News

IT security

• February 09, 2005 09 Feb'05

  The Controversy of Hacking Books and Classes

  Read this excerpt and download Chapter 1, Ethics of Ethical Hacking from Shon Harris' All-in-One Gray Hat Hacking.

• February 07, 2005 07 Feb'05

  CEOs and CIOs split on IT success

  Business and IT directors are still at loggerheads on key technology issues, according to a new survey by the Economist...

• February 02, 2005 02 Feb'05

  Compressed files strike another blow to AV

  The "alternative" .rar files are picking up where popular .zip files left off as attack vectors.

• January 31, 2005 31 Jan'05

  ID theft remains No. 1 worry

  For the fifth straight year, the FTC said most complaints came from identity theft victims. And that's a problem for enterprises.

• January 23, 2005 23 Jan'05

  Cyberstorm chasers: The folks who look out for the latest Internet threats

  They keep a 'round-the-clock watch on conditions in cyberspace. CTO Johannes Ullrich discusses the volunteer effort behind the SANS Internet Storm Center.

• January 19, 2005 19 Jan'05

  Sun develops Centera competitor

• January 11, 2005 11 Jan'05

  A 'critical' Patch Tuesday

  Microsoft issues three security bulletins for January, two of them critical. Attackers have already exploited some of the vulnerabilities.

• January 10, 2005 10 Jan'05

  Security Bytes: George Mason U. hacked; new Trojans on the loose

  Hackers steal personal data of more than 30,000 members of George Mason University. Two new Trojans emerge. BMC Software buys a Parisian company.

• January 10, 2005 10 Jan'05

  Security on a Shoestring: Creating Internet policies on the cheap

  No matter how small the organization, it's impractical to stand over employees and make sure they properly use the Internet. So here's how to write a decent acceptable use policy, and make sure everyone abides by it.

• January 05, 2005 05 Jan'05

  New solutions for the zero hour

  IT vendors are looking to fill the gap between when a virus first hits and when its remedy is released.

• December 20, 2004 20 Dec'04

  Fixes, workaround for Kerberos 5 vulnerability

  A security hole could be exploited to launch malicious code. But there are fixes and a workaround.

• December 19, 2004 19 Dec'04

  Transforming the cybersecurity culture

  Eleven New Year's resolutions can help employees at all levels empower the security function at their organization.

• December 08, 2004 08 Dec'04

  The security lingo of 2004

  This was the year of botnets, zombie PC armies and phishying online schemes.

• December 05, 2004 05 Dec'04

  Think Sarbanes Oxley extension changes things? Think again

• November 30, 2004 30 Nov'04

  Botnets target the enterprise warn experts

  Versatile and increasingly vicious bots will cause enterprises a lot of grief in 2005, security experts say.

• November 21, 2004 21 Nov'04

  Crash Course: Recovery

  What good is backing up your data if you can't get it back? The goal of this Crash Course on recovery is to make sure you can effectively and efficiently recover data no matter what iteration of the lifecycle it's in. Included here are also hints on...

• November 12, 2004 12 Nov'04

  NTFS permissions

  This excerpt from Chapter 5 of "The definitive guide to Windows 2000 security" discusses the advantages of using NTFS for access control.

• October 28, 2004 28 Oct'04

  MoD may write off £200m Chinook helicopters

  The Ministry of Defence could write off more than £200m spent on eight Chinook Mk3 helicopters.

• October 27, 2004 27 Oct'04

  Spamming the universe

• October 04, 2004 04 Oct'04

  Symantec offers bare metal restore software

• October 03, 2004 03 Oct'04

  Training for CISSP Certification: SearchSecurity.com's Security School

  Study guides for each of the ten domains of the CBK for those preparing to take the CISSP exam or expanding their knowledge of security concepts and practices.

• September 26, 2004 26 Sep'04

  Authorize.Net says it has 'learned' from attack

  The credit card processing service was unprepared for the kind of attack it suffered last week, but it will use the experience to improve security.

• September 21, 2004 21 Sep'04

  Survey shows SOX bringing IT, business together

• September 19, 2004 19 Sep'04

  Hackers costing enterprises billions

  Symantec's semi-annual Internet Threat Report finds hackers continued adding billions to the cost of doing business on the Internet.

• August 27, 2004 27 Aug'04

  Over-specify when buying low cost replacement for Frame Relay

  A project manager reveals how a VPN saved £275,000 a year

• August 24, 2004 24 Aug'04

  Latest worm uses IM to lure victims

  A version of the worm which spread from infected Microsoft Internet Information Services (IIS) web servers in June has been...

• July 27, 2004 27 Jul'04

  New attacks and vulnerability trends highlighted at Black Hat

  Presentations beginning today will analyze vulnerabilities, zero-day code, phishing and secure wireless deployment, among many other topics.

• July 26, 2004 26 Jul'04

  Fewer IT supplier conflicts are going to court

  Law firms have reported a sharp fall in the number of IT disputes reaching the courts over the past 12 months as more users turn...

• July 25, 2004 25 Jul'04

  Know Your Enemy -- Learning about Security Threats: Chapter 8, Legal Issues

  Find out more about the legal issues swirling around the use of Honeypots.

• July 25, 2004 25 Jul'04

  Learning about Security Threats: Profiling

  A look at what it means to be a hacker.

• July 18, 2004 18 Jul'04

  Debian fixes multiple flaws

  Denial-of-service, buffer overflow and format string vulnerabilities in Debian GNU/Linux that an attacker could use to remotely execute malicious code has been fixed.

• July 18, 2004 18 Jul'04

  Enterprise-class RAID functions, part 2: N-way mirroring, splitting and more

  With the convergence of RAID and lower-priced storage technologies, advanced RAID functions can be enjoyed by any small-to-medium sized organization with critical data.

• July 14, 2004 14 Jul'04

  Continuous backup gains traction

  For continuous backup technology, 2004 is the year that vendors have moved from promises to actual products. Although the market is still small -- inhabited by startups such as Revivio, Mendocino Software, Alacritus and XOsoft -- the buzz is ...

• June 21, 2004 21 Jun'04

  Users at risk after web host attack

  Users have been warned to brace themselves for attacks on sites which provide patch downloads and web hosting services.

• June 01, 2004 01 Jun'04

  From exposition to exploit: One security book's story

  A new manual that discloses vulnerabilities may have had a hand in compromises at supercomputing centers this spring.

• May 23, 2004 23 May'04

  Hacking for Dummies: Chapter 10 -- Wireless LANs

  Read Chapter 10, Wireless LANs, from the book "Hacking for Dummies" written by Kevin Beaver.

• May 19, 2004 19 May'04

  IT experts not losing sleep over code theft

  Days after Cisco acknowledged someone may have stolen source code from its network, IT experts said they doubt it will amount to anything catastrophic. After all, source code has made it onto the Internet before, and there's no proof it has ever led...

• May 16, 2004 16 May'04

  Consequences of Cisco source code theft unclear

  Opinions are divided on the impact of stolen data now circulating on the Internet.

• May 13, 2004 13 May'04

  Hacking For Dummies: Chapter 7 -- Passwords

  In his latest book, "Hacking For Dummies," Kevin Beaver takes the reader into the mindset of a hacker in order to help admins fend off vulnerabilities and attacks.

• May 02, 2004 02 May'04

  Return to sender?

  Several researchers have identified a new e-mail attack that can be used to swamp enterprise e-mail servers, as well as some secondary systems.

• April 15, 2004 15 Apr'04

  Bacs launches online billing service

  UK clearing house Bacs has embarked on a joint venture with a US software company to provide an online bill presentation and...

• April 11, 2004 11 Apr'04

  IBM and Cisco battle remote attack vulnerabilities

• March 17, 2004 17 Mar'04

  Best practices for enabling and maintaining compliance

  As part of our Storage Decisions conference preview series, Shaun Mahoney, senior storage engineer for Citigroup, Randy Wilson, assistant vice president of IT at Essex Investment Management Company and Enterprise Storage Group's Peter Gerr discussed...

• March 01, 2004 01 Mar'04

  There's no government like no government

• February 24, 2004 24 Feb'04

  Exploiting Software: How to Break Code, Chapter 7 -- Buffer Overflow

  This excerpt is from Chapter 7, Buffer Overflow of Exploiting Software: How to Break Code written by Greg Hoglund and Gary McGraw.

• January 04, 2004 04 Jan'04

  Security legislation: Where's the breach?

  Security legislation isn't all that it's cracked up to be. Find out how California's SB 1386 is letting some breaches fall through the cracks.

• November 10, 2003 10 Nov'03

  NHS IT plan risky but will not fail, says OGC

  The £2.3bn national programme to modernise health service IT systems is "risky and ambitious" but it has sufficient safeguards in...

• February 06, 2003 06 Feb'03

  Users warned as number of software holes soars

  IT departments were put on alert this week after it emerged that the number of security vulnerabilities discovered in commercial...

• January 29, 2003 29 Jan'03

  Courts Libra system 'is one of the worst IT projects ever seen'

  The cost of the Libra project to provide a national system for 385 magistrates courts soared from £146m to £390m, and the main...

• February 07, 2002 07 Feb'02

  Victory! Lords confirm CW stand - software flaw could have caused Chinook crash

  An historic House of Lords report has this week vindicated a five-year campaign by Computer Weekly for justice after the crash of...