News

News Archive

• January 13, 2006 13 Jan'06

  Oracle bundles Fusion tools into one-stop SOA suite

  Oracle is offering a one-stop shop to customers seeking to build a service-oriented architecture (SOA) by bundling together several middleware products.

• December 22, 2005 22 Dec'05

  Gaining access using application and operating system attacks

  In this excerpt from Chapter 7 of Counter Hack Reloaded: A Step-by-Step Guide to Computer Attacks and Effective Defenses, Second Edition, authors Ed Skoudis and Tom Liston explain how security professionals can use exploit frameworks to their ...

• December 21, 2005 21 Dec'05

  Sony struggles to regain trust

  The company is trying to mend a reputation bruised over its antipiracy practices. One advocate for online civil liberties explains why redemption is a long way off.

• December 20, 2005 20 Dec'05

  Guidance turns investigative tools on itself

  The forensics software firm says it was compromised by hackers in November. It's just one in a growing list of companies admitting to recent attacks or lax security.

• December 18, 2005 18 Dec'05

  Trio of trouble: Malcode targets Windows, IM users

  AV firms warn IT shops to guard against Dasher, Bagle and Banbra. Dasher targets a Windows flaw patched in October, while Banbra spreads through IM.

• December 14, 2005 14 Dec'05

  Flaws reported in Trend Micro ServerProtect

  Storage and security managers should be wary of vulnerabilities in the AV product that could enable a denial-of-service and malicious code execution. Workarounds are available.

• December 14, 2005 14 Dec'05

  Hospital ditches EMC Centera for long-term archiving

  UHCS in Augusta, Ga., is replacing its Centera archiving system from EMC with IBM's GMAS product after performance, reliability and cost issues forced it to seek alternatives.

• December 14, 2005 14 Dec'05

  Roundup: 2005's 'curious malicious code'

  These viruses, worms and Trojans sometimes escaped our notice. But it didn't get past one antivirus vendor, who rounded up some of the year's stranger offerings from the underground.

• December 12, 2005 12 Dec'05

  Two Windows patches coming, IE fix uncertain

  It remains to be seen whether the software giant on Dec. 13 will address an outstanding Internet Explorer issue that is currently the target of a malicious Trojan.

• December 12, 2005 12 Dec'05

  Titan Rain shows need for better training

  SANS says the Chinese-based attacks demonstrate the growing sophistication of hackers, and the need for IT admins who can articulate the dangers to execs.

• December 12, 2005 12 Dec'05

  Experts: Encryption not a security cure-all

  Encrypting data offers some protection, but secure applications require much more than cryptography. Experts weigh in on your security options.

• December 08, 2005 08 Dec'05

  IP cloaking becoming a business necessity

  Just by browsing your competitor's Web site, you might be giving away your company's most guarded secrets. Experts offer advice for countering the subterfuge and keeping secrets safe.

• December 07, 2005 07 Dec'05

  Security pros gain ground in the board room

  Executives are paying more attention to their IT security managers and taking more responsibility for online threats against their companies, according to a new study.

• December 06, 2005 06 Dec'05

  Cybersecurity policy takes cooperation, trust, experts say

  At the Infosecurity confab, experts explain why sharing information -- even when it's embarrassing -- is vital to securing not only corporations, but also the national infrastructure.

• November 30, 2005 30 Nov'05

  Out-of-cycle IE patch may be imminent

  Microsoft may release a critical Internet Explorer fix before the next Patch Tuesday, amid reports that malicious code is targeting a memory corruption flaw.

• November 29, 2005 29 Nov'05

  By the numbers: The new SOX breakdown

  SOX spending for 2006 is expected to be on par with last year but it's not quite dÉjÀ vu all over again. More dough will go to technology.

• November 28, 2005 28 Nov'05

  Who owns and administers the internet's addresses?

  Given that IPv4 addresses are a finite resource, we can expect concerns over their distribution to increase in the coming years.

• November 28, 2005 28 Nov'05

  Step 6: Configuring wireless clients

  With wireless networks proliferating it is a good idea to understand what it takes to build a VPN for a wireless gateway. Contributor and Microsoft MVP Brien Posey details the necessary steps in this step-by-step guide.

• November 22, 2005 22 Nov'05

  Influential survey says security 'set back by 6 years'

  Update: The SANS Top 20 vulnerability list for 2005 shows the bad guys attacking flawed apps and paying more attention to network holes.

• November 21, 2005 21 Nov'05

  Wireless security: Public Wi-Fi could open security holes

  A Michigan county is working to give everyone within its borders wireless Internet access. But when it comes to security, users are on their own.

• November 20, 2005 20 Nov'05

  Wireless security crucial to railway safety

  A transportation firm uses wireless technology to keep the trains running on time. But securing mobile devices isn't easy when they're spread across the globe.

• November 16, 2005 16 Nov'05

  Step 3: GnuPG and WinPT: Setup

• November 16, 2005 16 Nov'05

  Step 2: Public keypairs

• November 16, 2005 16 Nov'05

  Wireless security: Companies deal with software updates

  A health care provider found it could use wireless technology to dramatically boost patient care. But first it had to figure out how to deploy security updates over a wireless network.

• November 16, 2005 16 Nov'05

  Step 4: Encrypting e-mail in WinPT

• November 14, 2005 14 Nov'05

  Hackers installing keyloggers at a record rate

  iDefense researchers have found that keylogger infections are up 65% over the year before, putting the private data of tens of millions of users at risk.

• November 14, 2005 14 Nov'05

  Sony rootkit uninstaller causes bigger threat

  Princeton researchers say a security hole that appears when users try to remove Sony's copy protection software presents an even greater risk than the original rootkit.

• November 14, 2005 14 Nov'05

  Demand for development skills soars as firms seek business edge

  Computer Weekly salary survey shows IT departments eager to secure skills for the future.

• November 10, 2005 10 Nov'05

  Security Bytes: FTC cracks down on alleged spyware distributors

  Patches fix serious RealPlayer flaws, IM malcode launches phishing attacks; Microsoft warns of Macromedia Flash flaw; Liberty Alliance pushes stronger authentication; FEMA data security is in question; patches fix Veritas flaws and TransUnion ...

• November 10, 2005 10 Nov'05

  IBM targets SMEs with storage products

  IBM has launched the first in a range of new storage products aimed at the SME market, following its link-up with Network Appliance.

• November 09, 2005 09 Nov'05

  Trojans target Sony DRM and Windows

  Security researchers track two new Trojan horses. One exploits the Sony DRM program. The other could possibly take aim at the Windows flaw Microsoft patched this week.

• November 08, 2005 08 Nov'05

  Sony takes second stab at DRM patch

  But a top executive's response to criticism over the company's use of rootkit technology has added fuel to the backlash.

• November 06, 2005 06 Nov'05

  Hacking Windows: MSRPC vulnerabilities

  In this excerpt from "Hacking Exposed, Fifth Edition: Network Security Secrets & Solutions," authors Stuart McClure, Joel Scambray and George Kurtz introduce MSRPC vulnerabilities and countermeasures.

• October 24, 2005 24 Oct'05

  Reporter's Notebook: NYC 'controls the software industry'

  At Information Security Decisions: a security "rock star" rages against the Microsoft machine; banging the drum for enterprise security; a sour note on zero-day exploits.

• October 20, 2005 20 Oct'05

  Author delves into novel attack methodologies

  Review of Silence on the Wire, a book about security attack methodologies such as passive fingerprinting.

• October 19, 2005 19 Oct'05

  Elements of a data protection strategy

  In this excerpt from Data Protection and Lifecycle Management, Tom Petrocelli addresses the importance of securing data for regulatory compliance and outlines the five components of a data protection strategy.

• October 17, 2005 17 Oct'05

  How avian flu could threaten IT security

  Experts say a potential bird flu pandemic could have a disastrous effect on IT infrastructures. But if companies plan well, those infrastructures could also help minimize chaos.

• October 12, 2005 12 Oct'05

  Quiz: What's your infosec IQ?

  We've collected our toughest questions to see how well you stand up to a challenge. Put your knowledge to the test and let us know how you do.

• October 12, 2005 12 Oct'05

  Symantec fixes 'critical' Veritas flaw

  Attackers could launch malicious code by exploiting a security hole in Veritas NetBackup servers and clients. But Symantec has released a fix.

• October 10, 2005 10 Oct'05

  Don't discount software distribution sites as attack vectors

  There's a potential downside to update sites, which offer virtually untapped riches to bad guys wanting to compromise your network. Just ask the author.

• October 07, 2005 07 Oct'05

  Service approach will bring benefits to applications development says Gartner

  Service-oriented development of applications (SODA) is the best way to approach globally distributed application development and maintenance, according to a new report by Gartner.

• October 03, 2005 03 Oct'05

  How to break into a computer that is right at your fingertips

  Stressing the importance of physical security, Joel Dubin explains how a hacker can bypass a BIOS password and break into a computer.

• September 29, 2005 29 Sep'05

  Find out how to bridge the communications gap

  Communications between the business and IT will be the subject of the next meeting of the Computer Weekly 500 Club (CW500).

• September 27, 2005 27 Sep'05

  Secure your extended enterprise

  How do you achieve the fine balance between ensuring that there is truly free access to sensitive information, without sacrificing security?

• September 26, 2005 26 Sep'05

  NHS trust creates wireless record

  University College London Hospitals (UCLH) NHS Trust has created the UK's largest single wireless network to support 7,000 users across eight hospitals.

• September 26, 2005 26 Sep'05

  IT spending at midsized companies: How much does size matter?

• September 26, 2005 26 Sep'05

  Secure the interests of your extended enterprise

  How do you achieve the fine balance between ensuring that there is truly free access to sensitive information and applications from both inside and outside the firewall, without sacrificing security?

• September 26, 2005 26 Sep'05

  Gartner stresses SOA and WS importance

  Leading analyst stresses importance of SOA and web services

• September 22, 2005 22 Sep'05

  Who best to avert data security disaster: government or business?

  People look to government to prevent catastrophe. But in the Information Age, some of those people, namely those working in IT shops, need to do their part to protect us.

• September 22, 2005 22 Sep'05

  Telework key to surviving security disaster, expert says

  Cybersecurity Industry Alliance Executive Director Paul Kurtz explains why telework may be crucial to surviving The Big One.