News

IT security

  • February 04, 2007 04 Feb'07

    New zero-day attack targets Microsoft Excel

    Microsoft says maliciously crafted Excel files may permit the execution of arbitrary code. Other Microsoft Office applications may be at risk.

  • February 04, 2007 04 Feb'07

    HDS to acquire Archivas for up to $120M

    HDS will acquire archiving software partner, Archivas for close to $120 million stepping up its effort to compete with EMC in this market.

  • February 04, 2007 04 Feb'07

    HP fills in gaps with product updates

    HP announced updates to several of its products, but analysts are wondering what its ultimate strategy will be for storage virtualisation.

  • February 04, 2007 04 Feb'07

    Intrusion detection systems are alive and kicking

    IPS hasn't overtaken intrusion detection systems just yet. Senior News Writer Bill Brenner reveals what customers want when they're shopping for IDS products.

  • January 30, 2007 30 Jan'07

    Microsoft disputes Word zero-day report

    Symantec is warning of a new zero-day vulnerability in Microsoft Word. But Microsoft doesn't believe the flaw is new.

  • January 30, 2007 30 Jan'07

    Lawyers discuss e-discovery gotchas

    During panel sessions at Legal Tech, lawyers provided their insights into the e-discovery process, retention policies and helping judges get up to speed.

  • January 30, 2007 30 Jan'07

    Symantec unveils 'universal ID system'

    Symantec said the goal is to create a universally accepted identity system across all Web sites -- from online financial institutions to retailers -- for millions of consumers.

  • January 30, 2007 30 Jan'07

    Using IAM tools to improve compliance

    Provisioning and password management tools can ease complexity, reduce help desk calls and save money. But they also have an added benefit: they can help with your compliance woes.

  • January 29, 2007 29 Jan'07

    Entrust to sell cheaper hardware tokens

    Security vendor Entrust Inc. will enter the hardware token market selling a $5 one-time password device. Experts say the move could reduce prices across the industry.

  • January 29, 2007 29 Jan'07

    TJX faces lawsuit over data breach

    A class action lawsuit against TJX accuses the retailer of negligence for not doing enough to secure customer data and for keeping quiet about the breach for a month.

  • January 28, 2007 28 Jan'07

    IBM improves data recovery process for TSM users

    Tivoli Storage Manager 5.4, released this week, establishes a disk cache for most recently backed-up files, improving the slow restore times associated with the product.

  • January 28, 2007 28 Jan'07

    IBM to acquire Softek, looks to pump up services biz

    IBM says it intends to use Softek's Transparent Data Migration Facility within its Global Services business.

  • January 25, 2007 25 Jan'07

    Balancing the cost and benefits of countermeasures

    The final tip in our series, "How to assess and mitigate information security threats."

  • January 25, 2007 25 Jan'07

    Attacks targeted to specific applications

    The fourth tip in our series, "How to assess and mitigate information security threats."

  • January 25, 2007 25 Jan'07

    How to assess and mitigate information security threats

    Learn how to assess and mitigate information security threats, like rootkits, worms and Trojans in the tip series created in collaboration with Realtimepublishers and Dan Sullivan, author of The Shortcut Guide to Protecting Business Internet Usage.

  • January 25, 2007 25 Jan'07

    Malware: The ever-evolving threat

    The first tip in our series, "How to assess and mitigate information security threats"

  • January 25, 2007 25 Jan'07

    Network-based attacks

    The second tip in our series, "How to assess and mitigate information security threats."

  • January 25, 2007 25 Jan'07

    Threats to physical security

    Tip No. 6 in our series, "How to assess and mitigate information security threats."

  • January 25, 2007 25 Jan'07

    Information theft and cryptographic attacks

    The third tip in our series, "How to assess and mitigate information security threats."

  • January 25, 2007 25 Jan'07

    IBM tool makes online purchases anonymous

    A new tool makes online purchases anonymous by using artificial identity information. Experts say enterprises need to adopt the technology before it can become a viable option.

  • January 25, 2007 25 Jan'07

    Symantec makes major update to Enterprise Vault

    Symantec adds automated data classification and integration with security products in Version 7.0 of its Enterprise Vault archiving tool; EMC reports record earnings for the fourth quarter.

  • January 25, 2007 25 Jan'07

    Apple fixes Mac Wi-Fi flaw

    The Mac OS X Wi-Fi flaw Apple fixed on 24 Jan was first disclosed as part of the Month of Kernel Bugs in November. Attackers could exploit it to crash the targeted system.

  • January 24, 2007 24 Jan'07

    Microsoft investigates new Word zero-day

    An unpatched memory-corruption flaw in Microsoft Word is the target of "limited" attacks in the wild, Microsoft confirmed Thursday.

  • January 24, 2007 24 Jan'07

    TJX data breach info used to make fraudulent purchases

    Fraudulent purchases have been reported globally, according to a trade association that represents more than 200 banks in Massachusetts.

  • January 23, 2007 23 Jan'07

    Cisco fixes IOS flaws

    Attackers could exploit three Cisco IOS flaws to cause a denial of service or launch malicious code. The networking giant has released fixes.

  • January 23, 2007 23 Jan'07

    McAfee: Malware all about ID theft

    The use of keylogger technology is surging and there's been a 100-fold rise in phishing attacks, according to a new report from McAfee.

  • January 18, 2007 18 Jan'07

    ID theft victim to TJX customers: Mind your data

    Customers should guard their own data, says one ID theft victim. Meanwhile, some in the banking industry say TJX may have stored more data than necessary.

  • January 17, 2007 17 Jan'07

    Data breach at TJX could affect millions

    Retailer TJX Companies said a hacker gained access to its systems exposing the credit card data of millions of customers.

  • January 17, 2007 17 Jan'07

    Companies take IM threats seriously

    Wesabe is a brand new money management community. It takes threats to IM as seriously as those targeting email and web applications

  • January 17, 2007 17 Jan'07

    Did TJX take the right steps after data breach?

    Security experts are mixed on whether TJX acted properly following a massive data breach last month. One expert says potential victims should have been notified sooner.

  • January 16, 2007 16 Jan'07

    Fortify Software to acquire Secure Software

    The acquisition of Secure Software will allow Fortify to expand into the requirements and design phases of the software development lifecycle, the company said.

  • January 16, 2007 16 Jan'07

    Network security threats and answers, by industry

    Michael Gregg offers network pros in various industries security advice and step-by-step solutions to help lock down the network.

  • January 15, 2007 15 Jan'07

    Core Security offers powerful testing tool

    We highly recommend Core Impact 6.0 to security engineers to verify the vulnerability of their networks.

  • January 15, 2007 15 Jan'07

    Apere's IMAG 500 a tough sell

    Product review: Apere says many of the issues we encountered are addressed in its next release, but mid-enterprise businesses may not have the tolerance for this product.

  • January 14, 2007 14 Jan'07

    Storage management software finalists

    Find out who was selected as finalists in the storage management software category for our storage products of the year

  • January 11, 2007 11 Jan'07

    Oracle emulates Microsoft with advance patch notice

    Oracle will patch 52 security flaws across its product line Tuesday, according to its inaugural CPU advance notification bulletin.

  • January 11, 2007 11 Jan'07

    Network security -- Taking the layered approach

    Network security is tricky business. In his new book Hack the Stack, author and security expert Michael Gregg outlines how to secure the network using the OSI model.

  • January 10, 2007 10 Jan'07

    Sophos acquires Endforce to add NAC

    Antivirus vendor Sophos is rounding out its email Web and desktop security software with Endforce's network access control (NAC) software.

  • January 09, 2007 09 Jan'07

    More users increase risk for Volkswagen AG

    With 1.5 million users on the network, Volkswagen AG depends more than ever on strong ID and access management to safeguard intellectual property, according to its CISO.

  • January 09, 2007 09 Jan'07

    Remote flaw in Vista could earn finder $8,000

    VeriSign Inc.'s iDefense Labs is offering an $8,000 bounty to any researcher who finds a remotely exploitable flaw in Windows Vista.

  • January 09, 2007 09 Jan'07

    Network configuration management key to VoIP success

    While companies spend millions on upgrading infrastructure for VoIP, little attention is given to solving the largest source of downtime – configuration-related outages due to human error.

  • January 08, 2007 08 Jan'07

    How far apart can SAN locations be?

    Storage locations can potentially be very far apart, separated by thousands of miles, even around the globe. The real consideration in selecting distance is that of latency...

  • January 08, 2007 08 Jan'07

    Critical fixes for Excel, Outlook and Windows

    Microsoft starts the year with security updates for Excel, Outlook and Windows. Three of the fixes are rated critical.

  • January 08, 2007 08 Jan'07

    Attackers hide malicious code using new method

    Attackers have designed a new way to thwart virus signatures from antivirus vendors, says a new report.

  • January 07, 2007 07 Jan'07

    Bug Briefs: OpenOffice vulnerable to attack

    Other flaws were reported in Apple QuickTime, Mac OS X, Adobe Flash Player, VideoLAN VLC, the Opera Web browser, and Cisco Access Control Server.

  • January 07, 2007 07 Jan'07

    Microsoft nixes four patch bulletins

    Eight security updates were originally scheduled for Patch Tuesday , but Microsoft has decided to hold back on half of them.

  • January 07, 2007 07 Jan'07

    NAC implementation slows as networking budgets grow

    Network Access Control (NAC) implementations will decrease, despite growth in networking budgets.

  • January 04, 2007 04 Jan'07

    Adobe Reader users urged to upgrade

    Adobe Reader 8 fixes serious flaws attackers could exploit for cross-site scripting and other attacks.

  • January 03, 2007 03 Jan'07

    Cisco bolsters security with IronPort buy

    Cisco Systems agreed Thursday to buy Internet gateway security vendor IronPort Systems Inc. for $830 million.

  • January 03, 2007 03 Jan'07

    Cisco software vulnerable to attack

    Cisco's Clean Access software and Clean Access Manager are at risk to attack. A malicious user can access a database snapshot and download it without authentication.