second and third. In spite of their concerns, however, 78 percent of the respondents said that less than 10 percent of the overall IT dollars go to security purchases.
  • Researcher: Web services security risks largely ignored

    Posted April 7, 2006 - 8:58 am

    During a conference presentation, researcher Alex Stamos outlined how a number of Web services technologies, including the AJAX (Asynchronous JavaScript and XML) and the XQuery query language could be exploited by hackers to dig up secret information and attack systems.
  • Microsoft set to patch IE, Windows, Office next week

    Posted April 6, 2006 - 4:39 pm

    Microsoft Corp. is set to release five security patches for its products next Tuesday, including a highly anticipated Internet Explorer (IE) fix that will address a bug that hackers have been exploiting over the past two weeks. Along with the critical IE patch, Microsoft will repair three other issues in its Windows operating system, as well as an unspecified problem in Office that is rated moderate.
  • McAfee buys SiteAdvisor

    Posted April 5, 2006 - 4:03 pm

    McAfee Inc. has purchased Web-site rating company SiteAdvisor Inc., the two companies announced Wednesday. Founded by a group of Massachusetts Institute of Technology engineers in April 2005, SiteAdvisor develops automated software that tests Web sites to see whether they install nasty things like spyware or computer viruses.
  • Security fears, cost delay mobile deployments at work

    Posted April 4, 2006 - 1:56 pm

    Around 60 percent of businesses are shying away from deploying mobile devices primarily due to security concerns, according to a new survey conducted by the Economist Intelligence Unit and commissioned by security vendor Symantec Corp.
  • Patch is recommended for McAfee filtering software

    Posted April 4, 2006 - 11:09 am

    A vulnerability in McAfee Inc.'s e-mail filtering software could allow unwanted code to run on a computer, but a patch should fix the problem, according to a security advisory published Tuesday.
  • Symantec Research Labs

    Posted April 3, 2006 - 5:00 pm

    When I visited Symantec's Santa Monica facility for the release of their Internet Security Threat Report last month, I also had a meeting with two of the leaders of their research lab. Two of their initiatives seemed particularly interesting. First, and timely after all the Sony Rootkit mess (hey, Feds, why no arrests of major spyware perpetrators with Sony name badges?), Symantec engineers are rolling out "raw disk virus scanning" technology. Rootkits hide from the file system, so Symantec wants to scan for viruses at the disk block level. If the virus scan ignores the operating and file systems, typical rootkit hiding techniques won't work.
  • WebGoat provides a safe place to learn application security

    Posted April 3, 2006 - 11:08 am

    WebGoat is an interesting tool. It is a complete, java-based environment for exploring web application vulnerabilities, attack techniques and best-practice mitigations. It runs in Windows, Linux and, yes, on Mac OS X. You simply download, install and execute it to get a nice self-guided tour through the world of application security. You can hack away, explore ideas, learn the attack techniques and even use it to teach yourself or others about application security.
  • Trend Micro data revealed due to virus

    Posted April 3, 2006 - 10:49 am

    The failure of a Trend Micro Inc. employee to install his company's own antivirus software led to the uploading of some company reports to a popular Japanese peer-to-peer file sharing network, the company said Monday.
  • DOJ study: Identity theft hit 3.6 million in US

    Posted April 3, 2006 - 10:26 am

    Wondering how likely you are to have your credit card number stolen? Well, according to a comprehensive survey conducted by the U.S. Department of Justice, identity theft is affecting millions of households in the U.S each year and costing an estimated $6.4 billion per year.
  • New generation of IE malware now circulating

    Posted March 31, 2006 - 6:15 pm

    Hackers have posted a new version of malicious software that will make it easier for them to exploit an unpatched vulnerability in Microsoft Corp.'s Internet Explorer (IE) browser. Based on a critical bug disclosed on March 22, the software was posted by hackers Friday to the Web site.
  • Grid computing and security uncertainties

    Posted March 31, 2006 - 3:08 pm

    When Sun's public grid service was hit with a denial of service attack on its firt day of availability, an unspoken "I told you so" hovered in the air. And while it remains to be seen whether the attack will prove to be a setback to Sun's grid service, the lesson to be learned is that "vendors and customers alike must now consider grid security as a part of a company's overall security strategy."
  • Microsoft extends life of security scanner

    Posted March 31, 2006 - 5:50 am

    Microsoft has abandoned its plan to end support for version 1.2 of its Microsoft Baseline Security Analyzer (MBSA) and, instead, will continue to support the software, which enables users to scan computers for unpatched programs, indefinitely, the company said. Users had protested the company's plan because the more recent version of MBSA, released in July, doesn't cover Office 2000, MSN Messenger or the Works suite.
  • Logistics firm uses RFID, sensors to track financial data

    Posted March 31, 2006 - 5:47 am

    An unnamed U.S. bank has contracted transportation company Eagle Global Logistics to use a Web-based tracking system to monitor trucks carrying its sensitive financial data, such as backup tapes containing customers' private financial data.
Join us:






Join today!

See more content
Ask a Question