IT security
-
News
25 Oct 2024
Dutch critical infrastructure at risk despite high leadership confidence
Stark paradox in Dutch cyber security landscape has business leaders expressing high confidence in their IT infrastructure as cyber attacks rise Continue Reading
-
News
11 Jul 2024
Dutch research firm TNO pictures the SOC of the future
In only a few years, security operations centres will have a different design and layout, and far fewer will remain Continue Reading
-
News
16 Nov 2005
Wireless security: Companies deal with software updates
A health care provider found it could use wireless technology to dramatically boost patient care. But first it had to figure out how to deploy security updates over a wireless network. Continue Reading
By -
News
14 Nov 2005
Hackers installing keyloggers at a record rate
iDefense researchers have found that keylogger infections are up 65% over the year before, putting the private data of tens of millions of users at risk. Continue Reading
By -
News
14 Nov 2005
Sony rootkit uninstaller causes bigger threat
Princeton researchers say a security hole that appears when users try to remove Sony's copy protection software presents an even greater risk than the original rootkit. Continue Reading
By -
News
10 Nov 2005
Security Bytes: FTC cracks down on alleged spyware distributors
Patches fix serious RealPlayer flaws, IM malcode launches phishing attacks; Microsoft warns of Macromedia Flash flaw; Liberty Alliance pushes stronger authentication; FEMA data security is in question; patches fix Veritas flaws and TransUnion suffers a security breach. Continue Reading
By- SearchSecurity.com Staff
-
News
09 Nov 2005
Trojans target Sony DRM and Windows
Security researchers track two new Trojan horses. One exploits the Sony DRM program. The other could possibly take aim at the Windows flaw Microsoft patched this week. Continue Reading
By -
News
08 Nov 2005
Sony takes second stab at DRM patch
But a top executive's response to criticism over the company's use of rootkit technology has added fuel to the backlash. Continue Reading
By -
News
06 Nov 2005
Hacking Windows: MSRPC vulnerabilities
In this excerpt from "Hacking Exposed, Fifth Edition: Network Security Secrets & Solutions," authors Stuart McClure, Joel Scambray and George Kurtz introduce MSRPC vulnerabilities and countermeasures. Continue Reading
-
News
24 Oct 2005
Reporter's Notebook: NYC 'controls the software industry'
At Information Security Decisions: a security "rock star" rages against the Microsoft machine; banging the drum for enterprise security; a sour note on zero-day exploits. Continue Reading
By- Michael S. Mimoso, Senior Editor and Anne Saita, News Director
-
News
20 Oct 2005
Author delves into novel attack methodologies
Review of Silence on the Wire, a book about security attack methodologies such as passive fingerprinting. Continue Reading
-
News
19 Oct 2005
Elements of a data protection strategy
In this excerpt from Data Protection and Lifecycle Management, Tom Petrocelli addresses the importance of securing data for regulatory compliance and outlines the five components of a data protection strategy. Continue Reading
-
News
17 Oct 2005
How avian flu could threaten IT security
Experts say a potential bird flu pandemic could have a disastrous effect on IT infrastructures. But if companies plan well, those infrastructures could also help minimize chaos. Continue Reading
By -
News
12 Oct 2005
Quiz: What's your infosec IQ?
We've collected our toughest questions to see how well you stand up to a challenge. Put your knowledge to the test and let us know how you do. Continue Reading
-
News
12 Oct 2005
Symantec fixes 'critical' Veritas flaw
Attackers could launch malicious code by exploiting a security hole in Veritas NetBackup servers and clients. But Symantec has released a fix. Continue Reading
By -
News
27 Sep 2005
Secure your extended enterprise
How do you achieve the fine balance between ensuring that there is truly free access to sensitive information, without sacrificing security? Continue Reading
-
News
26 Sep 2005
Secure the interests of your extended enterprise
How do you achieve the fine balance between ensuring that there is truly free access to sensitive information and applications from both inside and outside the firewall, without sacrificing security? Continue Reading
-
News
22 Sep 2005
Who best to avert data security disaster: government or business?
People look to government to prevent catastrophe. But in the Information Age, some of those people, namely those working in IT shops, need to do their part to protect us. Continue Reading
By -
News
22 Sep 2005
Telework key to surviving security disaster, expert says
Cybersecurity Industry Alliance Executive Director Paul Kurtz explains why telework may be crucial to surviving The Big One. Continue Reading
By -
News
21 Sep 2005
Leave no trace: Understanding attackers' motives
This excerpt from Chapter 1 of "Rootkits: Subverting the Windows Kernel," explains the purpose of back doors and how hackers use them, as well as how stealth plays a major role in most successful attacks. Continue Reading
-
News
21 Sep 2005
IT infrastructure risks key to averting major cyberattack
Predictions of a cataclysmic disaster have been around for awhile. But one security officer cites reasons why the Internet can never be brought down. Continue Reading
By -
News
21 Sep 2005
Catastrophic cyberattack unlikely, experts say
Predictions of a cataclysmic disaster have been around for awhile. But one security officer cites reasons why the Internet can never be brought down. Continue Reading
By -
News
20 Sep 2005
SAS drives product roundup
Serial-attached SCSI (or SAS) drives offer significant storage capacity at a much lower cost, while maintaining reasonable performance. Find out who the vendors are in this market. Continue Reading
By- Stephen J. Bigelow, Senior Technology Editor
- News 20 Sep 2005
-
News
20 Sep 2005
Insider threat seen as biggest data security issue
Whether they oversee physical or online defenses, security officers say the disaster scenario that scares them most begins with an insider with malicious intentions. Continue Reading
By -
News
18 Sep 2005
Ensure that legal responsibilities are clear -- Especially when trouble strikes
Excerpt from Chapter 15 of Information Nation Warrior: Information Management Compliance Boot Camp. Continue Reading
-
News
18 Sep 2005
CCSP courses, exam changing next month
Those seeking Cisco's security credential and specialization in VPN, firewall and IDS will soon follow different curricula that better reflect the vendor's current product lines. Continue Reading
By- Anne Saita, TechTarget
-
News
11 Sep 2005
VoIP turns up the heat on firewalls
New research shows that many organizations are increasingly concerned about VoIP security and plan to augment their firewalls within the next year, changing the landscape of the firewall market. Continue Reading
By- Eric Parizo, Senior Analyst
- News 06 Sep 2005
-
News
05 Sep 2005
IE 7.0 may usher in wave of RSS exploits
Experts warn that Web-feed enhancements in Microsoft's new Web browser may be just the thing crackers need to compromise networks and private data. Continue Reading
By -
News
05 Sep 2005
Extending perimeters
The news that, up until 2006, 70% of successful wireless local area network (WLAN) attacks will be because of the misconfiguration of WLAN access points and client software is disquieting on a number of levels. Continue Reading
-
News
01 Sep 2005
Symantec glitch could expose user names, passwords
Symantec announced a fix for a flaw in AntiVirus Corporate Edition Friday afternoon. The security hole could be exploited to view user names and passwords. Continue Reading
By -
News
30 Aug 2005
Myfip's Titan Rain connection
LURHQ researchers say the Myfip worm is a good example of the malcode Chinese hackers are using in the so-called Titan Rain attacks against U.S. government networks. Continue Reading
By -
News
30 Aug 2005
Antivirus can introduce dangerous network security holes into any OS
AV software is one of the most basic security steps available. It's also yet another gateway for security breaches. Continue Reading
By- Shawna McAlearney, News Editor
-
News
30 Aug 2005
Passive fingerprinting: Applications and prevention
In this excerpt from the book Silence on the Wire, author Michal Zalewski discusses both malicious and beneficial uses for passive fingerprinting, and how to prevent successful passive fingerprinting on your network. Continue Reading
-
News
26 Aug 2005
High profile breach brings security to top of agenda
There’s nothing like an apparent breach at a global company to concentrate the mind when it comes to information and data security. Continue Reading
By- Joe O’Halloran, Computer Weekly
-
News
16 Aug 2005
Reduce risks of disaster recovery testing
Untested business continuity plans can leave your firm in the lurch, but taking down live environments is risky and complicated. Continue Reading
By- Matt Stansberry, TechTarget
-
News
10 Aug 2005
Strategic Storage: Storage security -- Change old habits and stop data theft
By- Maxine Kincora, contributing writer
-
News
06 Aug 2005
Trusted Computing Group releases server specs
The Trusted Computing Group released a new set of trusted server specifications it hopes will help vendors protect their platforms against security breaches. Continue Reading
By- Luke Meredith, News Writer
-
News
02 Aug 2005
Raising risk prospects with a new SQL injection threat
"Inference attacks" could deliver up your so-called secure database to an attacker. Continue Reading
By- Shawna McAlearney, News Editor
-
News
31 Jul 2005
Attack: USB could be the death of me
Seemingly innocent Universal Serial Bus driver bugs may allow device attacks that many won't see coming, according to Black Hat presenters. Continue Reading
By- Victor R. Garza, Contributor
-
Feature
28 Jul 2005
Lost at sea: securing the channel
As attacks seem to proliferate almost unabated, it’s worrying to think that of the three interested parties in the security technology market — the technology makers, the technology sellers and the technology users—not everyone shares a common view on the importance of the technology. Continue Reading
-
News
28 Jul 2005
Sarbox compliance costing companies
Companies’ required investments to attain compliance with the Sarbanes-Oxley data security legislation has come at the expense of dealing with other security threats, according to the Information Security Forum (ISF). Continue Reading
-
News
27 Jul 2005
Cisco, Black Hat litigation comes to a close
The vendor and partner ISS settle their dispute over a presentation that resulted in criminal charges and cease and desist orders. Continue Reading
By- Shawna McAlearney, News Writer
-
News
26 Jul 2005
VeriSign raises stakes in battle for threat intelligence
Not to be outdone by 3Com's "Zero-Day Initiative," VeriSign says it'll shell out more cash for hackers who provide vulnerability intelligence. Continue Reading
By -
News
26 Jul 2005
Experts weigh in on spyware's defining moment
We asked IT professionals to review the spyware definitions proposed by a coalition of tech firms and security organizations. They found plenty of room for improvement. Continue Reading
By - News 26 Jul 2005
-
News
24 Jul 2005
Authentication takes a bite out of spam
Network and messaging experts offer helpful ammunition for network managers waving the white flag in the battle against spam. Continue Reading
By- Amy Storer, News Writer
-
Feature
22 Jul 2005
Business continuity keeps companies running
As we speak, it appears that disruption to IT services by the London bombings was minimised due to effective and realistic business continuity strategies. Sally Flood sees how you construct them. Continue Reading
By- Sally Flood
-
News
21 Jul 2005
Users look for value boost from Microsoft licence rejig
Software Assurance needs to offer better support, say IT directors Continue Reading
By- Cliff Saran, Managing Editor
-
News
21 Jul 2005
Sarbox draining corporate security budgets
Corporate investment to comply with the Sarbanes-Oxley data security legislation has come at the expense of dealing with other security threats, according to the Information Security Forum (ISF). Continue Reading
-
News
21 Jul 2005
Can alcohol mix with your key personnel?
I persuaded our MD to hire a dedicated IT security expert. I am pleased with his work, but on several occasions he has smelled strongly of drink. How do I nip this in the bud? Continue Reading
-
News
20 Jul 2005
Pop quiz: E-mail security
Find out how much you know about securing your organization's e-mail. Continue Reading
-
News
12 Jul 2005
Sarbox challenge drains security budgets
International corporate spending on compliance with the Sarbanes-Oxley data security legislation has come at the expense of dealing with other security threats, according to the Information Security Forum. Continue Reading
-
Feature
11 Jul 2005
Business continuity: Keep on running
Too many plans for business continuity do not reflect the true risks. Sally Flood looks at risk assessment and the creation a realistic strategy. Continue Reading
By- Sally Flood
-
Feature
06 Jul 2005
Phishing for the missing piece of the CardSystems puzzle
A banking insider examines the ties between customized phishing attacks this spring and the CardSystems breach announced soon after. Don't miss his revelations on how they're linked and what the phishers really needed. Continue Reading
-
News
06 Jul 2005
This is not your father's hacker
While Sasser author Sven Jaschan awaits the outcome of his trial this week in Germany, a new cybercrime report explains why the teenager is becoming an anachronism. Continue Reading
By- Anne Saita, TechTarget
-
News
06 Jul 2005
PING with Karen Worstell
The Microsoft CISO discusses how she keeps Redmond and its products secure. Continue Reading
By- By Amber Plante
-
News
04 Jul 2005
Sasser author issues courtroom confession
Sven Jaschan's mea culpa was expected after he earlier admitted to creating the last major malware outbreak more than a year ago. Continue Reading
By- Anne Saita, TechTarget
-
News
21 Jun 2005
Continuing education options for CISSPs: Top 10 ways to earn CPEs
Who says you can't have fun while earning CPE credits? Check out the top 10 ways to meet CISSP® and SSCP continuing professional education requirements. Continue Reading
-
Feature
19 Jun 2005
How to survive a data breach
When Colin Crook offers advice on how companies should deal a security breach, he speaks from experience. He was CTO of Citicorp [now Citigroup, parent company of Citibank] 10 years ago when a hacker penetrated the company's network.
Crook is now senior advisor to the Wharton Fellows at the University of Pennsylvania, a member of the New York Academy of Sciences; fellow of the Royal Academy of Engineering and co-author of "The Power of Impossible Thinking." He shared his experiences with customers of Framingham, Mass.-based ID management firm Courion Corp. during the company's Converge05 conference last week. Business executives, he argues, must do better at listening to others and understand security is about humans, not machinery.
In the first of a two-part question-and-answer feature, Crook explains how companies can survive the fallout from a data heist.
Continue ReadingBy - Feature 13 Jun 2005
-
News
13 Jun 2005
Gartner underscores five overblown threats
Two Gartner analysts debunk five overhyped security risks they claim are causing companies to miss out on some key emerging technologies. Continue Reading
By- Amy Storer, News Writer
-
News
07 Jun 2005
Latest Mytob worms phish for trouble
Mytob's data-drumming tactics and the appearance of new Trojan horse programs add to concern that the underground is perfecting ingredients for a major attack. Continue Reading
By -
News
06 Jun 2005
Spyware removal checklist
A step-by-step guide on how to remove spyware using antispyware tools including Spybot -- Search and Destroy, and HijackThis. Continue Reading
-
News
06 Jun 2005
Know your enemy: Why your Web site is at risk
In this Lesson 1 technical paper from Web Security School, guest instructor Michael Cobb outlines the threats to Web sites and who is behind them. Continue Reading
-
News
06 Jun 2005
Developer's active content delivery checklist
Rules for developing secure dynamic content for an IIS Web server. Continue Reading
-
News
05 Jun 2005
Quiz: Secure Web directories and development, answer No. 3
Quiz: Secure Web directories and development, answer No. 3 Continue Reading
-
News
05 Jun 2005
Quiz: Secure Web directories and development, answer No. 4
Quiz: Secure Web directories and development, answer No. 4 Continue Reading
-
News
05 Jun 2005
Quiz: Secure Web directories and development, answer No. 5
Quiz: Secure Web directories and development, answer No. 5 Continue Reading
-
News
05 Jun 2005
Quiz: Secure Web directories and development, answer No. 1
Quiz: Secure Web directories and development, answer No. 1 Continue Reading
-
News
05 Jun 2005
Quiz: Secure Web directories and development, answer No. 2
Quiz: Secure Web directories and development, answer No. 2 Continue Reading
- News 05 Jun 2005
- News 05 Jun 2005
-
News
05 Jun 2005
Quiz: Secure Web directories and development
Evaluate your knowledge of Web threats and how to defeat them. Questions cover security risks of dynamically created content and proper security management. Continue Reading
-
News
04 Jun 2005
Top tools for testing your online security, part 2
Michael Cobb explains what tools are helpful in maintaining Web security, including security scanners, benchmarking tools, monitoring services and online resources. Continue Reading
-
News
04 Jun 2005
Top tools for testing your online security
Learn a structured approach for Web security that can make your security management tasks easier and increase your chances of success. Continue Reading
-
News
04 Jun 2005
Life at the edge part 3: Resistance to failure
Learn how architecture, protocol and application-level protections work together to safeguard a Web infrastructure. Continue Reading
-
News
04 Jun 2005
Life at the edge part 4: When things go wrong
A checklist and other hints to protect your Web servers from a worst-case scenario. Continue Reading
-
News
04 Jun 2005
Life at the edge part 2: Divide and conquer with DMZs
Learn how a DMZ works and how it can protect Web servers. Continue Reading
-
News
03 Jun 2005
Quiz: Identify and analyze Web server attacks, answer No. 5
Quiz: Identify and analyze Web server attacks, answer No. 5 Continue Reading
-
News
03 Jun 2005
Quiz: Identify and analyze Web server attacks
Test your knowledge of the material covered in the "Identify and analyze Web server attacks" section of Intrusion Defense School. Continue Reading
-
News
03 Jun 2005
Quiz: Identify and analyze Web server attacks, answer No. 3
Quiz: Identify and analyze Web server attacks, answer No. 3 Continue Reading
-
News
02 Jun 2005
Quiz: Web attack prevention and defense
Test your knowledge of the material covered in Web attack prevention and defense, including the fundamentals of securing a Web server. Continue Reading
-
News
01 Jun 2005
Zombie machines used in 'brutal' SSH attacks
IT managers use SSH to gain secure access to remote computers. Hackers are using it to crack your network, with help from their zombie friends. Continue Reading
By -
News
31 May 2005
Network configuration: IIS SMTP mail relay service and Microsoft Exchange Server
Learn how to use the IIS SMTP mail relay service to prevent spammers from directly interacting with your Microsoft Exchange Server. Continue Reading
-
News
29 May 2005
Patching resource kit
From vulnerability scanning to patching flubs, here's a collection of other helpful resources to ensure your patching efforts are effective. Continue Reading
-
News
23 May 2005
Pre-CISSP: Options for the security newbie
Shon Harris advises novice security practitioners on the value of entry-level certifications -- and good, old-fashioned experience -- in preparation for the CISSP®. Continue Reading
-
News
17 May 2005
Should the government define spyware?
Who's best qualified to define what is and isn't spyware -- your congressman or your online user community? Security experts say no entity can do it alone. Continue Reading
By -
News
17 May 2005
Some vendors get labeled as spyware pushers
To win the battle with spyware, you must be able to spot it. That's not as easy as you think. Continue Reading
By -
News
11 May 2005
A new era of computer worms: Wireless mobile worms
In this excerpt of Chapter 9 from "The Art of Computer Virus Research and Defense," author Peter Szor dissects the Cabir worm. Continue Reading
-
Feature
10 May 2005
Learning Guide: Low-cost storage
Resources on low-cost networking, iSCSI, SATA and IP storage Continue Reading
- Opinion 25 Apr 2005
-
Feature
15 Apr 2005
The acceptable rules of the mobile game
Mobile networks allow you to connect to your network from almost anywhere by the appropriate methodology. Yet that may also mean... Continue Reading
-
News
14 Apr 2005
Who should be on (and off) the hook for ID theft?
An influential cryptographer and a panel of technologists today debate how best to fight false authentication and fraudulent transactions. Continue Reading
By- Anne Saita, TechTarget
-
News
03 Apr 2005
Are identities safer on laptops than central databases?
Microsoft pledges better ID security. Given the theft of a laptop storing 100,000 Social Security numbers, Redmond's approach could prove controversial. Continue Reading
By- SearchSecurity.com Staff
-
News
29 Mar 2005
Quiz: Do you have a firm e-mail security foundation?
This Security School quiz is the first in a series of three on e-mail security essentials. Continue Reading
-
News
21 Mar 2005
Linux lags Windows in new security report
A controversial research paper takes a critical look at two popular platforms' track record on vulnerabilities and fixes. In turn, its findings are facing sharp scrutiny as well. Continue Reading
By- Anne Saita, TechTarget
-
News
17 Mar 2005
Botnets more menacing than ever
Researchers from the Honeynet Project and iDefense say bots are spreading quickly, digging their heels into more than a million machines around the world. Continue Reading
By -
News
16 Mar 2005
RootkitRevealer turns root kits' tactics back at them
A contributor reviews freeware RootkitRevealer from Sysinternals. Continue Reading
-
Feature
16 Mar 2005
Managed services: Looking to the long term
IT directors looking for an easy way to manage increasing volumes of data by buying more hardware could be storing up problems... Continue Reading
-
News
15 Mar 2005
ID theft and national security
Check out what some ITKnowledge Exchange members had to say about this controversial issue. Continue Reading