Find network and information security news, reviews and analysis, covering data protection, privacy, endpoint security, and security management.
  • UK government hit with another large computer failure

    Posted November 26, 2004 - 8:47 am

    IT system failures continued to plague the U.K. government this week, when as many as 80,000 civil servants working for the Department of Work and Pensions (DWP) had to deal with what is being described in the local press as the biggest computer crash in government history.
  • Sun in hot water over Java security hole

    Posted November 23, 2004 - 5:06 pm

    Sun Microsystems Inc. has disclosed a serious vulnerability in the Java Plug-in technology within the Software Developers' Kit (SDK) and the Java Run-time Environment (JRE) that allows attackers to bypass the Java sandbox and Java applet security.
  • WinAmp blows another security fuse

    Posted November 23, 2004 - 10:24 am

    For those enterprise IT managers who've been eagerly anticipating the next major WinAmp security flaw, the wait is over. Brett Moore of on Tuesday published details of a security hole allowing attackers to take over a PC when a user visits a specially crafted Web page.
  • Skulls Trojan attacks Symbian mobile phones

    Posted November 22, 2004 - 1:04 pm

    Users of Nokia Corp.'s 7610 smart phone and possibly other phones running Symbian Ltd.'s Series 60 software should be aware of a new Trojan program on the Internet.
  • X marks the Linux security hole

    Posted November 22, 2004 - 12:01 pm

    The X.Org Foundation and several Linux vendors have released updates for the X Window System technology on which most Linux graphical front-ends are based, fixing serious security flaws in a graphics-manipulation component.
  • Euro Web sites spread Bofra worm via banner ads

    Posted November 22, 2004 - 9:58 am

    Web site visitors who clicked on banner ads on a number of popular European Web sites this weekend could have infected their computers with variants of the Bofra worm, experts warned on Monday.
  • Linux phishing attack circulates on Net

    Posted November 21, 2004 - 11:31 pm

    A bogus security advisory that claims to be from Red Hat is warning Linux users of a "critical-critical" security flaw and instructing them to download a patch. But it's really a phishing hoax; if clicked on, the "patch" will infect the user's machine with a Trojan horse.
  • Spam gets religion

    Posted November 21, 2004 - 4:37 pm

    Can spam save your soul? Apparently, some spammers think so, and they're mass emailing you spiritual salvation. But they're flying under the radar because, since they're selling you an idea and not a product, they're not violating the Can-Spam Act. Security company MessageLabs expects an increase in religious spam over the holidays.
  • New Sober variant spreading

    Posted November 19, 2004 - 4:19 pm

    A new version of the Sober e-mail worm started spreading in Europe on Friday, according to antivirus vendors, which have given the worm a midlevel threat rating.
  • Trial sheds light on spamming's lucre

    Posted November 19, 2004 - 11:05 am

    The North Carolina man convicted in the nation's first felony spam trial was generating between $400,000 and $750,000 in monthly income by sending out about 10 million emails a day over 16 high-speed lines.
  • Security stops here

    Posted November 19, 2004 - 10:49 am

    In order to tighten security, CIOs must focus on accountability policies and practices that protect the enterprise from human error and malfeasance.
  • Oracle to deliver security patches quarterly

    Posted November 19, 2004 - 9:43 am

    Starting Jan. 18, Oracle Corp. will provide security patches for all of its products on a quarterly basis, a schedule it believes is most convenient for customers.
  • Managed security

    Posted November 18, 2004 - 8:04 pm

    A managed security services provider (MSSP) can help shoulder the burden of monitoring and managing perimeter security. Here, one MSSP shares its experiences in protecting its clients' front lines.
  • Security on a budget: Measuring ROI

    Posted November 18, 2004 - 5:02 pm

    There's a real hunger within the IT industry to quantify the ROI of security spending - but there isn't broad agreement on how to come up with that all-important number.

    Watch the webcast |

    Read the transcript

  • Selling security to the CFO: How to make a credible case for spending money on IT security

    Posted November 18, 2004 - 4:36 pm

    It's hard to find any company that isn't worried about its information security these days, and with good reason. Chief Security Officers used to be able to get the funding they wanted for critical IT security projects by using newspaper clippings detailing security failures that cost other companies millions of dollars. But no more. Today, many more senior executive CFOs and corporate boards with control of the purse strings are demanding a lot more information on the elusive return on investment and the overall business benefits of these incremental increases in security spending.

    Watch the webcast |

    Read the transcript

  • AOL upgrade packs security tools

    Posted November 18, 2004 - 12:36 pm

    America Online Inc. subscribers on Thursday will receive a raft of new and enhanced security services as part of their standard package with the launch of AOL 9.0 Security Edition, the latest upgrade of the company's fee-based, consumer-focused online service.
  • Japanese officials censor U.S. security critic

    Posted November 18, 2004 - 10:34 am

    A U.S.-based network security expert claimed he was censored by Japanese government officials when he attempted to give a speech in Tokyo last week about problems with the nation's controversial online citizen registry network, called Juki Net.
  • Banks struggle to protect customer identity

    Posted November 18, 2004 - 9:31 am

    With identity threat on the rise -- 9.9 million Americans were victims last year, according to the FTC -- banks are reviewing their account access policies and fraud detection techniques. But a study by Unisys Corp. found a gap between consumers' perceptions of the problem and what banks are actually doing about it.
  • RFID's security challenge

    Posted November 18, 2004 - 9:26 am

    As companies move ahead with RFID, they've given more thought to the ROI than to security issues. But RFID experts are warning that the technology could pose great risks, with breaches possible at the RFID tag, network or data level.
  • More security hiccups for IE

    Posted November 18, 2004 - 9:25 am

    Three more vulnerabilities were identified in Internet Explorer this week, bringing to 19 the total number of flaws disclosed over the last two months.
  • Scumware out there

    Posted November 18, 2004 - 9:24 am

    As spyware becomes more pervasive -- often bringing infected PCs to a screeching halt -- chief security officers are struggling with how to prevent its installation or at least minimize its impact.
  • Q&A with InfoSec Academy's Richard J. Van Luvender

    Posted November 17, 2004 - 5:59 pm

    InfoSec Academy President Richard J. Van Luvender is a big proponent of security. In this interview, he talks about trends in security, training, and certifications.
  • Vendors release slew of Web services products

    Posted November 16, 2004 - 8:58 pm

    A number of companies have released new offerings in the realm of Web services security and SOA appliances.
  • Report: U.K. businesses interested in wireless, clueless on security

    Posted November 16, 2004 - 7:16 pm

    A report from research vendor SonicWALL in the United Kingdom indicated that while 70 percent of surveyed companies either had a WLAN in place or were planning on installing one, less than half had ever had their security audited.
  • IT FORUM: Microsoft talks security, seriously

    Posted November 16, 2004 - 5:25 pm

    Products announced this week to streamline software-patch delivery are just part of Microsoft Corp.'s overall efforts to tighten system security, Scott Charney told attendees of the IT Forum in Copenhagen on Tuesday.
Join us:






Join today!

See more content
Ask a Question