News

IT security

• March 08, 2007 08 Mar'07

  Review: eGuardPost a B+ overall

  eGuardPost is a well-designed and highly capable product that meets an important need. It has strong security and great forensics capabilities.

• March 08, 2007 08 Mar'07

  Review: Sun Java System Identity Manager 7.0 'impressive'

  Hot Pick: Sun Java System Identity Manager 7.0 excels with agentless connectors, scalability and amazing auditing.

• March 07, 2007 07 Mar'07

  Microsoft cancels Patch Tuesday as DST looms

  IT administrators who are struggling to apply all their daylight-saving time (DST) patches will get a break from Microsoft next week, as no new security fixes will be released.

• March 07, 2007 07 Mar'07

  Symantec acquires automated risk assessment firm

  Symantec has acquired Reston, Va.-based 4FrontSecurity, a maker of automated risk analysis and security management tools. An expert says it's the latest sign that the security risk assessment market is heating up.

• March 06, 2007 06 Mar'07

  Tape restoration firm accelerates restores

  National Data Conversion uses Index Engines technology to speed up tape restores for litigation.

• March 06, 2007 06 Mar'07

  Unified communications translates to intelligent communications

  Unified communications and its business benefits were the underlying themes of the keynote presentations yesterday at VoiceCon Spring 2007.

• March 04, 2007 04 Mar'07

  Expert: NAC not a network security cure-all

  According to an expert at Black Hat DC, NAC success demands careful planning and a good understanding of the company network; otherwise, implementations can quickly go awry.

• March 02, 2007 02 Mar'07

  Police force secures data with biometrics

  Humberside Police has issued biometric USB drives among staff to maintain data security.

• March 01, 2007 01 Mar'07

  Linksys, Gateway launch low-end NAS

  Cisco subsidiary Linksys and PC maker Gateway launch new NAS products for small businesses and consumers.

• February 28, 2007 28 Feb'07

  RFID cloning presentation moves forward despite legal threats

  Chris Paget, director of research and development at IOActive spoke mainly about the science behind RFID tags and readers and the inherent security issues of the technology.

• February 27, 2007 27 Feb'07

  McAfee fixes flaw in Mac antivirus software

  Attackers could exploit the hole in McAfee's Virex 7.7 antivirus program for Mac OS X to bypass the malware scanner, but a fix is available.

• February 27, 2007 27 Feb'07

  'Worm' targets Sun Solaris Telnet flaw

  Security researchers have found evidence that a worm is trying to exploit the recently patched Telnet flaw in Sun Solaris. Experts say it's another reason to stay away from Telnet.

• February 27, 2007 27 Feb'07

  Wireless security: IT pros warily watching mobile phone threats

  Security experts have warned repeatedly that mobile phone attacks will grow as the devices become more sophisticated. IT administrators are starting to believe them.

• February 26, 2007 26 Feb'07

  Storm rages again: Self-morphing Trojan uses blogs to spread rootkits

  A new variant of the Storm Trojan that changes with each download is infecting blog sites with malicious URLs, intercepting traffic when visitors try to post comments.

• February 25, 2007 25 Feb'07

  HP announces iSCSI VTL for SMBs

  HP's new iSCSI VTL devices include automated backup capabilities for users with fewer than four servers.

• February 25, 2007 25 Feb'07

  PatchLink acquires STAT Guardian tool

  PatchLink says it will add more muscle to its vulnerability management portfolio by acquiring the STAT Guardian tool from IT vendor Harris Corp.

• February 22, 2007 22 Feb'07

  Google offers 10 GB inbox

  The search engine giant is offering an email application on a subscription basis with five times the storage capacity of the free version.

• February 21, 2007 21 Feb'07

  Cisco warns of IP phone flaws

  Attackers could circumvent security restrictions by exploiting flaws in certain Cisco IP phones, the networking giant warned Wednesday.

• February 20, 2007 20 Feb'07

  Cisco routers threatened by drive-by pharming

  Millions of Cisco routers in circulation could be compromised by a newly-discovered attack technique Symantec calls drive-by pharming, the networking giant warned in an advisory.

• February 20, 2007 20 Feb'07

  Microsoft confirms new IE flaw

  Attackers could exploit a new flaw in Internet Explorer (IE) to access local files on targeted systems, Microsoft confirmed Tuesday.

• February 20, 2007 20 Feb'07

  TJX data breach worse than initially feared

  Hackers had access to a larger amount of customer data, TJX executives said in a statement.

• February 19, 2007 19 Feb'07

  Sourcefire fixes Snort flaw

  Attackers could exploit a flaw in the popular open source Snort IDS tool to cause a denial of service or launch malicious code.

• February 19, 2007 19 Feb'07

  When security firms merge, some users are losers

  Some users see their services improve when IT security vendors merge with other companies or get acquired. Others say they've been left out in the cold.

• February 19, 2007 19 Feb'07

  Quiz: Compliance improvement -- Get better as you go forward

  A five-question multiple-choice quiz to test your understanding of the content presented by expert Richard Mackey in this lesson of SearchSecurity.com's Compliance School.

• February 14, 2007 14 Feb'07

  New attack technique threatens broadband users

  Millions of broadband users across the globe are threatened by a new attack technique called drive-by pharming

• February 13, 2007 13 Feb'07

  Fortune 500 firm takes a crack at data classification

  A life sciences company undertakes a data classification project with Abrevity and discovers the job is never done.

• February 12, 2007 12 Feb'07

  Mobile carriers admit to malware attacks

  Eighty-three percent of mobile operators surveyed by McAfee Inc. say they've suffered malware infections, but two competing security vendors say the overall threat is still small.

• February 12, 2007 12 Feb'07

  Microsoft fixes zero-day flaws in Word, Office

  Twelve security updates from Microsoft fix a range of problems, including a flaw in the Malware Protection Engine and previously-exploited zero-days glitches in Word and Office.

• February 12, 2007 12 Feb'07

  Skype makes more enterprise inroads

  Skype has teamed with FaceTime Communications to give companies more control over Skype use within the enterprise.

• February 11, 2007 11 Feb'07

  Cybersecurity czar signals government cooperation at RSA Conference

  Cybersecurity chief, Greg Garcia told RSA Conference attendees that government, enterprises and academia need to work together to fight growing Internet threats.

• February 11, 2007 11 Feb'07

  Solaris 10 has zero-day Telnet flaw

  Attackers could exploit a zero-day flaw in Solaris 10's Telnet daemon to bypass authentication and gain unauthorized system access, security experts warn.

• February 10, 2007 10 Feb'07

  Cisco VoIP managment guide: Required management tasks

  Comprehensive VoIP management includes the basic network management tasks, but also includes monitoring services such as dial tone delivery, call success rates, telephony delays and impairments, as well as call quality. VoIP telephony management is ...

• February 08, 2007 08 Feb'07

  Roundup: Vista security, breakability touted at RSA Conference

  At RSA Conference 2007, Microsoft extolled the security virtues of its new operating system, but others weren't afraid to demonstrate how Vista security is lacking.

• February 08, 2007 08 Feb'07

  New storage IPOs report losses

  Of the 2006 "graduating class" of storage IPOs, two reported losses this week in their first quarter as public companies.

• February 07, 2007 07 Feb'07

  Briefs: Vulnerabilities found in Trend Micro, Firefox browser

  This week, Trend Micro released a fix for a flaw in its antivirus engine, while no fixes are available for two newly discovered Mozilla Firefox browser flaws.

• February 07, 2007 07 Feb'07

  EMC plans array-based encryption via PowerPath

  EMC's next security move will be array-based encryption through PowerPath by 2008, according to internal documents obtained by SearchStorage.

• February 07, 2007 07 Feb'07

  OSI: Securing the stack, Layer 2 -- Understanding the role of ARP

  Part two of our series on securing the OSI stack looks at the perils of Address Resolution Protocol.

• February 05, 2007 05 Feb'07

  CA backup bug exploitable on Vista

  In what appears to be the first exploit for a third-party app running on Vista, a previously patched buffer overflow vulnerability in CA BrightStor ARCserve Backup has been exploited. One security firm says ISVs aren't taking advantage of Vista's ...

• February 05, 2007 05 Feb'07

  Acopia hypes heterogeneous snapshot

  The file virtualisation startup is blustering about a demonstration of heterogeneous snapshot technology, but is being coy about releasing a product.

• February 05, 2007 05 Feb'07

  Symantec chief: Consumer confidence in data protection is key to online growth

  In his keynote at RSA Conference 2007, Symantec CEO John W. Thompson said Big Yellow is ready for the shifting dynamics in the information security market, and implied that Microsoft's growing presence in security is a conflict of interest for its ...

• February 05, 2007 05 Feb'07

  Rootkit dangers at an 'all-time high'

  Industry experts at RSA Conference 2007 say not only have rootkits become the weapon of choice for malicious hackers, but they've also emerged as useful tools for legitimate businesses trying to exert control over users.

• February 05, 2007 05 Feb'07

  Coviello: In 3 years, no more stand-alone security

  RSA President Art Coviello says today's patchwork of monolithic security devices will disappear in the next three years as security is integrated into the larger IT infrastructure.

• February 05, 2007 05 Feb'07

  VoIP security, unified communications need questioned

  VoIP security issues and questions about the business need for unified communications have stalled adoption of both technologies, according to CompTIA's recent survey.

• February 05, 2007 05 Feb'07

  Gates touts secure access anywhere

  Microsoft's chairman tells RSA Conference 2007 attendees that a combination of authentication and access management strategies is what it takes to protect corporate data, but information security pros are willing to wait for the proof.

• February 05, 2007 05 Feb'07

  RSA Conference 2007: Product announcements

  RSA Conference 2007: Product announcements

• February 04, 2007 04 Feb'07

  RSA Conference 2007: Special news coverage

  Check out news, interviews, product announcements, podcasts and more live from the RSA Conference 2007 in San Francisco.

• February 04, 2007 04 Feb'07

  Vista exploitable, researcher says

  Marc Maiffret, CTO and chief hacking officer of eEye Digital Security, said he has found a way to elevate system privileges by exploiting a flaw in Windows Vista.

• February 04, 2007 04 Feb'07

  CISOs mastering 'softer' skills

  Why CISOs can no longer rely on technology skills alone and what businesses are looking for when recruiting their next information security leader.

• February 04, 2007 04 Feb'07

  Email security buying decisions

  Email security can be a daunting task for SMBs -- how do you go about finding the right product? This tip delves into three approaches to email security and the products available.

• February 04, 2007 04 Feb'07

  Dozens of Web sites spread malicious Trojan

  Update: The same malicious JavaScript keylogger that compromised the Dolphin Stadium Web site last week was found over the weekend on dozens of other high-profile Web sites.