Find network and information security news, reviews and analysis, covering data protection, privacy, endpoint security, and security management.
  • Software vs. the appliance model

    Posted September 21, 2004 - 11:23 am

    As intrusion protection tactics have shifted from the PC out onto the corporate network, many companies are enticed by all-in-one security appliances that combine firewall, antivirus, intrusion detection and vulnerability assessment capabilities in one device. But, can such a solution really substitute for a multi-layered defense?
  • Demand for unified threat management appliances soars

    Posted September 21, 2004 - 11:20 am

    Unified Threat Management devices, which incorporate firewall, intrusion detection/prevention and gateway anti-virus capabilities in a single solution, captured 12 percent of the overall security appliance market in the second quarter while the firewall/VPN segment fell by 17 percent to a 70 percent share, according to IDC's latest Worldwide Quarterly Security Server Appliance Tracker. Total factory revenues for all types of security appliances were $523.4 million.
  • Firefox beats million-download deadline

    Posted September 21, 2004 - 11:18 am

    Demonstrating a voracious appetite among Internet users for a more secure alternative to MS-Internet Explorer, the first preview release of the Firefox 1.0 Web browser, created by open-source developers the Mozilla Foundation, was downloaded over 1 million times in just five days.
  • Symantec Internet Security Threat Report identifies more attacks now targeting e-commerce, Web applications

    Posted September 21, 2004 - 11:16 am

    In the first six months of this year, a whopping 4,496 new worms and viruses were unleashed, the average number of bots jumped from 2,000 to 30,000 a day, and 1,237 new vulnerabilities were discovered, according to Symantec's semi-annual Internet Security Threat Report. Ecommerce was the industry most often targeted by attacks, followed by SMBs, and the Slammer worm was the most common attack.
  • Microsoft-Cisco security fight hurts us all

    Posted September 21, 2004 - 11:14 am

    As Microsoft and Cisco duke it out over their incompatible technologies for authenticating users who access networks remotely, a potential referee is emerging in the form of industry consortium The Trusted Computing Group, which is working on an open architecture that would enable businesses to mix-and-match their security solutions.
  • Hurdles cleared in a CSO's first year

    Posted September 21, 2004 - 11:08 am

    A CSO reflects on her first year in charge of her company's IT security strategy, and she says the job has given her a perspective on her company's business that she'd never had before.
  • Gartner analysts point out the security you don't need

    Posted September 20, 2004 - 2:07 pm

    The plethora of security technologies on the market are enough to overwhelm even the most knowledgeable IT managers, but in sorting through all of the options, it may be helpful to look at what is not needed, according to Gartner Inc. research detailed at Gartner's IT Security Summit conference in London.
  • Apple's latest security hole affects iChat

    Posted September 20, 2004 - 11:49 am

    Apple Computer Inc. has released a fix for a critical security bug in iChat, its instant-messaging program, just a few days after an update that fixed 15 Mac OS X security flaws. Security researchers also expanded their assessment of the impact of a Linux graphics vulnerability.
  • Liquid Machines to acquire e-mail company

    Posted September 20, 2004 - 11:20 am

    In a sign of continued consolidation among security firms, Lexington, Mass.-based Liquid Machines Inc. announced plans to acquire San Francisco-based Omniva Inc. Both companies sell software used to manage digital rights in the enterprise: Liquid Machines for documents, and Omniva for e-mail.
  • Want more secure software? Then give your vendor hell

    Posted September 17, 2004 - 1:05 pm

    Owing to the proliferation of mobile networking technologies and corporate reliance on the Internet, downtime related to security issues will triple, from 5 percent to 15 percent of total downtime, between now and 2008, according to research from the Gartner Group.
  • Jenny Craig goes on a no-spam diet

    Posted September 17, 2004 - 8:27 am

    When weight loss management company Jenny Craig discovered that about half of all incoming email was spam -- despite technologies in place to prevent it -- IT called in some expert help.
  • Cyberextortion a lurking threat

    Posted September 17, 2004 - 8:25 am

    In a modern twist on the shakedown, about 17 percent of 100 companies surveyed by Carnegie Mellon University's H. John Heinz III School of Public Policy (with InformationWeek's Summer Research Fellowship) say they've been targeted by cyberextortionists -- hackers threatening to take down their mission-critical systems if they don't pay up. Additionally, the survey found that less than a quarter of the companies -- 21 percent -- train their employees to respond to security threats and only 37 percent have done a security assessment in the last six months.
  • Virus menace affects 88 percent computers in China

    Posted September 17, 2004 - 8:22 am

    China's Ministry of Public Security says 87.9 percent of all computers in that country have been impaired by a virus, and 36 percent of all computer security incidents are caused by spam.
  • Six secrets of highly secure organizations

    Posted September 17, 2004 - 8:19 am

    The largest security research project ever done -- the "2004 Global Information Security Survey" conducted by CIO and CSO magazines with PricewaterhouseCoopers -- found that among the best security practitioners, security incidents may have been up slightly this year over last year, but downtime and financial losses related to security incidents declined.
  • Hackers jump on Windows vulnerability

    Posted September 17, 2004 - 8:17 am

    Security researchers say the newly discovered JPEG vulnerability in versions of Windows and other Microsoft applications could be used to launch a denial of service attack as well as to create a worm.
  • MyDoom.Y baffles antivirus firms

    Posted September 17, 2004 - 8:13 am

    Anti-virus vendors are puzzled by one of the latest variants of the MyDoom virus, MyDoom.Y, which actually includes a detailed explanation of how the virus works as well as a photo of virus writer charged with creating the Netsky virus.
  • AOL backs away from Microsoft antispam plan

    Posted September 16, 2004 - 4:35 pm

    America Online Inc. (AOL) has decided not to fully support Microsoft Corp.'s Sender ID spam-fighting plan after the Internet Engineering Task Force (IETF) and the open-source community expressed intellectual property concerns.
  • AOL dumps Sender ID, citing open source opposition

    Posted September 16, 2004 - 3:03 pm

    In a reversal, America Online has withdrawn its support for Microsoft's proposed Sender ID standard. The ISP giant said that its decision was largely due to the large opposition to technology in the open source community.
  • Another image problem, this time for Linux

    Posted September 16, 2004 - 12:05 pm

    Another highly critical image-based security hole has been found, sparking a flurry of patches from Linux vendors.
  • Man in the middle

    Posted September 16, 2004 - 10:05 am

    At Geisinger Medical Center in rural Danville, Pa., the chief information security officer grapples with balancing the demand for more open access to patient medical records online with security and compliance requirements.
  • Critical flaws flagged in Mozilla, Thunderbird

    Posted September 16, 2004 - 9:43 am

    The Mozilla Project, the open-source developer of the Mozilla and Firefox Web browsers and Thunderbird email program, has warned of "highly critical" holes in its three core products and is urging users to upgrade immediately to patch the vulnerabilities.
  • On fed payroll, hackers seek to save America

    Posted September 16, 2004 - 9:15 am

    The new cyber security center in the Idaho National Engineering and Environmental Laboratory, sponsored by the U.S. Department of Energy, is relying on a team of White Hat hackers to test the security of the nation's infrastructure, including the computer systems that run railroads, utilities and other fundamental services.
  • Man pleads guilty in massive credit info theft case

    Posted September 15, 2004 - 1:35 pm

    A man charged in one of the largest identity theft scams in U.S. history pleaded guilty to charges of conspiracy, wire fraud, and fraud in connection with identity documents Tuesday and could face up to 50 years in prison, according to a statement from U.S. Attorney David Kelley, of the Southern District of New York.
  • JPEG handling flaw threatens PCs, Microsoft warns

    Posted September 14, 2004 - 5:03 pm

    A security flaw in the way many Microsoft Corp. applications process JPEG images could allow an attacker to gain control over a computer running the software. Any program that processes JPEG images could be vulnerable, Microsoft said in Security Bulletin MS04-028.
  • IETF deals Microsoft's e-mail proposal a setback

    Posted September 14, 2004 - 4:46 pm

    A proposed technology for identifying the source of e-mail messages suffered a blow last week when a group within the Internet Engineering Task Force (IETF) established to study the proposal sent it back for more work, citing concerns over vague intellectual property claims made by Microsoft Corp. covering some of the technology.
Join us:






Join today!

See more content
Ask a Question