Off the Wire

Off The Wire Archive

News items for November 2005

Security: forensic CDs
Last month, I wrote about Auditor, a comprehensive bootable CD for pentesters. After I wrote that column, I started to think about the many forensic CDs that I have used in the past and how handy they were when I needed them. So I decided that I need to highlight some of these tools as well (and then I promise to get off the topic of bootable CDs for a while!). [more]
Wednesday, 30 November 2005, 3:43 PM CET


Security expert: more sophisticated attacks likely
Terroists groups and criminal organizations are possible perpetrators. [more]
Wednesday, 30 November 2005, 11:40 AM CET


Sony, Panasonic, others set RFID consortium
Group work for a year on guidelines covering the use of RFID tags. [more]
Wednesday, 30 November 2005, 11:37 AM CET


Regaining control
Securing endpoint systems by locking them down using complex software brings back memories of another era, where business computers were once used for business applications only - and businesses retained control over their assets and data. [more]
Wednesday, 30 November 2005, 3:21 AM CET


Hitachi fingers vein recognition for authentication
First laptop with build in vein scanner. [more]
Wednesday, 30 November 2005, 2:14 AM CET


Storage vendor IO Data ships drives with Trojan
The infected hard drives are available on the Japanese market only. The vendor won't supply users with a tool to remove the malware but instead is advising customers to use their own security application or a 30-day free trial version. [more]
Wednesday, 30 November 2005, 1:54 AM CET


Mac OS X security under scrutiny
Flaw finders and hackers have taken a shine to Apple's polished operating system, but some say that recent security problems are more than just skin deep. [more]
Wednesday, 30 November 2005, 1:39 AM CET


Key strategies and trends for building highly secure government networks
In this webcast Robert Whiteley and Margaret E. Grayson will explore the key challenges facing government agencies and the solutions they are using to secure their network communications and information access. [more]
Wednesday, 30 November 2005, 1:19 AM CET


ISPs filtering out spam, says FTC
Users should mask their emails more. [more]
Tuesday, 29 November 2005, 3:51 PM CET


Securing Linux production systems
This article is a practical step-by-step guide for securing Linux production systems. It discusses basic Linux security requirements for systems that need to pass various audits in an enterprise environment. [more]
Tuesday, 29 November 2005, 3:05 PM CET


The five security 'musts' you can't ignore
These are just the first things you must do. [more]
Tuesday, 29 November 2005, 3:02 PM CET


Piracy cuts deep
I wonder whether the media has finally bought into the hype generated by the pirates, that software theft is good for vendors because it expands the potential market for the purloined product and software that enhances it. [more]
Tuesday, 29 November 2005, 3:00 PM CET


Major financial leak threatens stock traders
Online trading company Scottrade has warned its customers that data thieves compromised the systems of its electronic checking provider last month, resulting in a major leak of personal information. [more]
Tuesday, 29 November 2005, 2:58 PM CET


Qmail Toaster makes mail server setup easy
A mail server is an essential part of any organization's IT infrastructure, but installing and maintaining a mail server is not always easy, and it's often difficult for small organizations to pay an expert to set up a mail server. Fortunately, Qmail Toaster can simplify the task enormously. [more]
Tuesday, 29 November 2005, 2:55 PM CET


Microsoft Office Live Meeting 2005 security guide
Some meetings contain confidential material and therefore require special attention with regard to who can access the meeting and how to safeguard the meeting content. [more]
Tuesday, 29 November 2005, 2:53 PM CET


Exploit code unleashed for Windows DoS flaw
Exploit code is circulating on the internet that can take advantage of a critical Windows security vulnerability disclosed by Microsoft last month. [more]
Tuesday, 29 November 2005, 2:47 PM CET


Hacked server exposes brokerage customers' data
Online brokerage Scottrade says a server compromise at a service provider may have exposed the financial details of its customers, including banking account information and Social Security numbers. [more]
Tuesday, 29 November 2005, 2:46 PM CET


HP takes on network security challenge
HP's work on open-standards infrastructure components is laudable, and it truly seems to have a desire to wrestle this access control beast on behalf of network admins everywhere. If HP succeeds, the results should be outstanding. [more]
Tuesday, 29 November 2005, 2:44 PM CET


Locking down your web applications
In this final Web Security School webcast, Mike Cobb, Managing Director of Cobweb Applications Ltd. and author of IIS Security, looks at how the actual content of your Web site can open holes in its defenses. [more]
Tuesday, 29 November 2005, 2:40 PM CET


Shopping online for the holidays: twelve tips to protect yourself
The National Consumers League, the Better Business Bureau and the National Cyber Security Alliance offer key advice to ensure you have a safe online shopping experience, so that your gift-giving is a joyous occasion, not an opportunity for cyber thieves. [more]
Monday, 28 November 2005, 6:37 PM CET


Simplifying backups
Most computer users don't make use of a system backup tool until after they suffer the misfortunes of a hard drive crash without one. [more]
Monday, 28 November 2005, 6:25 PM CET


Kazaa to install anti-piracy tool
The Kazaa file-sharing network will soon change its core software in an attempt to cut music piracy. [more]
Monday, 28 November 2005, 6:14 PM CET


Hacking 101: becoming productive quickly in the UNIX world
This document gives the reader a tour of what the UNIX development environment has to offer. [more]
Monday, 28 November 2005, 11:14 AM CET


New path of attack
Just when patching showed progress against the worst security threats, cybercriminals shift their focus. [more]
Monday, 28 November 2005, 10:25 AM CET


Blocking Skype using Squid and OpenBSD
This article describes a process that will enable you to effectively block Skype on your network. [more]
Monday, 28 November 2005, 10:16 AM CET


Keeping a finger on security
Whether someone is who he or she says they are can't always be taken at face value. But now, the use of biometric technology - once prohibitive in costs - is becoming increasingly more accurate, detailed and affordable. It's also a developing as a business niche in the Tampa Bay area. [more]
Monday, 28 November 2005, 8:47 AM CET


Sober worm's still with us
A new variation of the long-running Sober worm last week was using extremely effective scare tactics to trick users into infecting their PCs, including posing as messages from the FBI and the CIA. [more]
Monday, 28 November 2005, 8:46 AM CET


Music industry seeks access to private data to fight piracy
Civil rights fears over phone and email records. [more]
Monday, 28 November 2005, 3:06 AM CET


Symantec refuses to sell audit tool outside the US
Return of the crypto wars? [more]
Monday, 28 November 2005, 2:15 AM CET


EU seeks to limit data retention rules to one year
European Parliament wants telcos and ISPs to hold data for one year. [more]
Monday, 28 November 2005, 1:59 AM CET


Applying security to web servers
The famous Top Ten list of security bugs isn't enough. True security means looking deeper into OWASP and WASC. [more]
Monday, 28 November 2005, 1:20 AM CET


US moves forward on data privacy
Draft law heads for full Senate hearing. [more]
Monday, 28 November 2005, 12:55 AM CET


Best practices for securing electronic private health information
With consumer concerns about privacy, information safeguarding, and legislation at an all-time high, hospitals and health care providers must be diligent in protecting patients' and clients' private information. [more]
Monday, 28 November 2005, 12:33 AM CET


Security worries threaten Christmas web spending
BSA predicts trouble ahead. [more]
Monday, 28 November 2005, 12:11 AM CET


Merchants jump on Visa's free security service
Enterprises conducting e-commerce transactions have been quick to take up Visa's free, hosted security auditing service, according to the company. [more]
Friday, 25 November 2005, 9:27 AM CET


Securing databases with cryptography
This article discusses how cryptography can fit into your security profile. After explaining what cryptography is and providing a general idea of how it works, we dig into the various types of cryptographic algorithms and see where the strengths and weaknesses of each lie. [more]
Friday, 25 November 2005, 2:55 AM CET


Sloppy handheld habits continue to plague users
A third of professionals using mobile devices such as PDAs and smartphones are failing to use passwords or any other security protection, and even store their PIN numbers, passwords and other corporate information on the devices. [more]
Friday, 25 November 2005, 2:18 AM CET


UK 'full of fraudsters' - survey
Dishonesty rampant in bogus Britain. [more]
Friday, 25 November 2005, 1:51 AM CET


Using voice verification to securely automate password resets
Attend this webcast session to learn how to reduce the costs, enhance password security, simplify utilizing voice biometrics for end users and improve your password reset solution. [more]
Friday, 25 November 2005, 1:32 AM CET


Sober is biggest worm attack of the year
The Sober worm outbreak that began in earnest Tuesday has been dubbed the world's largest mass-mailed malware attack of 2005 by a Finnish security firm. [more]
Thursday, 24 November 2005, 1:19 PM CET


Google appliances vulnerable
Everyone's favorite technology company was given 60 business days to patch their search appliances. [more]
Thursday, 24 November 2005, 4:16 AM CET


Fear of identity theft is bad for business
Most online shoppers say they will take their business elsewhere if they find out their personal information was compromised, according to a survey of U.S. Internet users. [more]
Thursday, 24 November 2005, 3:51 AM CET


Sony fiasco: More questions than answers
The big story the last few weeks has been the Sony BMG rootkit and in fact, it's the kind of story for which columnists drool: a big company does something unbelievably dumb that violates basic security principles. [more]
Thursday, 24 November 2005, 3:34 AM CET


New Sober worm spoofs FBI, CIA
A fast-spreading variation on the long-running Sober worm is using extremely effective tactics to trick users. [more]
Thursday, 24 November 2005, 3:11 AM CET


Instant messaging the next security risk vector
"Drive-by downloads" still a threat. [more]
Thursday, 24 November 2005, 2:28 AM CET


Opera plugs security holes
Opera Software has issued a security patch to protect its browser users against flaws in Macromedia’s Flash Player. [more]
Thursday, 24 November 2005, 2:12 AM CET


Public divided on ID cards, poll reveals
The public is evenly divided on whether or not identity cards are a good idea, with 50 per cent supporting the introduction, and 48 per cent opposing it, according to a new poll conducted on behalf of campaign group No2ID. [more]
Thursday, 24 November 2005, 2:05 AM CET


Proactive virus strategies
You'll have fewer and less severe problems when you're properly protected from viruses, spyware, adware, and other types of software that can harm your computer. [more]
Thursday, 24 November 2005, 1:47 AM CET


Overcoming those first hurdles when selling a security solution
In the last 14 years the number of global cases that identify corporate board members as being personally responsible for the loss of customer information, customer confidence and so forth have grown considerably. [more]
Thursday, 24 November 2005, 1:09 AM CET


Dark cloud hovers over Black Hat
New corporate ownership won't exempt the bleeding-edge security conference from future Ciscogates, and clashing court decisions leave the outcome up for grabs. [more]
Thursday, 24 November 2005, 12:59 AM CET


The 2005 SANS top 20 Internet security vulnerabilities
This SANS Top-20 2005 is a marked deviation from the previous Top-20 lists. Unlike the previous Top-20 lists, this list is not "cumulative" in nature. It only has critical vulnerabilities from the past year and a half or so. [more]
Wednesday, 23 November 2005, 12:08 PM CET


OATH announces 2006 roadmap for open authentication
OATH, the Initiative for Open Authentication, today announced the organization’s 2006 technology roadmap that builds upon the technical framework for open authentication established by the OATH Reference Architecture released earlier this year. [more]
Wednesday, 23 November 2005, 11:59 AM CET


Making your security fit
There is no doubt that network security keeps IT directors awake at night. [more]
Wednesday, 23 November 2005, 11:58 AM CET


Test drive: EnGarde Secure Linux
EnGarde Secure Linux is a server-based distribution developed with security in mind. [more]
Wednesday, 23 November 2005, 11:24 AM CET


Nine principles of security architecture
Security architecture is a new concept to many computer users. Users are aware of security threats such as viruses, worms, spyware, and other malware. Architectural security, though, remains a mystery to most computer users. [more]
Wednesday, 23 November 2005, 8:15 AM CET


Three security perimeters needed for secure wireless
Today’s sophisticated mobile devices can expose the wireless network to the same security vulnerabilities that have plagued conventional wired networks. [more]
Wednesday, 23 November 2005, 8:14 AM CET


Web browser developers work together on security
Core KDE developer George Staikos recently hosted a meeting of the security developers from the leading web browsers. [more]
Wednesday, 23 November 2005, 8:08 AM CET


New Sober worm spoofs FBI, CIA
A new variation of the long-running Sober worm uses extremely effective tactics to trick users into infecting their PCs, security companies said Tuesday, including posing as messages from the FBI and CIA. [more]
Wednesday, 23 November 2005, 8:06 AM CET


Security spending cloaked in compliance
While regulatory compliance is the primary driver of corporate information security projects it is a dangerous strategy that could weaken enterprise defenses, according to Ray Wagner, Gartner's information security and privacy research vice president. [more]
Wednesday, 23 November 2005, 8:04 AM CET


Creating a Linux mail server
Postfix, Procmail, Fetchmail, SpamBayes, Courier-imap, Mutt, SquirrelMail. [more]
Wednesday, 23 November 2005, 7:50 AM CET


Security software rivals chip away at Symantec
Security software maker Symantec Corp.'s rivals are chipping away at its market-leading position as the company deals with the departure of two executives key to its $10.3 billion Veritas Software acquisition, a slowing consumer market, and future price cuts. [more]
Wednesday, 23 November 2005, 2:56 AM CET


How does spyware work?
Spyware has multiple vectors to infecting a computer and a network: direct downloads, attachments, foistware, adware and Web pages, and more. [more]
Wednesday, 23 November 2005, 2:48 AM CET


Secure XML messaging with JMS
This tutorial teaches you how to include support for secure XML messaging over an existing JMS network. [more]
Wednesday, 23 November 2005, 2:31 AM CET


How to lock down enterprise data with infrastructure services
This paper outlines the different strategies for encrypting stored data so you can make the decision that is best to use in each different situation, for each individual field in your data store to be able to practically handle different security and operating requirements. [more]
Tuesday, 22 November 2005, 8:29 PM CET


Cyber attackers found green fields in 2005
Hackers are switching their focus to network devices, backup software. [more]
Tuesday, 22 November 2005, 4:34 PM CET


Privacy group sues Sony for XCP 'damage'
Record label's nightmare worsens as Electronic Frontier Foundation wades in. [more]
Tuesday, 22 November 2005, 4:34 PM CET


Panelists weigh potential RFID security threats
Radio Frequency identification technology is facing network security challenges. That's the consensus from TechBiz Connection panelists participating in a discussion on RFID last week at an industry gathering in Irvine, Calif. [more]
Tuesday, 22 November 2005, 4:33 PM CET


Secure backup and storage using a disk image and an iPod
n case you lose your iPod (or any other external drive for that matter) or it gets stolen your data is in danger. [more]
Tuesday, 22 November 2005, 4:28 PM CET


Security concerns dog U.S. online shoppers says survey
Consumers shopping online fear their personal information will be sold to third party. [more]
Tuesday, 22 November 2005, 4:27 PM CET


Security: freedom to enter but no right to roam
How will ITdirectors in businesses that span European borders adapt as corporate security evolves from a closed fortress approach to an open door policy? [more]
Tuesday, 22 November 2005, 4:26 PM CET


Sober variants continue to spread
Emails carrying malware purport to come from the FBI. [more]
Tuesday, 22 November 2005, 4:25 PM CET


Unpatched Explorer flaw 'extremely critical'
UK company releases proof-of-concept exploit for browser flaw. [more]
Tuesday, 22 November 2005, 11:30 AM CET


Secure remote file management with sshfs
It's a dangerous Internet out there, kids. If you are going to work on remotely connected machines, do it safely. [more]
Tuesday, 22 November 2005, 11:30 AM CET


Don't believe the VoIP security hype
Denial-of-service attacks against VoIP systems are still the biggest security threat, according to experts. Beyond that, other frequently mentioned risks, like eavesdropping and voice spam, are not much more than hype. [more]
Tuesday, 22 November 2005, 11:29 AM CET


Token-based authentication his a success for ETrade
But CIO says firm is still evaluating technologies. [more]
Tuesday, 22 November 2005, 11:28 AM CET


Microsoft rebukes security researcher
Ed Moyle, president of SecurityCurve, told TechNewsWorld that the good news is the vulnerability itself is minimal from a risk perspective. [more]
Tuesday, 22 November 2005, 11:27 AM CET


Juniper, others make security buyouts
Network hardware companies continue to snap up technology they can use to make security a standard feature in the switches and routers that comprise the basic network plumbing inside businesses. [more]
Tuesday, 22 November 2005, 11:22 AM CET


Hackers hitting popular apps
Cyber criminals have shifted targets. Until recently, hackers went after operating systems and Internet services like Web servers and E-mail servers. [more]
Tuesday, 22 November 2005, 11:21 AM CET


Study: security still top IT spending priority
A recent survey of 100 US IT executives predicts that IT spending will decrease slightly in 2006 as more businesses worry about global economic conditions, but security software and enterprise IT upgrades remain top concerns, according to Goldman, Sachs & Co. [more]
Monday, 21 November 2005, 6:40 AM CET


Corporate focus on compliance could hurt security
Companies that make regulatory compliance the sole driver of their information security efforts could be weakening their long-term security posture. [more]
Monday, 21 November 2005, 6:34 AM CET


Google Base launched with security hole
Google has patched a security problem with its Google Base that allowed attackers to steal sensitive information from users of the new content-hosting service. [more]
Monday, 21 November 2005, 6:33 AM CET


Novell attacks Microsoft Linux atudy
Microsoft went on the offensive earlier this week, announcing a study in which Windows Server trounced Novell's SUSE Enterprise Linux in both reliability and ease of use over a period of one year. Novell says the report simply "aims to confuse the market." [more]
Monday, 21 November 2005, 1:48 AM CET


"Wi-Fi Phishing": how to secure your mobile workforce
This white paper will discuss the dangers of wireless devices outside your network, including the rise of the mobile worker at hotspots and hotspot phishing. [more]
Monday, 21 November 2005, 1:26 AM CET


Regulatory compliance beats worms for the first time
Worms and viruses are becoming more pervasive, but surprisingly they are no longer the main concern of IT managers. [more]
Monday, 21 November 2005, 12:40 AM CET


Security considerations during Exchange migration
This paper discusses security concerns to consider when migrating from Exchange 5.5 to Exchange 2003, and ways to minimize their impact. [more]
Monday, 21 November 2005, 12:28 AM CET


Web site operators admit role in phishing ring
Six more people pleaded guilty Thursday to operating a Web site that investigators claimed was one of the largest online centers for trafficking in stolen identity information and credit cards. [more]
Monday, 21 November 2005, 12:20 AM CET


Password-stealing keyloggers skyrocket
Breeding like phishes. [more]
Monday, 21 November 2005, 12:19 AM CET


More questions raised as Sony starts rootkit exchange
Security researchers say there are new problems in the software Sony is giving users. [more]
Monday, 21 November 2005, 12:14 AM CET


CSI in computer forensics gaffe
A team of computer forensic investigators has pointed out that a character in a recent episode of hit TV show CSI failed to follow a basic rule of looking for evidence. [more]
Friday, 18 November 2005, 4:34 PM CET


Hacker-proofing ASP.Net applications
Compuware wisely recommends that source-code analysis be run frequently so that security problems are caught before they are baked into an application. [more]
Friday, 18 November 2005, 4:33 PM CET


Tape encryption devices: host-based vs. appliance
How will you be judged if one of your company's backup tapes falls into the wrong hands? [more]
Friday, 18 November 2005, 4:32 PM CET


Spyware impact on compliance requirements
Spyware is a growing security threat facing today's enterprises, and failure to address this issue may expose the enterprise network to substantial risks of adverse legal action. [more]
Friday, 18 November 2005, 4:31 PM CET


Consumers inclined to switch banks if victimized
"Anybody who has an e-mail account that can be contacted, anybody who has a telephone that can be listened in on, anybody who has a credit card they use in public, in short, anybody in Alabama can become a victim of identity theft," Alabama's Attorney General Troy King said. [more]
Friday, 18 November 2005, 4:30 PM CET


Microsoft partners to beef up antiphishing tools
Microsoft has signed up three companies to add phishing monitoring and detection technology to its antiphishing filter in the MSN Search Toolbarh. [more]
Friday, 18 November 2005, 9:52 AM CET


Spammers pay fines to settle FTC complaint
Defendants sold access to sexually explicit Web sites through unsolicited e-mail, or spam. [more]
Friday, 18 November 2005, 9:33 AM CET


DOD to automate deployment of security patches
The Defense Department recently made it mandatory for computer users to deploy automated security tools across the department to better protect networks from viruses. [more]
Friday, 18 November 2005, 9:29 AM CET


Real story of the rogue Rootkit
Antivirus software makers are nowhere to be found when Sony's CD Trojan horse comes knocking. Mere incompetence can't explain that. [more]
Friday, 18 November 2005, 8:42 AM CET


Ex-MI5 boss, House of Lords give ID cards thumbs down
The House of Lords voted to reject the ID cards bill. [more]
Friday, 18 November 2005, 8:10 AM CET


Microsoft warns of new Windows exploit, no patch available
Microsoft late Wednesday warned Windows users that proof-of-concept code was in circulation that could be remotely and anonymously exploited on Windows 2000 machines. [more]
Friday, 18 November 2005, 7:56 AM CET


How to become an information security professional
Information security professionals may hold a variety of certifications and degrees, but the most popular in recent years is the CISSP. [more]
Friday, 18 November 2005, 7:49 AM CET


Microsoft may look again at virus notification
Customers want more info. [more]
Friday, 18 November 2005, 7:21 AM CET


Security incident response - an overview
This white paper provides highlights and best practices information about computer security incident response, building teams to process security incidents and developing important factors in establishing a security incident response policy. [more]
Friday, 18 November 2005, 6:49 AM CET


Risky employee e-mail habits threaten business
A new survey conducted by Harris Interactive for Fortiva, shows a substantial discrepancy between employees’ perceived and actual risks. [more]
Friday, 18 November 2005, 6:16 AM CET


Users don't trust websites with personal info
Only 16 per cent of people are confident that internet sites will treat their personal information properly, according to a new survey by the Information Commissioner's Office that found widespread concern about data protection laws and practices. [more]
Friday, 18 November 2005, 5:26 AM CET


Smart card to open up computing
Intelligent cards that enable visually impaired people to customise computers and ATMs automatically have been unveiled at a conference in Birmingham. [more]
Friday, 18 November 2005, 5:08 AM CET


Install and use Mac GNU Privacy Guard
Mac GNU Privacy Guard is the Mac OS X port of the popular security utility. This article guides the reader through Mac GNU Privacy Guard installation, as well as its basic functions. [more]
Thursday, 17 November 2005, 12:22 PM CET


Browser hijacking: How to help avoid it and undo damage
Regain control over your online experience. [more]
Thursday, 17 November 2005, 10:26 AM CET


What it takes to secure your data
Before the digitalization of data, encryption was enough to protect vital, private data from prying eyes and malicious intent. [more]
Thursday, 17 November 2005, 10:23 AM CET


Spammer jailed for £1.6m net scam
An internet spammer convicted of running a £1.6m e-mail scam from a bedroom in his father's house has been jailed for six years. [more]
Thursday, 17 November 2005, 10:22 AM CET


CMP buys Black Hat Inc.
Black Hat, Inc., operator of popular conferences related to information security, has been acquired by CMP Media. Jeff Moss, founder and now former owner, will join CMP Media as Director of Black Hat. [more]
Thursday, 17 November 2005, 5:11 AM CET


Counterfeiters caught in a jam
Arizona authorities this week charged suspected members of a criminal ring thought responsible for 10 percent of all fake money in the state after some members sent a printer, jammed with counterfeit bills, out for repair. [more]
Thursday, 17 November 2005, 4:27 AM CET


Speed, security features boost router, switch sales
Sales of enterprise routers and switches grew in the third quarter of 2005, as users sought to install more secure WAN connections and faster, more intelligent LAN pipes. [more]
Thursday, 17 November 2005, 4:17 AM CET


Nagios plug-ins
This article describes a module for handling ranges, adds example code for checking ACPI temperatures on Linux, and includes skeleton Nagios plug-in code that you can adapt for your own needs. [more]
Thursday, 17 November 2005, 3:28 AM CET


Vista security an issue at show
Industry insiders say security in Vista is better, but warn 'nothing is invulnerable'. [more]
Thursday, 17 November 2005, 3:07 AM CET


New Sober worms are being distributed in many formats
PandaLabs has detected the reappearance of the Sober worm in the form of three new variants, Sober.AC, AD and AE, new members of this large family of malicious code that can spread in email messages written in English or German. [more]
Thursday, 17 November 2005, 1:53 AM CET


Using the Metasploit Framework on Mac OS X
One of the best open source and free pen testing applications available on the Internet today is the Metasploit Project. [more]
Thursday, 17 November 2005, 1:16 AM CET


Safeguarding stored data
W. Curtis Preston, the author of "The Storage Security Handbook" and "Unix Backup & Recovery," begins with an overview of security problems that companies are trying to address with encryption and authentication systems. [more]
Thursday, 17 November 2005, 1:02 AM CET


Cell phone could identify its owner by their walk
Whether you stride purposefully or shuffle along, your unique mode of locomotion could soon be used to secure your cell phone against theft and unauthorised use. [more]
Wednesday, 16 November 2005, 2:50 PM CET


Firms admit to mobile security shambles
'Secret' Pins and passwords just a click away. [more]
Wednesday, 16 November 2005, 2:20 PM CET


US wants wiretap ability on Internet calls expanded
U.S. law enforcement authorities want expanded ability to tap any phone call between an Internet phone and a traditional phone if needed for an investigation, according to documents filed this week. [more]
Wednesday, 16 November 2005, 12:43 PM CET


Sony's software removal scheme aggravates security hole
The fallout from a hidden copy-protection program that Sony BMG Music Entertainment put on some CDs is only getting worse. [more]
Wednesday, 16 November 2005, 12:41 PM CET


Home Office issues net child protection guidelines
ISPs take note. [more]
Wednesday, 16 November 2005, 12:38 PM CET


Brushing off the VoIP security scare
With news that the Council of Europe has opted for a switch to VoIP, it seems that the technology is finally beginning to win over admirers in the corridors of power. However, fears over security are still preventing many organisations from taking the plunge. [more]
Wednesday, 16 November 2005, 12:29 PM CET


Beware the perils of being always on
Unsecured wireless networks may be convenient, but they can provide rich pickings for crooks. [more]
Wednesday, 16 November 2005, 12:28 PM CET


Keyloggers jump 65% as info theft goes mainstream
The number of keyloggers unleashed by hackers soared by 65% this year as E-criminals rush to steal identities and information, according to VeriSign iDefense. [more]
Wednesday, 16 November 2005, 12:13 PM CET


Internet security market to reach $58 billion by 2010
The global Internet security market is expected to grow at an annual 16 percent over the next five years to reach $58.1 billion by 2010. [more]
Wednesday, 16 November 2005, 12:02 PM CET


CA debuts desktop password reset tech
CA is pushing forgotten password support onto the desktop with the launch of CA Identity Manager. The technology, which partly stems from CA's recent purchase of security firm Netegrity, is designed to automate the management of user identities and entitlements. [more]
Wednesday, 16 November 2005, 12:01 PM CET


The black book on corporate security
This excerpt is from Chapter 2, "The Information Security Officer: A New Role for a New Threat," from The Black Book on Corporate Security. It was written by Joyce Brocaglia, president and CEO of Alta Associates. [more]
Wednesday, 16 November 2005, 6:13 AM CET


Critical VPN flaw could lead to DoS attacks
"Cisco is extremely good in terms of security; it's one of the best," said Gartner analyst Chris Byrnes. "But any flaws are going to cause worry just because of how many Cisco products are running companies." [more]
Wednesday, 16 November 2005, 5:35 AM CET


19 ways to build physical security into a data center
At information-intensive companies, data centers don't just hold the crown jewels; they are the crown jewels. [more]
Wednesday, 16 November 2005, 5:10 AM CET


Secure remote control for IT support organizations
This white paper addresses concerns regarding security requirements surrounding remote control software. Learning about authentication, authorization and access control, perimeter and administration will alleviate these issues. [more]
Wednesday, 16 November 2005, 4:52 AM CET


Microsoft cleans up Sony's mess
Microsoft said it would remove controversial copy-protection software that CDs from music publisher Sony BMG install on personal computers, deeming it a security risk to PCs running on Windows. [more]
Wednesday, 16 November 2005, 4:01 AM CET


Mac OS/Linux/Windows single sign-on
Centralized authentication greatly simplifies network administration. [more]
Wednesday, 16 November 2005, 3:16 AM CET


Essential Mac OS X Panther Server Administration
It doesn't matter what Operating System you are running on your server, good documentation is always needed. If you think of quality computer books you probably think of O'Reilly first, somehow they always seem to be ahead of the competition. Let's see what value this book brings to Macintosh system administrators. [more]
Tuesday, 15 November 2005, 8:16 PM CET


Enterprises patch 10% faster, but not fast enough
Even though two out of every three machines are vulnerable to one or more critical vulnerabilities, enterprises are managing to patch faster than ever, a researcher said on the eve of his keynote speech at a security conference. [more]
Tuesday, 15 November 2005, 7:26 PM CET


Vendors warn of new Sober variants
Three new variants of the mass-mail Sober worm are making the rounds of the Net. [more]
Tuesday, 15 November 2005, 7:24 PM CET


Wireless e-mail a primary security concern
A recent survey of roughly 600 IT professionals found wireless e-mail is the biggest security concern when a company deploys mobile computing capabilities. [more]
Tuesday, 15 November 2005, 5:34 PM CET


Enhancing kernel security with grsecurity
Is your server as secure as it could be? [more]
Tuesday, 15 November 2005, 5:32 PM CET


Top 10 ways to protect your Linux home system
As a result of articles referring to the threat of Worms and Viruses attacking Linux systems, many new Linux users are in a panic. [more]
Tuesday, 15 November 2005, 5:31 PM CET


ID theft - beware the hype
If some of the numbers being cited about identity theft are to be believed, it's just a matter of time before some unseen cyber-hustler steals your name, empties your bank account and wrecks your financial reputation. You can almost hear the maniacal laughter. [more]
Tuesday, 15 November 2005, 5:30 PM CET


Consumers punish firms over data security breaches
Leaked data leads to lost business. [more]
Tuesday, 15 November 2005, 5:21 PM CET


Virus creators target their work
Computer users could be forgiven for thinking that life online got safer in 2005 thanks to the lack of headline-hitting computer viruses. [more]
Tuesday, 15 November 2005, 5:19 PM CET


Intel pushes virtualisation for security in PCs
Delivering what it says is the first hardware virtualisation support for desktop PCs, Intel has detailed two new Pentium 4 processors, the 662 and 672, aimed at improving business management and bolstering security. [more]
Tuesday, 15 November 2005, 5:18 PM CET


The definitive guide to security inside the perimeter
This 8 chapter eBook is an informative guide that presents an overview of the challenges your organization must face to maintain security inside the perimeter. [more]
Tuesday, 15 November 2005, 5:17 PM CET


ServGate makes net security less expensive
ServGate last week streamlined the pricing of its multi-service security platforms so customers pay a lower flat price for the hardware and security software no matter how many users they support on it. [more]
Monday, 14 November 2005, 6:33 PM CET


More than 100 known mobile malware variants
On previous week, we breached the mental barrier of 100 known variants of Mobile malware. [more]
Monday, 14 November 2005, 3:06 PM CET


Prioritising security in e-commerce
As in the real world, security is also very much an issue in cyberspace. [more]
Monday, 14 November 2005, 2:43 PM CET


'Spyware' vendor bangs copyright shield
RetroCoder, developers of the SpyMon remote monitoring program, is brandishing copyright law in a bid to protect its software from being detected by anti-spyware or anti-virus products. [more]
Monday, 14 November 2005, 2:41 PM CET


CLI magic: netcat
Here then is an introduction to netcat for Linux users who may not be familiar with the "TCP/IP Swiss Army knife." [more]
Monday, 14 November 2005, 1:51 PM CET


Pump-and-dump spam domains go silent after botnet closure
Pump-and-dump spam domains have gone quiet since the closure of a major botnet operation earlier this month. [more]
Monday, 14 November 2005, 12:53 PM CET


It takes a hacker to catch one
As malicious hacking grows, the industry fights back, training future security pros to think like their adversaries. [more]
Monday, 14 November 2005, 12:06 PM CET


Interview with Alf Watt, creator of iStumbler
iStumbler is the leading wireless discovery tool for Mac OS X and in this interview with its creator, Alf Watt, you can read about the project in general, various wireless security issues as well as recent developments that will make iStumbler a paid tool in its Pro version. [more]
Monday, 14 November 2005, 8:26 AM CET


My security. My notebook.
Whether you are a corporate professional, student, or home user, notebook security should be the top-of-mind concern when choosing a notebook. [more]
Monday, 14 November 2005, 8:23 AM CET


Sony stops making anti-piracy CDs
Sony has said it will suspend the production of music CDs with anti-piracy technology which can leave computers vulnerable to viruses. [more]
Monday, 14 November 2005, 8:20 AM CET


Evaluating intrusion prevention systems
IPSs are becoming today's must-have security solution but don't deploy blindly; testing on your network is the key to success. [more]
Monday, 14 November 2005, 8:16 AM CET


Security incident response - an overview
This white paper provides highlights and best practices information about computer security incident response, building teams to process security incidents and developing important factors in establishing a security incident response policy. [more]
Monday, 14 November 2005, 8:15 AM CET


VPNs and Internet connection security
Keep a velvet rope around your data as it travels through the vastness of the internet - Version 1.0.0. [more]
Monday, 14 November 2005, 6:27 AM CET


Reusing existing OpenSSH v4 connections
I've recently learnt of an interesting new features of OpenSSH v4 which allows you to reuse open connections when connecting to the same host more than once. [more]
Monday, 14 November 2005, 6:26 AM CET


Trojan could attack Tuesday's Windows flaw
Malware appears days after Microsoft fix. [more]
Friday, 11 November 2005, 2:21 PM CET


Trojan horse exploits Sony DRM copy protection vulnerability
Experts at SophosLabs, Sophos's global network of virus and spam analysis centres, have detected a new Trojan horse that exploits the controversial Sony DRM (Digital Rights Management) copy protection included on some of the music giant's CDs. [more]
Friday, 11 November 2005, 3:12 AM CET


Dealing with unwelcome visitors
A judge has said that a denial of service attack was not illegal - could a simple notice have made it so? [more]
Friday, 11 November 2005, 2:53 AM CET


Sony DRM rootkit hacked, drawing lawsuits
Rootkit-like copy protection software on some Sony music CDs is drawing lawsuits, and is now a vector for a Windows trojan. [more]
Friday, 11 November 2005, 2:24 AM CET


Cram session 5: Windows firewall
This session get all of the details you need about Windows Firewall, starting with the basics of turning it on, to creating profiles for inside and outside the office to setting up remote administration. [more]
Friday, 11 November 2005, 2:21 AM CET


New center to help intelligence community exploit public information
The Office of the Director of National Intelligence has created a new Open Source Center designed to enhance the intelligence community’s use of publicly available information. [more]
Thursday, 10 November 2005, 6:04 PM CET


Email seen as biggest security hole for mobile devices
Email vulnerabilities represent the greatest source of risk for mobile devices, according to a recent survey by Good Technology. [more]
Thursday, 10 November 2005, 3:55 PM CET


First Trojan using Sony DRM has arrived
Virus writers have begun taking advantage of Sony-BMG's use of rootkit technology in DRM software bundled with its music CDs. [more]
Thursday, 10 November 2005, 2:57 PM CET


Will hackers target copiers?
Any networked office gear can be vulnerable to online attackers, some warn. [more]
Thursday, 10 November 2005, 2:33 PM CET


Email 'get rich quick' scams double in October
Incidence of email "get rich quick" scams more than doubled (albeit from a low base) last month, according to email security firm Clearswift. [more]
Thursday, 10 November 2005, 2:27 PM CET


No fed security laws
Congress isn't likely to pass tough data-security laws any time soon - and that's a good thing, consumer advocates say. [more]
Thursday, 10 November 2005, 2:02 PM CET


Getting tough on data security
Initiatives and products from Atempo, NetApp bring a ray of hope to storage security. [more]
Thursday, 10 November 2005, 1:53 PM CET


Computer Associates blacklists Sony DRM
Computer Associates has officially blacklisted the Sony BMG XCP Technology that the record label bundles with several of its audio CDs. [more]
Thursday, 10 November 2005, 1:52 PM CET


Some Microsoft security updates aren't reaching users
Company unable to deliver patch to users of its Software Update Services. [more]
Thursday, 10 November 2005, 8:13 AM CET


Linux worm overrated
The latest and greatest Linux worm isn't the most elegant or fastest spreading worm, or even one that's difficult to stop, but it still offers a warning for Web developers and administrators everywhere. [more]
Thursday, 10 November 2005, 8:03 AM CET


Liberty Alliance pushes authentication standard
ID-SAFE combination. [more]
Thursday, 10 November 2005, 8:02 AM CET


Sony’s rootkit: First 4 Internet responds
First 4 Internet, the company that implements Sony’s Digital Rights Management (DRM) software that includes a rootkit, has responded to Mark Russinovich. [more]
Thursday, 10 November 2005, 12:10 AM CET


Estate agency cuts spam and viruses
Estate agency Your Move has dramatically reduced the volume of viruses and spam that affect its computer systems. [more]
Wednesday, 9 November 2005, 7:15 PM CET


Mystery over 'hidden booty' in email scam trial
Francis-Macrae takes stand, refuses to spill the beans. [more]
Wednesday, 9 November 2005, 6:31 PM CET


Security will drive Windows-to-Mac switch
As much as Apple would likely enjoy seeing a major spike in Mac buying, it is likely that purchasing will grow only incrementally on the basis of the success of other Apple ventures like the iPod, said IDC analyst Dan Kusnetzky. [more]
Wednesday, 9 November 2005, 5:56 PM CET


Security tester confirms critical QuickTime flaws
Security researcher Piotr Bania has hit back at claims that he exaggerated the severity of flaws that he discovered in Apple's QuickTime media player. [more]
Wednesday, 9 November 2005, 5:55 PM CET


Worm targets Linux systems
Symantec and McAfee have updated their products to provide some protection, but Secunia's Thomas Kristensen noted that because the vulnerability is in the library of many products, users of third-party applications might not know they are at risk. [more]
Wednesday, 9 November 2005, 5:48 PM CET


Home Office "confident" of ID card costs
KPMG report on programme estimates published. [more]
Wednesday, 9 November 2005, 5:27 PM CET


Security concerns over IP convergence
As viruses and malicious software bloom, senior executives across a range of industries see security as their top concern in implementing converged IP networks, according to a joint study released Tuesday by the Economist Intelligence Unit and AT&T. [more]
Wednesday, 9 November 2005, 5:15 PM CET


Bragg gratings are key to encryption
US researchers unveil a new way of keeping optical data networks safe from prying eyes. [more]
Wednesday, 9 November 2005, 4:43 PM CET


Phishers target Google users
Emails have been spammed out directing computer users to a spoofed copy of Google's front page with a large message claiming that they have "won $400". [more]
Wednesday, 9 November 2005, 4:05 PM CET


Automatic graylisting of unwanted software
Maximum security, minimal effort. [more]
Wednesday, 9 November 2005, 3:57 PM CET


Pizza place ponders privacy problem
Internal emails discussing corporate strategy, thousands of customer comments and a list of usernames and passwords were some of the items publicly accessible from the Papa John’s web server yesterday. [more]
Wednesday, 9 November 2005, 11:30 AM CET


Microsoft Patch Tuesday brings only one patch
November's update is much different than last month's update since Microsoft released only one patch today. This month's Security Bulletin affects Microsoft Windows and the highest Maximum Severity rating for this is Critical. [more]
Tuesday, 8 November 2005, 10:08 PM CET


Symbian anti-virus bundled with Symbian trojan
SymbOS/Doomboot.G is a new variant of Doomboot family. [more]
Tuesday, 8 November 2005, 4:04 PM CET


CIOs nervous about IP network security
But concerns are not stopping investment. [more]
Tuesday, 8 November 2005, 1:32 PM CET


The story of PGP: past, present and future
Recently we met with Jon Callas, CTO and CSO of PGP Corporation.


Pretty Good Privacy (PGP) is today's most used crypto software with a lot of history. Presented here is the entire story of PGP in his words that covers everything from the the early days to future plans. [more]
Tuesday, 8 November 2005, 1:14 PM CET


Card fraud grows online
Fraudulent use of credit cards online is increasing because Chip and PIN technology makes other forms of fraud more difficult. [more]
Tuesday, 8 November 2005, 12:13 PM CET


Microsoft pushes for privacy law
Microsoft is leading efforts in the US to introduce a national law to protect consumer privacy, with the introduction of legislation likely in 2006 following heightened consumer concerns about identity theft and online fraud. [more]
Tuesday, 8 November 2005, 11:34 AM CET


Skype under scrutiny for bugs
The recent emergence of two sets of serious security vulnerabilities in Skype, the popular VoIP communications software app, couldn't have come at a worse time for the firm. [more]
Tuesday, 8 November 2005, 6:51 AM CET


Hacking back: cyber counterterrorism
To catch a thief, or in this case a cyberterrorist, you have to think like one. [more]
Tuesday, 8 November 2005, 6:50 AM CET


What makes anyone think IP telephony is secure?
Using VoIP might save a company money, but it could be risky. [more]
Tuesday, 8 November 2005, 6:46 AM CET


Sniffer gets enterprise-scale upgrade
Network General to debut upgrades across its Sniffer product suites to help customers expand use. [more]
Tuesday, 8 November 2005, 6:42 AM CET


Building highly secure government networks
In this webcast Robert Whiteley and Margaret E. Grayson will explore the key challenges facing government agencies and the solutions they are using to secure their network communications and information access. [more]
Tuesday, 8 November 2005, 6:36 AM CET


In defense of Windows
Microsoft took the wraps off the name for its security software aimed at making Windows safer for home and business users and possibly making the company a regular annual subscription revenue in the process. [more]
Tuesday, 8 November 2005, 6:32 AM CET


CLI magic: sudo voodoo
Sudo is a handy little tool that is of value to both system administrators and common folks like us. What does it do? [more]
Monday, 7 November 2005, 4:19 PM CET


Linux worm targets PHP flaw
Virus writers have created a Linux worm which uses a recently discovered vulnerability in XML-RPC for PHP. [more]
Monday, 7 November 2005, 4:13 PM CET


Outsourcing security - a matter of trust
It's odd that in business, most people treat the security of their office differently to the security of their network. [more]
Monday, 7 November 2005, 10:10 AM CET


Secure WiFi client stack supports WPA2, CCX, Linux
Devicescape Software is shipping a cross-platform WiFi stack for wireless consumer and office client devices. [more]
Monday, 7 November 2005, 9:39 AM CET


SGI, Novell attain elevated security certification
Novell's SUSE Linux Enterprise Server 9 has been certified on SGI Altix servers and supercomputers to meet security criteria required by the US Department of Defense and governments throughout the world. [more]
Monday, 7 November 2005, 9:28 AM CET


Microsoft's free web-based virus scanner sends data back to Microsoft
By default the virus scanner transmits information about the PC and its applications to Microsoft. [more]
Monday, 7 November 2005, 4:50 AM CET


Retailers under pressure to tighten security
Privacy concerns and proposed laws governing the use of sensitive personal information are making it more important for retailers to be able to demonstrate due diligence. [more]
Monday, 7 November 2005, 4:40 AM CET


Lavasoft Personal Firewall offers enhanced protection
Lavasoft, the world leading anti-spyware vendor has established a partnership with Agnitum, the leader in security and privacy software for home and office PCs. Lavasoft will integrate Agnitum’s Outpost Firewall Pro engine – re-branded as Lavasoft Personal Firewall. [more]
Monday, 7 November 2005, 4:30 AM CET


Sarbanes-Oxley adds costs but pushes preparation
It's important to ensure that top executives and board members take compliance seriously enough. [more]
Monday, 7 November 2005, 4:27 AM CET


FBI pushing Patriot Act powers
Lawmakers expressed concern Sunday that the FBI was aggressively pushing the powers of the anti-terrorist USA Patriot Act to access private phone and financial records of ordinary people. [more]
Monday, 7 November 2005, 4:12 AM CET


Web applications worms – the next Internet infestation
While organizations rush to develop their security policies and implement even a basic security foundation, the professional hacker continues to find new ways to attack. Their attention has reverted to the application-layer, either shrink-wrapped or custom applications, which is commonly the least protected layer of an organization’s network. [more]
Monday, 7 November 2005, 4:02 AM CET


Readers rate desktop firewalls
Here are your top recommendations for the best desktop firewalls. [more]
Monday, 7 November 2005, 3:46 AM CET


Juniper hires Cisco hacker
It looks like there is life after Black Hat for Michael Lynn, after all. [more]
Monday, 7 November 2005, 3:03 AM CET


Windows rootkits in 2005, part one
In 2005, the bar has been raised in the arena of malicious software. [more]
Monday, 7 November 2005, 2:43 AM CET


Creating and using a self signed SSL certificates in debian
This document covers a very specific, limited purpose, but one that meets a common need: preventing browser, mail, and other clients from complaining about the certificates installed on your server. [more]
Monday, 7 November 2005, 2:29 AM CET


Replacing FTP and Telnet in cross-platform networks
This document is intended for IT professionals who need to secure FTP, Telnet and other system administration connections in heterogeneous environments. [more]
Monday, 7 November 2005, 2:19 AM CET


Security-spooked users slap Sony CD on Amazon
Customers have used Amazon.com's review feature to slam a Sony CD implicated in a security and copy-protection brouhaha, reducing the online retailer's rating for the Van Zant album, "Get Right with the Man," from three-and-a-half stars to just one-and-a-half in the space of a few days. [more]
Monday, 7 November 2005, 2:01 AM CET


Court shock: denial of service attacks not illegal
A judge has ruled that denial of service attacks are not illegal under the UK's outdated Computer Misuse Act. [more]
Friday, 4 November 2005, 7:24 PM CET


Microsoft pushes for federal privacy legislation
Brad Smith, the firm's general counsel, did not endorse a specific bill but said a single national standard is better than the sometimes contradictory patchwork of existing laws around the country. [more]
Friday, 4 November 2005, 7:19 PM CET


Malware now doing the DNS switcheroo
Simple phishing attack avoids the hosts files and instead replaces a victim's DNS servers with the addresses of attacker-controlled servers. [more]
Friday, 4 November 2005, 7:18 PM CET


All-in-one security appliances
An all-in-one security appliance provides protection against a multitude of threats without adding to your device-management burden. Here's how to choose the right model for your organization. [more]
Friday, 4 November 2005, 9:54 AM CET


Microsoft patches break some Web sites
Bulletins removed "unsafe functionality" and change how the browser handles ActiveX controls. [more]
Friday, 4 November 2005, 3:25 AM CET


Sony issues patch as hackers pounce on rootkit
Reacting to criticism of its CD copy protection, Sony on Wednesday posted a patch that reveals files previously hidden by a rootkit. [more]
Friday, 4 November 2005, 3:06 AM CET


Basic iptables
This document will serve as a basic how-to on using iptables. [more]
Friday, 4 November 2005, 2:53 AM CET


Microsoft hails security focus in Web services package
Offering functions with Visual Studio 2005, .Net Framework 2.0. [more]
Friday, 4 November 2005, 2:30 AM CET


Offshoring pushes BS7799 security
Offshoring specialists are using security certification to assure firms that data is safe. [more]
Friday, 4 November 2005, 2:11 AM CET


Harmless Oracle worm raises security fears
Gray Hat hackers have posted proof-of-concept code for a worm designed to spread using vulnerabilities in Oracle's database software. [more]
Friday, 4 November 2005, 1:49 AM CET


Sun revamps disaster recovery offering
Sun Microsystems has revamped its Java Availability Suite (JAS) with the addition of Sun Cluster Geographic Edition. [more]
Friday, 4 November 2005, 1:34 AM CET


What e-mail hackers know that you don't
This document outlines how hackers are exploiting vulnerabilities in e-mail systems, and describes the widely available hacking tools they use. [more]
Friday, 4 November 2005, 1:16 AM CET


Teen hacker escapes punishment
Judgement throws Computer Misuse law into doubt. [more]
Friday, 4 November 2005, 1:05 AM CET


Fatal flaw weakens RFID passports
In 2004, when the U.S. State Department first started talking about embedding RFID chips in passports, the outcry from privacy advocates was huge. [more]
Thursday, 3 November 2005, 3:52 PM CET


Mobile Internet: cheap wins over security
Bengt Nordström of inCode gives his take on how the mobile market is evolving. [more]
Thursday, 3 November 2005, 3:50 PM CET


Black Hat presentation yields another Cisco bug
Cisco has discovered a critical bug in the operating system used to power its routers, the company announced Wednesday. [more]
Thursday, 3 November 2005, 8:49 AM CET


Invasion of the Stock hackers
An alarmed SEC says that teams of thieves are lifting passwords from home PCs - and emptying online brokerage accounts. [more]
Thursday, 3 November 2005, 8:39 AM CET


Microsoft turns bounty hunter to fight IT crime
Microsoft’s chief of security talks about tackling cyber crime. [more]
Thursday, 3 November 2005, 4:03 AM CET


Build extra secure Web applications
Developers constantly fight the problems associated with action and data tampering in Web applications. [more]
Thursday, 3 November 2005, 3:36 AM CET


HSBC readies online user authentication
Banking giant strengthens arsenal against online fraud. [more]
Thursday, 3 November 2005, 3:12 AM CET


Swedish programmer in Greek spam probe protests innocence
Beware of Geeks bearing computers. [more]
Thursday, 3 November 2005, 2:41 AM CET


Managing Samba: Windows network ID basics
Linux administrators are keen to learn how better to manage Samba and how to meet the growing demand of network security and audit-ability. [more]
Thursday, 3 November 2005, 2:28 AM CET


Integrated security defense systems
With the growing need for security and the increased pressures to manage disparate technologies, IT managers are looking for new ways to lessen the burden security measures may make on their day-to-day life. [more]
Thursday, 3 November 2005, 2:25 AM CET


Trying out the new OpenBSD 3.8
OpenBSD, the proactively secure Unix-like operating system, released version 3.8. [more]
Thursday, 3 November 2005, 1:54 AM CET


Oracle worm proof-of-concept
The worm uses the UTL_TCP package to scan for remote Oracle databases on the same local network. [more]
Thursday, 3 November 2005, 1:48 AM CET


Data laws raise security worries
Compliance creates difficulties securing corporate data. [more]
Thursday, 3 November 2005, 1:27 AM CET


Sun asks Java developers to help test security technology
The goal is to find and fix any holes in its new Java Verifier. [more]
Thursday, 3 November 2005, 12:56 AM CET


Tiger's improved firewall (and how to use it)
As with all the major upgrades to OS X, Apple has made much of the many enhancements and new features available in Tiger. [more]
Thursday, 3 November 2005, 12:41 AM CET


Bots in the A/C, spyware in the fridge
Someday, hackers will target the computers in your air conditioner, refrigerator and TV. What can security professionals do about it? [more]
Wednesday, 2 November 2005, 2:37 PM CET


Yet another eBay phish
A new kind of eBay phishing attempt is going around. [more]
Wednesday, 2 November 2005, 2:27 PM CET


Your next IM could be your network's last
A significant rise in instant messaging threats will eventually lead to an automated worm that will strike hundreds of thousands of machines in seconds, IM security firms warn. [more]
Wednesday, 2 November 2005, 1:44 PM CET


Trojan masquerades as bird flu warning
A Trojan pretending to be a briefing on bird flu is doing the rounds. [more]
Wednesday, 2 November 2005, 1:42 PM CET


Secured wireless offers a lot to enterprises
For many small and midsize businesses, every day brings the challenge of competing against the so-called “big boys”: Wal-Mart, K-Mart, Sears, Target, Home Depot. [more]
Wednesday, 2 November 2005, 12:58 PM CET


Vulnerable security algorithms raise concerns
Industry experts agree that the future of two widely used security algorithms is fated, but with no clear alternatives in sight products that rely on them may have to remain "good enough" for some time. [more]
Wednesday, 2 November 2005, 12:06 PM CET


Balancing surveillance
With camera and network surveillance now commonplace, and database abuse continuing to appear, how do we balance the positive side of security along with its potential for abuse? [more]
Wednesday, 2 November 2005, 11:44 AM CET


Jail for eBay phishing fraudster
The leader of an identity fraud gang which stole almost £200,000 has been jailed for four years. [more]
Wednesday, 2 November 2005, 3:36 AM CET


The importance of Web application scanning
Organizations need a Web application scanning solution that can scan for security loopholes in Web-based applications to prevent would-be hackers from gaining unauthorized access to corporate applications and data. [more]
Wednesday, 2 November 2005, 3:12 AM CET


My sysadmin toolbox
Every administrator has a set of software tools that he just can't live without. [more]
Wednesday, 2 November 2005, 1:58 AM CET


Data security: it's not just for secret agents anymore
Employees are reminded to guard their company's proprietary information, laptop users are warned constantly about the threat of theft and home users are becoming more wary of identity theft. [more]
Wednesday, 2 November 2005, 1:40 AM CET


Latest bot continues to aim for AIM users
The latest variant of SDBot spreads through America Online instant messaging software. [more]
Wednesday, 2 November 2005, 1:38 AM CET


Shout goes out over PHP security bugs
Security researchers have identified numerous new vulnerabilities in PHP - the popular, open source web development environment. [more]
Wednesday, 2 November 2005, 12:58 AM CET


Network monitoring with Cacti
Cacti, a graphing program for network statistics, is designed to be easy for relatively inexperienced systems administrators to use. [more]
Wednesday, 2 November 2005, 12:52 AM CET


Security event management gets specialized
SEM technology is moving beyond log correlation to help architects mitigate attacks, address compliance reporting needs, and monitor critical assets. [more]
Wednesday, 2 November 2005, 12:40 AM CET


Preventing fraud is within our grasp
IPv6 was announced four years ago. Where is it now that it is really needed? asks Keith Humphreys. [more]
Wednesday, 2 November 2005, 12:35 AM CET


Is VoIP ripe for attack?
"As soon as the enterprise opens up VoIP to the Internet, they put a potentially huge security hole in their network," Andrew Graydon, vice president of technology at BorderWare Technologies, says. Essentially the days of closed corporate VoIP systems are over. [more]
Wednesday, 2 November 2005, 12:32 AM CET


The "Sony rootkit" case
There's been some recent developments in digital rights management systems (DRM) that have security implications. Some DRM systems have started to use rootkit technology. [more]
Tuesday, 1 November 2005, 6:36 PM CET


Coordinating access control systems
Integrating physical controls such as door locks with logical access controls like smart cards will improve security and cut costs. [more]
Tuesday, 1 November 2005, 11:12 AM CET


Notebook security a problem on college, corporate campuses
"When you apply these survey results to everyday corporate life, you realize that millions of dollars and the future of these companies are at stake," said Bob Heard, chief executive officer of Credant Technologies, a data encryption technology developer. "Even a single security breach can send stock prices plummeting." [more]
Tuesday, 1 November 2005, 11:10 AM CET


Botnets turning into spyware enemy No. 1
The security industry has had a hard time defining spyware, much less eliminating it. But according to many, there's one type of spyware that's among the most dangerous: the botnet. [more]
Tuesday, 1 November 2005, 12:25 AM CET


WSE 3.0 and secure Web services
Mark Fussell discusses the driving goals for the WSE 3.0 release, how security best practices have been incorporated by introducing "turnkey security scenarios" and the relationship between WSE 3.0 and Windows Communication Foundation (WCF), the future Web Services platform from Microsoft. [more]
Tuesday, 1 November 2005, 12:24 AM CET


Sun to put Java security upgrade to the test
Sun Microsystems is seeking to revamp the way in which security is executed in Java and wants developers to try to break the new paradigm to gauge its effectiveness. [more]
Tuesday, 1 November 2005, 12:16 AM CET


Spotlight

The synergy of hackers and tools at the Black Hat Arsenal

Posted on 27 August 2014.  |  Tucked away from the glamour of the vendor booths and the large presentation rooms filled with rockstar sessions, was the Arsenal - a place where developers were able to present their security tools and grow their community.


Weekly newsletter

Reading our newsletter every Monday will keep you up-to-date with security news.
  



Daily digest

Receive a daily digest of the latest security news.
  

DON'T
MISS

Mon, Sep 1st
    COPYRIGHT 1998-2014 BY HELP NET SECURITY.   // READ OUR PRIVACY POLICY // ABOUT US // ADVERTISE //