IT security
-
News
25 Oct 2024
Dutch critical infrastructure at risk despite high leadership confidence
Stark paradox in Dutch cyber security landscape has business leaders expressing high confidence in their IT infrastructure as cyber attacks rise Continue Reading
-
News
11 Jul 2024
Dutch research firm TNO pictures the SOC of the future
In only a few years, security operations centres will have a different design and layout, and far fewer will remain Continue Reading
-
News
20 Nov 2006
Insider security threats come in many forms
Insiders could be the greatest threat to a company's security. The best defense is to let them know Big Brother is watching and a plan to deal with troublemakers. Continue Reading
By -
News
19 Nov 2006
Virtualisation: friend or foe? [Day Two: The virtual appliance]
Virtualisation slashes costs, makes management easier, unshackles software configurations from hardware. And it is being embraced around the world. But is it secure? In this three-part series, Patrick Gray explores the security implications of this important new technology. Continue Reading
By- Patrick Gray
-
News
13 Nov 2006
Trojan poses as Adobe software update
The Trojan keylogger comes in an email that asks users to download the latest version of Adobe Reader. It then tries to steal the user's confidential information. Continue Reading
By- SearchSecurity.com Staff
-
Feature
09 Nov 2006
Security Blog Log: Sailing a sea of spam
This week, bloggers struggle to purge their bloated inboxes. Their experiences lend weight to recent studies showing a breathtaking spike in spam. Continue Reading
-
Podcast
09 Nov 2006
Podcast: Tor peer-to-peer privacy could be hacked
In this edition of Security Wire Weekly, Andrew Christensen of FortConsult explains how the Tor peer-to-peer network can be hacked to track down user identities. Continue Reading
By- SearchSecurity.com Staff
-
News
08 Nov 2006
Storage virtualization acquisitions need careful consideration
Storage virtualization alleviates traditional storage growth problems by implementing a layer of abstraction between applications and physical storage, allowing storage to be combined and treated as a ubiquitous resource, regardless of location. This buying guide helps you understand the most important considerations involved in storage virtualization product selection, identifies specific points of interest for software, hardware and VSAN product categories, and presents a series of basic product specifications that will start you pick the best product for your organization. Continue Reading
-
News
08 Nov 2006
Microsoft to patch critical zero-day flaws in Windows
Microsoft plans to repair five critical flaws in Windows and a flaw in XML Core Services as part of its monthly patch update next week. Continue Reading
By- SearchSecurity.com Staff
-
News
07 Nov 2006
Mozilla fixes Firefox flaws
Attackers could exploit multiple flaws in Firefox, SeaMonkey and Thunderbird to crash machines, bypass security restrictions and launch malicious code. Continue Reading
By -
News
06 Nov 2006
How to manage encryption keys
Encryption is an effective way to secure data, but the encryption keys used must be carefully managed to ensure data remains protected and accessible when needed. Continue Reading
-
News
06 Nov 2006
Agency improves security grades under CISO's watch
CISO Philip Heneghan has made security a way of life for the U.S. Agency for International Development (USAID). His work earned him a Security 7 award. Continue Reading
By- Kelley Damore
-
News
06 Nov 2006
Sourcefire IPO could fuel Snort, users say
Snort users frowned when Check Point tried to acquire Sourcefire last year. But they are more optimistic about Sourcefire's plans to go public. Continue Reading
By -
News
05 Nov 2006
Microsoft eyes second zero-day threat in a week
This time, attackers are going after a zero-day flaw in Windows, and Microsoft has released some workarounds until a patch is available. Continue Reading
By -
News
05 Nov 2006
Mobile device encryption - a practice not often applied
Encryption is the best way to protect data on mobile devices -- but too few companies are actually deploying this critical technology. Continue Reading
By- Shamus McGillicuddy, Enterprise Management Associates
-
Feature
02 Nov 2006
Security Blog Log: Dissecting Firefox 2.0
This week, bloggers examine the security features of Firefox 2.0 and come away with mixed reviews. Does it fare better than Internet Explorer 7? Continue Reading
-
Feature
02 Nov 2006
Review: Arbor Networks' Peakflow X 3.6
Hot Pick: Peakflow isn't cheap and requires an intimate understanding of data flows, applications and network infrastructure. But the investment will pay dividends. Continue Reading
By- Sandra K. Miller, Contributing Writer
-
Feature
02 Nov 2006
Review: Network Intelligence's enVision
enVision offers excellent value and is highly configurable, though typically that means you have to put a lot into it to get the most out of it. Continue Reading
By- Brent Huston, Contributing Writer
-
News
02 Nov 2006
Review: SPI Dynamics' WebInspect 6.1
SPI Dynamics has created a powerful tool for novices as well as advanced users who will appreciate the time and effort it saves. Continue Reading
By- Phoram Mehta, Contributing Writer
-
News
01 Nov 2006
Tor network privacy could be cracked
The Tor network is used by those who want to keep their IP addresses private. But new research shows that it's possible to compromise the system and unmask the user. Continue Reading
By -
Feature
01 Nov 2006
Download Advanced Storage Guide Chapter 2: Backup/Data protection (PDF)
A printable version of our Advanced Storage All-In-One Guide. Download Chapter 2: Backup/Data protection in .pdf format now. Continue Reading
-
News
31 Oct 2006
Flaw found in Firefox 2.0
Attackers could exploit the security flaw to crash versions 1.5.0.7 and 2.0 of the browser, according to various security advisories. Continue Reading
By -
Podcast
31 Oct 2006
Podcast: The state of Oracle security
In this edition of Security Wire Weekly, Oracle DBA Jon Emmons gives his observations about Oracle's new critical patch update format. Continue Reading
By- SearchSecurity.com Staff
-
News
31 Oct 2006
E-vaulting's many faces can confuse IT efforts
E-vaulting is the process that describes how enterprise IT departments ship backup tapes and replicate data to remote disk arrays and VTLs. E-vaulting is not a new concept, but more recently it has grown to mean remote backups and replication for SMBs/SMEs using third-party services. This article examines e-vaulting, highlights the major considerations and roadblocks in implementation, examines the impact of e-vaulting on real-life users and looks ahead at future e-vaulting trends. Continue Reading
-
News
30 Oct 2006
Messaging Security School
SearchSecurity.com's Messaging Security School has brought together some of the most knowledgeable experts in the messaging security field to offer you personal instruction on how to secure the information handled by your organization's knowledge workers. Continue Reading
-
News
30 Oct 2006
Countermeasures for malicious email code
Today's malware continues to raise the security stakes. Enterprises are now facing numerous evolving threats like targeted and blended attacks, zero-day exploits, botnets and phishing schemes. The attacks aren't the only things evolving; so are today's product sets. In this lesson, attendees will get an overview of the email threat landscape, tips for malware protection success and guidance on the future of email attacks. Continue Reading
By- Tom Bowers
-
News
30 Oct 2006
Survey: Data breach costs surge
A new study by the Ponemon Institute finds a 31% increase in the costs associated with a data breach. Continue Reading
By- Robert Westervelt, TechTarget
-
News
26 Oct 2006
Achieving compliance: a real-world roadmap
A security manager's responsibilities extend beyond the technical aspects of the job. These days, effective governance and compliance are just as essential. Continue Reading
-
News
26 Oct 2006
Security Blog Log: The never-ending PatchGuard debate
This week, security vendor fright over the Windows Vista PatchGuard feature permeates the blogosphere. Is Microsoft the boogeyman, or just misunderstood? Continue Reading
-
News
25 Oct 2006
Research shows massive botnet growth
Reports from McAfee and Microsoft show bot herders are gaining ground and threatening national infrastructure. Some suppliers hope to strike back by sharing resources. Continue Reading
By -
News
23 Oct 2006
What storage managers are buying and why, page 7
What storage managers are buying and why Continue Reading
-
News
23 Oct 2006
What storage managers are buying and why, page 6
What storage managers are buying and why Continue Reading
-
News
23 Oct 2006
Security researcher, professor influences students for life
Dorothy Denning, a professor of defense analysis at the Naval Postgraduate School, has contributed to the field of data security. Her work earned her a Security 7 award. Continue Reading
By- Marcia Savage, Editor
-
News
23 Oct 2006
SDL expected to help fulfil Vista security promises
Windows Vista is expected to be the most secure Microsoft product released thanks to the company's implementation of the Security Development Lifecycle (SDL). Continue Reading
By- Michelle Davidson, TechTarget
-
News
22 Oct 2006
Information Security Decisions Session Downloads
Session Downloads from Information Security Decisions 2006 Conference. Continue Reading
-
News
22 Oct 2006
Enhanced Identity and Access Management
From consolidating directories to automating provisioning and rolling out single sign-on, these sessions identify how leading organizations are strengthening authorization and enforcing access controls. Continue Reading
-
News
22 Oct 2006
Snyder On Security: An insider's guide to the essentials
Joel Snyder, senior partner with consultancy Opus One, provides an in-depth look at information security trends and technologies. Continue Reading
-
News
18 Oct 2006
Rural Payments Agency project failed after IT system costs spiralled
Delays in implementing a bespoke IT system led to the Rural Payments Agency (RPA) failing to pay subsidies to farmers on time, according to a National Audit Office report. Continue Reading
-
Feature
16 Oct 2006
Nmap Technical Manual
By now, most infosec pros have heard of Nmap, and most would agree that even though the popular freeware tool is invaluable, installing, configuring and running it in the enterprise is no easy task. With that in mind, SearchSecurity.com, in collaboration with security expert Michael Cobb, has produced an Nmap Tutorial, detailing how this free tool can help make your organization more secure. Continue Reading
-
News
16 Oct 2006
Security Bytes: Flaws fixed in Bugzilla
Meanwhile, security holes are also plugged in Cisco's Wireless Location Appliance software and Clam AntiVirus. Continue Reading
By -
News
15 Oct 2006
Microsoft caves to pressure over Vista security
To accommodate third-party security vendors and appease antitrust regulators in Europe, Microsoft will make some final tweaks to Windows Vista. Continue Reading
By -
News
12 Oct 2006
Microsoft to fold security into Windows division
The software giant said the move would make future Windows development efforts more efficient. The changes take effect after Microsoft releases Vista. Continue Reading
By- SearchSecurity.com Staff
-
Feature
12 Oct 2006
Security Blog Log: Taking Google Code Search for a spin
This week, the blogosphere is buzzing about Google Code Search. Despite concerns that the tool will aid attackers, some see it as a boost for security. Continue Reading
-
News
12 Oct 2006
What to do when your server goes down
When a server goes down at a particular time every night without the prompt of a virus, our expert, Puneet Mehta, can tell you what the problem is and what you can do to avoid it. Continue Reading
By- Puneet Mehata
-
News
11 Oct 2006
Brief: Malicious Web site poses as Google
A malicious Web site poses as Google's Italian site, but attempts to install malicious ActiveX controls on victim's machines and ultimately redirect them to adult content. Continue Reading
By- SearchSecurity.com Staff
-
Feature
10 Oct 2006
Inside MSRC: Public vulnerability disclosures on the rise
Even though irresponsible publicly disclosed vulnerabilities seem to be on the rise, Microsoft's Christopher Budd discusses how the software giant was able to quickly release a fix for the recent VML flaw, plus offers best practices on how to make sure all of this month's software updates are installed correctly. Continue Reading
-
News
10 Oct 2006
McAfee CEO Samenuk retires in wake of options probe
The investigation into stock option grants is complete and company president Kevin Weiss has been fired, as well. Continue Reading
-
News
10 Oct 2006
Google Code Search gives security experts a sinking feeling
The new search tool from Google can help developers find useful code examples. But security experts worry that it also will make attackers' jobs that much easier. Continue Reading
-
News
09 Oct 2006
Banking on the future
As the banking landscape changes and global competition takes hold, IT offers banks a way of differentiating themselves from the competition, so how do they balance innovation and imitation in this tough market sector? Continue Reading
-
News
09 Oct 2006
Midmarket IT pros have NAC for identity, access management
Midmarket firms may not have the budgets of large companies, but IT pros can build identity and access management programs that are as effective as what the big guys have. Continue Reading
By -
News
09 Oct 2006
Symantec unveils Security 2.0 initiative
As part of Security 2.0, Symantec unveiled new products and partnerships with VeriSign and Accenture to help customers secure their databases, manage risk and fight ID theft. Continue Reading
By -
News
04 Oct 2006
Tiered storage becoming tried and true
Tiered storage matches the value of data with the performance (and expense) of storage. Ideally, tiered storage can save money, while easing the access demands to any single storage tier. While tiered storage has clearly brought storage costs and performance into focus, it has yet to reach its full potential in the enterprise. Continue Reading
-
Feature
03 Oct 2006
School district expels outsourced backup, enrolls CDP
Revere School District dumps tape and outsourced backup, and deploys SonicWall's continuous data protection product. Continue Reading
By- Alex Barrett, News Director, Data Center Media Group
-
Feature
03 Oct 2006
Test your IQ: Business continuity -- ANSWER
This type of plan specifies a means of maintaining essential services at the crisis location. Continue Reading
- Feature 02 Oct 2006
-
Feature
02 Oct 2006
ZERT rekindles third-party patching debate
This week in Security Blog Log: IT security pros express more reservations about third-party patching, including the CEO of a company that released one a few months ago. Continue Reading
-
Feature
30 Sep 2006
PING with Suzanne Hall
In this exclusive interview with Information Security magazine, Suzanne Hall, AARP director of IT operations and security, examines how security professionals can enable telecommuters and mobile workers while keeping their data secure. Continue Reading
-
Feature
28 Sep 2006
More from SearchSecurity September 2006
This month's round up weighs the pros and cons of security information management systems (SIMs) plus four case studies illustrating the different roadblocks security managers can encounter Continue Reading
-
Feature
27 Sep 2006
On privacy laws, every state is one of confusion
It's getting increasingly difficult for US firms to comply with regulations . David A. Meunier feels that it's time to develop safeguards and processes for this ever-changing regulatory environment. Continue Reading
By- David A. Meunier
-
Feature
27 Sep 2006
Top 5 free Windows security downloads
The place where you can find free tools that help you crack passwords, remove troublesome spyware and enhance network security. Check out our five most popular tools and find out what you've been missing. Continue Reading
-
News
26 Sep 2006
Voice over IP Fundamentals: Chapter 9, 'Billing and Mediation Services'
Voice over IP Fundamentals: Chapter 9, 'Billing and Mediation Services' Continue Reading
-
News
26 Sep 2006
Stration worm targets Windows machines
The worm uses several fake email messages, including one claiming to be a security update. Users are advised to avoid unsolicited email attachments. Continue Reading
By -
Feature
25 Sep 2006
Symantec Dark Vision app monitors underground IRC servers
New research project keeps tabs on the hacker underground, providing new insight on activities like credit card theft and spamming. Continue Reading
-
News
25 Sep 2006
IT pros worried about unsecured devices
IT admins keep working to make networks secure even as more unsecured personal gadgets their way into companies. Continue Reading
By- Eileen Kennedy, News Writer
-
News
24 Sep 2006
Hijacked consumer machines target the enterprise
Attackers continue to strike gold by targeting consumers who lack the security savvy to address desktop application flaws, according to Symantec Corp. Enterprises ultimately pay the price. Continue Reading
By -
Feature
24 Sep 2006
NetApp operations chief talks growth
Tom Georgens, executive vice president and general manager at NetApp -- also rumoured to be in the running as next CEO -- discusses what's driving its growth. Continue Reading
By- Jo Maitland, TechTarget
-
News
24 Sep 2006
Apple fixes Mac Wi-Fi flaws
Updated: Attackers could exploit flaws in Apple's wireless technology to cause a denial of service or run malicious code, resulting in the full takeover of vulnerable Mac machines. Continue Reading
By -
News
14 Sep 2006
Secure network perimeter to result from Symantec-Juniper deal
Juniper and Symantec announced a deal to integrate Symantec's client security software with Juniper's security hardware. The result will allow endpoint compliance and access control platforms to secure the enterprise perimeter. Continue Reading
By- Amanda Mitchell, News Editor
-
News
14 Sep 2006
Three ways to create clustered storage
Clustered storage systems run on storage servers, NAS gateways and hosts. Here's how to determine which clustered file-system architecture is best for your needs and storage environment. Continue Reading
-
News
12 Sep 2006
Dell and EMC: Five more years
Dell leans on EMC for support in the face of an SEC investigation and possible delisting from NASDAQ. Continue Reading
By- Alex Barrett, News Director, Datacenter Media Group
-
News
12 Sep 2006
Big security fixes for QuickTime, Flash Player
Apple and Adobe warned that attackers could exploit multiple flaws in QuickTime and Flash Player to run malicious code on targeted machines. Continue Reading
By -
News
12 Sep 2006
Secure network perimeter to result from Symantec-Juniper deal
Juniper and Symantec announced a deal to integrate Symantec's client security software with Juniper's security hardware. The result will allow endpoint compliance and access control platforms to secure the enterprise perimeter. Continue Reading
By- Amanda Mitchell
-
News
11 Sep 2006
Data storage compliance's impact on storage product choices
Data storage compliance is having a tremendous impact on the storage organization, as well as the management practices employed to retain, search, certify and destroy data. It's not just regulations like SOX or HIPAA that influence storage -- there are well over 10,000 regulations that affect data storage, backup and protection across a range of industries. But companies are often left alone in their quest to identify the regulations that relate to them, identify what data should be saved and implement storage to meet those regulations. This article covers the essential goals of data storage compliance, examines implementation considerations and obstacles and reviews the impact of compliance on storage. Continue Reading
-
News
11 Sep 2006
Security Bytes: Hackers target the Terminator
In other news, Symantec upgrades its Norton product line and the Anti-Phishing Working Group says phishing activity soared this summer. Continue Reading
By- SearchSecurity.com Staff
-
Feature
10 Sep 2006
Storage upstarts are tipping the vendor scales
The big storage vendors are always trying to steal a piece of each other's pie. But some small tech upstarts might play big parts in determining who comes out on top. Continue Reading
- News 06 Sep 2006
-
News
06 Sep 2006
Security Bytes: New flaw in Cisco IOS
Security news including Cisco, Mozilla hires a former Microsoft strategist to bolster security, a new "pump-and-dump" stock spam campaign is discovered and TippingPoint lists info on new flaws. Continue Reading
By- SearchSecurity.com Staff
-
Feature
06 Sep 2006
Security Blog Log: Word doc scam evades spam filters
Also this week: A researcher gets a harsh reward after flagging a University of Southern California Web site flaw, and more blogs are keeping an eye on the latest security breaches. Continue Reading
-
News
05 Sep 2006
ControlGuard targets rogue devices
ControlGuard Access Manager is an effective tool for controlling what devices users can add to their workstations and how they are used. Continue Reading
By- Harris Weisman, Contributing Writer
-
News
05 Sep 2006
Proofpoint delivers strong messaging security
Proofpoint Messaging Security Gateway is a highly recommended, affordable solution for big enterprises that need protection from email-based attacks. Continue Reading
By- Phoram Mehta, Contributing Writer
-
News
05 Sep 2006
Cisco, Microsoft unveil NAC/NAP interoperability
Nearly two years into their partnership, Cisco and Microsoft yesterday announced a joint architecture combining their network access security solutions. Continue Reading
By- Andrew R. Hickey
-
News
05 Sep 2006
Cisco, Microsoft unveil NAC/NAP interoperability
Nearly two years into their partnership, Cisco and Microsoft yesterday announced a joint architecture combining their network access security solutions. Continue Reading
By- Andrew R. Hickey
-
News
04 Sep 2006
Revamped Cisco WAFS worth the wait, users say
Months late, Cisco has finally released a combined Wan optimisation and WAFS product, while startups like Riverbed have been snapping up the customers. But some Cisco beta testers say it has been worth the wait. Continue Reading
By- Beth Pariseau, Senior News Writer
-
Feature
04 Sep 2006
Protecting wireless networks: Step 3
Security testing expert Kevin Beaver covers the tools and techniques needed to find and exploit insecure wireless networks. Continue Reading
-
Feature
04 Sep 2006
Protecting wireless networks: Step 2
Security testing expert Kevin Beaver covers the tools and techniques you'll need to find and exploit insecure wireless networks. Continue Reading
-
Feature
04 Sep 2006
Wireless network security testing
Attack your own wireless networks to find vulnerabilities before malicious hackers do. Continue Reading
-
News
31 Aug 2006
Attacks against MS06-040 on the rise
Six pieces of malware are now going after the Windows Server Service flaw outlined in MS06-040, and a spike in attacks has led Symantec to raise its ThreatCon to Level 2. Continue Reading
By -
News
31 Aug 2006
Emulex acquisition could cloud future of FC-SATA spec
New Emulex subsidiary Sierra Logic's strength is in FC-SATA bridging technology. Meanwhile, ONStor launches midrange clustered NAS, and Quantum shareholders withhold votes. Continue Reading
By- Beth Pariseau, Senior News Writer
-
Feature
31 Aug 2006
Identity and Access Management Security School
This Security School explores critical topics related to helping security practitioners establish and maintain an effective identity and access management plan. Continue Reading
-
News
30 Aug 2006
Survey: Data breaches difficult to spot, prevent
IT pros worry that false positives and a lack of resources are preventing them from blocking data breaches Continue Reading
By -
News
30 Aug 2006
Symantec CIO vies with virtualization, device policy
Symantec CIO David Thompson says virtualization is a big part of the security giant's future and it has developed a policy to mitigate virtualization security risks. Continue Reading
-
News
30 Aug 2006
Malware database access sparks debate
Should an emerging database of more than 300,000 malware samples remain a walled community for trusted users, or is open access the best way to fight off digital desperados? Continue Reading
By -
News
29 Aug 2006
AT&T breach affects 19,000 customers
Online outlaws hacked into an AT&T computer system and stole credit card data on thousands of customers. AT&T has offered to pay for credit monitoring services for those affected. Continue Reading
By -
News
29 Aug 2006
An era ends as Tandberg buys Exabyte
The once-dominant player in the tape market has ended a long downward spiral by selling off its assets. At least customers can now count on continued support, analysts say. Continue Reading
By- Beth Pariseau, Senior News Writer
-
Feature
29 Aug 2006
Risk management: Data organization and impact analysis
This first article of the Insider Risk Management Guide explains how to data organization is the first step in implementing insider threat controls. Continue Reading
-
Feature
29 Aug 2006
Risk management: Implementation of baseline controls
This fourth article in the Insider Risk Management Guide examines the implementation of baseline controls. Continue Reading
-
Feature
29 Aug 2006
Risk management: Baseline management and control
Identifying baseline controls is the second step to implementing insider threat controls as described in this article from SearchSecurity's Insider Risk Management Guide. Continue Reading
- Feature 29 Aug 2006
-
Feature
29 Aug 2006
Risk management audit
This article explores the audit function in the insider risk management process. Continue Reading
-
Tip
29 Aug 2006
BackTrack: The gotta-have, free, network security tool you've never heard of
Get the power of Linux-based security tools on Windows with this free suite of open source security tools. Contributor and vulnerability assessment expert Kevin Beaver introduces BackTrack and explains its network security testing features. Continue Reading
By- Kevin Beaver, Principle Logic, LLC
-
News
28 Aug 2006
Microsoft probes alleged Internet Explorer flaw
A research group claims attackers could launch malicious code using a flaw in the way Internet Explorer instantiates certain COM objects' ActiveX controls. Continue Reading
By -
News
27 Aug 2006
Third-party patching: Prudent or perilous?
Security patches issued by third parties have become more prevalent in recent months, and while some security pros endorse them, others say they're more trouble than they're worth. Continue Reading
By