Off the Wire

Off The Wire Archive

News items for December 2002

The Spam Problem: Moving Beyond RBLs
Alternatives to Realtime Blackhole Lists (RBLs) should be actively deployed because of serious well-known problems with the RBL spam filtering technique. [more]
Tuesday, 31 December 2002, 5:26 PM CET

Six top security issues for executives
To succeed, you must know your enemy as well as your own strengths and weaknesses. The following are six issues of which executives should be aware to protect their systems. [more]
Tuesday, 31 December 2002, 5:18 PM CET

Toward a More Secure 2003
The challenges to info-tech security will surely be daunting, and companies' efforts to stay safe will have to keep increasing. [more]
Tuesday, 31 December 2002, 5:11 PM CET

The Year Ahead: The future of viruses
In 2002, users and companies got a respite from the disruptive viruses of 2001. But a more sophisticated generation of worms is on the way. [more]
Tuesday, 31 December 2002, 5:10 PM CET

HNS Newsletter Issue 142 has been released
You can read the Newsletter in TXT or PDF format. If you haven't done it yet, consider subscribing. This issue is sponsored by ScannerX. [more]
Monday, 30 December 2002, 11:54 PM CET

Cryptosystems: Configuring IPSec
The author is demonstrating a tunnel between two FreeBSD machines acting as VPN gateways. [more]
Monday, 30 December 2002, 10:38 PM CET

So Many Holes, So Few Hacks
Hole after hole, breach after breach, flaw after flaw is found - and most of the time, it's in a Windows system. Yet hackers generally don't exploit them. Why is that? [more]
Monday, 30 December 2002, 10:27 PM CET

Sect members jailed in station takeover
Eight members of Falun Gong were sentenced to as many as 13 years in prison for taking over local television and radio signals in eastern China's Anhui Province. [more]
Monday, 30 December 2002, 10:24 PM CET

Identity thieves catch the unwary
Authorities are struggling to combat a computer-based crime wave, writes Peter Huck. [more]
Monday, 30 December 2002, 10:21 PM CET

Year in Privacy: Citizens Lose
Each year, governments chip away at citizens' civil liberties. It's a tactic the United States condemned during the Cold War but now uses in the war on terror. [more]
Monday, 30 December 2002, 10:17 PM CET

Book Review: SQL Server Security Distilled
Securing SQL Server is one of the most important responsibilities of the SQL Server professional. [more]
Monday, 30 December 2002, 9:52 PM CET

The Cybersecurity Industrial Complex
The Feds have a massive, multiagency plan to protect the national information infrastructure. Get ready for IT police and network smart bombs. [more]
Friday, 27 December 2002, 1:19 PM CET

Security Through Elbow Grease
One of the reasons infosecurity is so hard is that you have to know not only what to do--what products to deploy, what policies to implement, what compromises to make--but what not to do. [more]
Friday, 27 December 2002, 1:12 PM CET

Securing Outlook, Part Two: Many Choices to Make
The first article offered a brief overview of Outlook, as well as some of the threats that undermine its security. This article will look at some more things that Outlook users can do to improve their e-mail security. [more]
Friday, 27 December 2002, 8:46 AM CET

Government agencies plug leaks in wireless networks
The Meteorological Agency and the Tokyo metropolitan government stopped using wireless local area networks after learning data was wide open to anyone with the will and the right software. [more]
Friday, 27 December 2002, 8:38 AM CET

Eric Janszen from Bluesocket Inc. on wireless security
"The past year has shown great improvements in terms of products and standards evolution toward delivering secure, production-quality wireless networks." [more]
Tuesday, 24 December 2002, 12:41 PM CET

White House plans wide monitoring of Net
The White House is proposing a monitoring center to detect and defend against major attacks, but the Bush administration sought to ease worries it might scrutinize individual users' e-mails. [more]
Tuesday, 24 December 2002, 12:31 PM CET

Who's Got Root? Find Out With Tripwire
Your network groans under the weight of monitors and alarms. If an intruder slides through all the barriers and successfully cozies into a snug corner, how will you know? [more]
Tuesday, 24 December 2002, 12:27 PM CET

IDC: Tech Bucks, Hack Threats Up
Market researcher IDC pulls out its crystal ball and proclaims its technology market predictions for 2003. But what do competing analysts have to say about IDC's forecasts? [more]
Tuesday, 24 December 2002, 12:23 PM CET

The Position of Sophos in the Anti-Virus World
Michel Lanaspèze, Manager of Marketing and Communication Sophos France, talks in detail about Sophos: history, current market status and products. [more]
Monday, 23 December 2002, 6:22 PM CET

Security Year in Review by Mark Finan
"2002 has seen the convergence of a number of factors that will be the springboard for the security market in 2003 and, more specifically, the growth of the market for secure backup of critical data." [more]
Monday, 23 December 2002, 3:39 PM CET

Security Year in Review by Mixter
"It's not easy to say, but I would say that this year was (unfortunately) very politically dominated, with new anti-hacking laws coming into place, especially in the US, and so on." [more]
Monday, 23 December 2002, 3:39 PM CET

Security Year in Review by Melisa LaBancz
"In my opinion the security scene has gone from being very heavily virus and random hacker oriented to focusing on the possibility of cyberterrorism and internal/external massive hacks." [more]
Monday, 23 December 2002, 3:38 PM CET

HNS Newsletter Issue 141 has been released
You can read the Newsletter in TXT or PDF format. If you haven't done it yet, consider subscribing. This issue is sponsored by ScannerX. [more]
Monday, 23 December 2002, 3:36 PM CET

US defends Web security plan
A new plan to prevent cyberattacks has raised concerns that the US government will be prying into individuals' online activities. [more]
Monday, 23 December 2002, 2:16 PM CET

'Twas the Night Before Christmas, 2002
The year in review, in verse. [more]
Monday, 23 December 2002, 2:00 PM CET

Sklyarov reflects on DMCA travails
Programmer Dmitry Sklyarov thinks it was unfair of prosecutors to play his videotaped deposition at the ElcomSoft trial rather than calling him to the stand. [more]
Monday, 23 December 2002, 1:52 PM CET

The Code That Cuts Both Ways
The focus on computer security has never been more intense, and the debate over disclosure has never been hotter. [more]
Monday, 23 December 2002, 1:44 PM CET

Welsh Virus Writer Pleads Guilty for Creating Three Worms
Simon Vallor, a 21 year old web designer from North Wales, has today pleaded guilty to charges of writing and distributing three mass-mailing computer viruses. [more]
Friday, 20 December 2002, 7:07 PM CET

Weekly Virus Report
The malicious code described in this week's report include a macro virus called Laroux.MW and the following computer worms: Napp, Lioten, Prestige.B and Lentin.G. [more]
Friday, 20 December 2002, 7:06 PM CET

Zero-Interaction Authentication
In order to have non-intrusive encryption the authors propose Zero-Interaction Authentication where a user wears a small authentication token that communicates with a laptop over a short-range, wireless link. [more]
Friday, 20 December 2002, 4:24 PM CET

O'Reilly releases a book on 802.11 security
802.11 Security by authors Bruce Potter and Bob Fleck gives you a broad basis in theory and practice of wireless security, dispelling some of the myths along the way. [more]
Friday, 20 December 2002, 4:22 PM CET

RSA Security Enhances Security for Wireless LAN Environments
Organizations are now able to protect access to their wireless LANs with RSA SecurID two-factor authentication software. [more]
Friday, 20 December 2002, 4:21 PM CET

Encryption in the Enterprise
Although point-to-point encryption can keep competitors and would-be crackers at bay, internal encryption can cause some security problems of its own. [more]
Friday, 20 December 2002, 3:19 PM CET

Terrorists on the Net? Who Cares?
A former tech expert for the feds claims in a report that the threat that terrorist-hackers might "bring the nation to its knees" is overblown. [more]
Friday, 20 December 2002, 1:00 PM CET

NT OBJECTives - focusing on securing web services
NT OBJECTives released the Fire & Water Toolkit - a collection of cohesive, interactive command line tools that perform network discovery, mapping, assessment, reporting and strong web server defense. [more]
Thursday, 19 December 2002, 4:00 PM CET

Sofaware Releases Safe@ 3.0
SofaWare Technologies launched Safe@ 3.0, bringing enterprise-class security to the small businesses and consumers. [more]
Thursday, 19 December 2002, 3:44 PM CET

Tips for Safe Holiday Online Purchasing
While the shopping frenzy is at its all-year high, McAfee launched an educational campaign called Safe Holiday Online Purchasing (SHOP). [more]
Thursday, 19 December 2002, 3:42 PM CET

Session Fixation Vulnerability in Web-based Applications
The paper provides detailed information about exploiting vulnerable systems as well as recommendations for protecting them against session fixation attacks. [more]
Thursday, 19 December 2002, 2:34 PM CET

Internet Cleanup 3.0 Protects Your Privacy
Aladdin Systems, Inc. (not to be confused with Aladdin Knowledge Systems) announced a new version of Internet Cleanup, software recently acquired from Kroll Ontrack. [more]
Thursday, 19 December 2002, 2:31 PM CET

Keep smartcards stupid
Neil Barrett writes: "For as long as I can recall - and I once worked for a major smartcard company - next year has always been 'the year that smartcards finally make it'". [more]
Thursday, 19 December 2002, 2:27 PM CET

Web services specs focus on security
A group of companies led by IBM and Microsoft published a series of specifications designed to make Web services more secure. [more]
Thursday, 19 December 2002, 2:20 PM CET

The snoop-proof laptop
Losing a laptop computer is one of the hazards of the mobile age. But laptops and the data they contain do not have to be lost for snoopers to get hold of their secrets. [more]
Thursday, 19 December 2002, 2:15 PM CET

E-card virus warning for Christmas
As every year, computer viruses are hiding behind some Christmas e-cards, wrecking the season of goodwill. [more]
Thursday, 19 December 2002, 2:12 PM CET

Security response in a midsize office
How can you make security more effective under the constraints of a small or medium-size company? [more]
Thursday, 19 December 2002, 2:11 PM CET

Ubizen on E-Business Security
At the RSA Conference 2002 we met up with Ubizen people and talked about their company, managed security services and the state of security in general. [more]
Wednesday, 18 December 2002, 4:36 PM CET

Security Year in Review: VPNs and Firewalls
Here's an overview of happenings in the VPN and firewall market during 2002 with exclusive comments from David Flynn, Vice President of Marketing at NetScreen Technologies. [more]
Wednesday, 18 December 2002, 3:48 PM CET

Iraq Oil Worm Targeting TCP Port 445
The worm propagates by generating a psuedo-random IP address and exploiting hosts with a specific weak security configuration. [more]
Wednesday, 18 December 2002, 1:30 PM CET

F-Secure Corporation's Data Security Summary for 2002
In 2002, the data security world was characterized by new types of threats. Virus outbreaks in Linux systems, attacks utilizing open source code, breaks into home computers kept data security companies busy. [more]
Wednesday, 18 December 2002, 1:27 PM CET

OpenAV: Developing Open Source AntiVirus Engines
This article will take a look at the OpenAntiVirus AV engine, assess its progress so far, and offer some suggestions of how the developers can continue to develop it. [more]
Wednesday, 18 December 2002, 1:24 PM CET

Computer crime center opens
The state's new computer- crime center signals greater cooperation between federal and state police, which is key to the future of the FBI, its director said Tuesday. [more]
Wednesday, 18 December 2002, 1:21 PM CET

Microsoft's Patching Problem
"They're good at responding when you start bashing them in public," Larholm said of Microsoft. "They can be a bit slow sometimes when you write them privately." [more]
Wednesday, 18 December 2002, 1:14 PM CET

Russian firm found innocent in copyright trial
A federal jury acquitted Elcomsoft that was charged with digital copyright violation for creating a program that cracks the security features of Adobe Systems' electronic book software. [more]
Wednesday, 18 December 2002, 1:11 PM CET

Nearly $7M awarded in spam case
America Online has won a court judgment for nearly $7 million in damages against what it termed a "spam ring" that bombarded AOL members with junk e-mail pitching adult Web sites. [more]
Wednesday, 18 December 2002, 1:09 PM CET

Protecting Port 80 with "Security Gateway"
Blue Coat Systems Security Gateway appliances are made for organizations to accelerate the content coming from and going to the Internet and to make the Internet access as secure as possible. [more]
Tuesday, 17 December 2002, 5:55 AM CET

Book Review: Wireless Security and Privacy
Wireless security is certainly one of this year's hot topics. Everybody is talking about wardriving, warchalking, and so on. This is just the perfect time to release a book like this. [more]
Tuesday, 17 December 2002, 5:54 AM CET

Software, Security, and Ethnicity
The U.S. government's probe at software maker Ptech, owned by a Lebanese, has lots in common in with the 1998 Wen Ho Lee case. [more]
Tuesday, 17 December 2002, 4:57 AM CET

DEA Data Thief Sentenced to 27 Months
Federal agent earned cash on the side with his own information awareness program. [more]
Tuesday, 17 December 2002, 4:56 AM CET

If It Ain't Broke See If It's Fixed
Attackers are still compromising servers with well-known attacks. General awareness can assist the busy administrators and users to protect their systems from these kinds of attacks. [more]
Tuesday, 17 December 2002, 3:38 AM CET

Infosecurity: Attendance up, some vendors were no-shows
Although attendees and exhibitors spoke of a subdued Infosecurity 2002 show, attendance was up across the board at the annual trade show, according to show organizers. [more]
Tuesday, 17 December 2002, 3:34 AM CET

Buried By The Authentication Avalanche
With identity theft on the rampage, network managers are being hit by an increasing barrage of software, hardware and services for user authentication. [more]
Tuesday, 17 December 2002, 3:32 AM CET

Interview with Bob Toxen, author of "Real World Linux Security"
Bob Toxen has 28 years of UNIX/Linux experience, he's one of the 162 recognized developers of Berkeley UNIX. He is the author of the acclaimed book "Real World Linux Security" already in its 2nd edition. [more]
Monday, 16 December 2002, 2:35 PM CET

Security Year in Review: Honeypots
This has been a great year for honeypots, finally this method of collecting security information got its deserved place under the spotlight. Lance Spitzner shares his thoughts on the subject. [more]
Monday, 16 December 2002, 2:33 PM CET

Backup Securely with Backup Professional
At the RSA Conference 2002 we talked with Roy Davies, Director of Corporate Affairs at Attix5. Attix5 is the market leader in the development of remote, managed and secure backup and retrieval software. [more]
Monday, 16 December 2002, 2:28 PM CET

HNS Newsletter Issue 140 has been released
You can read the Newsletter in TXT or PDF format. If you haven't done it yet, consider subscribing. This issue is sponsored by Qualys, get their FREE guide on strengthening network security. [more]
Monday, 16 December 2002, 2:19 PM CET

E-mail security warning for MPs
Urgent steps are needed to improve awareness among MPs and civil servants over which e-mails are secure and which are not, ministers have been warned. [more]
Monday, 16 December 2002, 2:02 PM CET

IDC predicts strong security app sales
Market forecasts made by researchers with International Data Corp suggest that integrated hardware appliances will next year become the primary purchase target for enterprises buying security software. [more]
Monday, 16 December 2002, 12:17 PM CET

VPNs and IPSec Demystified
This article will give you enough background information to create an IPSec VPN on your FreeBSD box. [more]
Monday, 16 December 2002, 11:58 AM CET

ElcomSoft Jury Asks for Law Text
There's no verdict yet in the trial of Russian softare maker ElcomSoft for criminal violations of the Digital Millennium Copyright Act. Instead, jurors request a copy of the law -- all 100-plus pages of it. [more]
Monday, 16 December 2002, 11:56 AM CET

2003 Survivor's Guide to Security
Identify what you need to protect, from physical assets to digital data. Then consider how your applications function, what access these applications and your users need, and who will be using the information. [more]
Monday, 16 December 2002, 11:54 AM CET

Keeping Track of John Poindexter
Online pranksters have turned the tables on the man behind the government's controversial Total Information Awareness effort. [more]
Monday, 16 December 2002, 11:52 AM CET

Software Review: Panda Antivirus Titanium
This is an anti virus product meant for home users. Lately, it has been recognized in several computer magazines as being one of the be best AV solutions out there. Read more to see it in action. [more]
Friday, 13 December 2002, 2:54 PM CET

Array Networks Delivers Network Traffic Analysis
Array Networks announced the new Array SR Series, the first wire-speed network traffic analyzer designed to detect potential security breaches and network abuse across TCP/IP-based protocols. [more]
Friday, 13 December 2002, 11:39 AM CET

Protect your Macintosh with MacScan announced the release of their first security application to protect the Macintosh from spyware and applications that could offer remote access when improperly configured. [more]
Friday, 13 December 2002, 11:38 AM CET

Q&A: Sprint's CSO, Robert Fox, defines his role
Sprint's chief security officer talks about his role overseeing both physical and IT security at the telecommunications provider. [more]
Friday, 13 December 2002, 10:58 AM CET

Spam may overtake e-mail in 2003
MessageLabs says e-mail threats, including viruses and spam, are increasing at an "alarming rate." [more]
Friday, 13 December 2002, 10:39 AM CET

Belgium gets smart about identity
The Belgian government hopes that within five years every citizen will be carrying a new electronic identity card. But will the new 'smart' IDs prove to be the citizenís friend or Big Brotherís little helper? [more]
Friday, 13 December 2002, 10:35 AM CET

IDC: Cyberterror to hit in 2003
A major cyberterrorism event will occur in 2003, a technology research group predicted on Thursday, one that will disrupt the economy and bring the Internet to its knees for at least a day or two. [more]
Friday, 13 December 2002, 10:34 AM CET

ElcomSoft Case in Jurors' Hands
Russian software company ElcomSoft, standing trial in U.S. District Court for selling software that cracked copy protection in Adobe e-books, rests its legal fate with the jury. [more]
Friday, 13 December 2002, 10:23 AM CET

Wardriving for Wi-Fi
Hotspotting for oozing radio waves points to security concerns. [more]
Friday, 13 December 2002, 10:18 AM CET

Microsoft Releases Three More Security Bulletins
In yet another combo pack, Microsoft released 3 security bulletins. The bulletins which are labeled from moderate to critical, deal with Microsoft VM, Windows 2000, XP and NT 4 security problems. [more]
Thursday, 12 December 2002, 7:03 PM CET

New "Prestige" Worm Uses Social Engineering
Panda Software has detected a new e-mail worm called Prestige, which refers to the recent catastrophe involving an oil tanker of the same name off the north coast of Spain. [more]
Thursday, 12 December 2002, 6:41 PM CET

Novell releases a new UDDI server
Novell announced the availability of a new Universal Description, Discovery and Integration server that adds secure identity management to the UDDI standard. [more]
Thursday, 12 December 2002, 3:50 PM CET

Truste tightens requirements for its seal of approval
A leading privacy seal group, Truste, has toughened its privacy seal licensing requirements as well as its ability to monitor the privacy practices of Web sites that display its seal. [more]
Thursday, 12 December 2002, 12:08 PM CET

Infosecurity: Unisys minding the security gap
With fresh statistics that show gaping holes in the security preparedness of companies, Unisys announced a new initiative that will help companies improve security readiness. [more]
Thursday, 12 December 2002, 12:05 PM CET

Rooting Out Corrupted Code
Is there a backdoor on your system? A project from the Shmoo Group could help network administrators spot altered programs. [more]
Thursday, 12 December 2002, 12:00 PM CET

Denmark Bills Users for Downloads
A Danish anti-piracy group has begun charging individuals for illegal copies of music, film and software. Could this be the shape of things to come in the United States? [more]
Thursday, 12 December 2002, 11:43 AM CET

Law may be updated to cover DoS attacks
Concerns that some types of hacking might not be covered by the UK's Computer Misuse Act could prompt changes to the law, following strong lobbying from industry. [more]
Thursday, 12 December 2002, 11:42 AM CET

All bugs are created equal
ISS has promised to handle security vulnerabilities affecting open source and Windows platforms the same way following criticism of its premature disclosure of open source security problems. [more]
Thursday, 12 December 2002, 11:41 AM CET

Secure Passwordless Logins with SSH Part 1
How to create passwordless logins to allow remote administration tasks securely with SSH. [more]
Thursday, 12 December 2002, 11:40 AM CET

Securify Announces SecurVantage Enterprise Reporting
Securify, Inc., developers of SecurVantage automated security system, announced the addition of rich reporting functionality into their flagship product. [more]
Wednesday, 11 December 2002, 3:50 PM CET

Transparent Document Security For Microsoft Office Launched
Adhaero Technologies, released Adhaero Doc - a comprehensive solution that encrypts and controls the use of Microsoft Office documents and emails. [more]
Wednesday, 11 December 2002, 3:46 PM CET

New Version of WebWasher Classic Released
Following the success of WebWasher Enterprise Edition and Protected Gateway editions, Germany based AG, announced the new version of WebWasher Classic. [more]
Wednesday, 11 December 2002, 3:45 PM CET

RSA Conference 2003 Details
Organizers of the RSA Conference, the world's leading e-security event, unveiled the educational program for RSA Conference 2003, which will be held April 13-17 at San Francisco's Moscone Center. [more]
Wednesday, 11 December 2002, 3:20 PM CET

New Generation of SME VPN Firewall Products
SnapGear Inc. has augmented their VPN Firewall gateway lineup with new security products developed expressly for the small-medium enterprise marketplace. [more]
Wednesday, 11 December 2002, 3:19 PM CET

nCipher secures Web Services
nCipher announced a strategy that aligns its hardware-based encryption products as a basis for securing XML-based applications and Web Services. [more]
Wednesday, 11 December 2002, 3:18 PM CET

Living with Worms, Viruses and Daily Security
Complicated applications and slipshod development keep security pros one step behind. [more]
Wednesday, 11 December 2002, 1:24 PM CET

Securing Outlook, Part One: Initial Configuration
This article is the first of a two-part article that will examine ways that Outlook users can secure their email client. [more]
Wednesday, 11 December 2002, 1:22 PM CET

Threats move beyond Linux to Windows
UNIX admins have been dealing with rootkits since the early 1990s. Now, Windows admins must get up to speed, because rootkits are also being used to attack Windows NT and 2000 systems. [more]
Wednesday, 11 December 2002, 1:20 PM CET

Report suggests ID alternatives
National Electronic Commerce Coordinating Council proposes a 'confederated' system. [more]
Wednesday, 11 December 2002, 1:10 PM CET

eEye Digital Security Raises Additional $9 Million
eEye Digital Security announced that they have raised $9 million in the Series C financing round. [more]
Tuesday, 10 December 2002, 1:42 PM CET

Jon Lech Johansen denies DVD pirating
Johansen's attorney, Halvor Manshaus, said the teen cannot be convicted of breaking into a DVD that he bought and legally owned. [more]
Tuesday, 10 December 2002, 1:28 PM CET

Stopping Viruses at the Gate
In the past, many companies relied on desktop antivirus software to protect against malicious code, but that approach is no longer sufficient on its own. [more]
Tuesday, 10 December 2002, 1:22 PM CET

The Dangers of Do-It-Yourself Security
Beware the misuse of vulnerability-testing software. [more]
Tuesday, 10 December 2002, 12:56 PM CET

It's Not Easy Being Breached
Surviving a security incident is just the beginning. Then you need to figure out what it really cost. [more]
Tuesday, 10 December 2002, 12:13 PM CET

Germany cautious on Microsoft security
The German government is worried about federal agencies adopting Microsoft's upcoming Palladium security technology, fearing the system could lead to higher costs. [more]
Tuesday, 10 December 2002, 12:08 PM CET

Complex Networks Too Easy to Hack
Telecommunications executives advise the FCC on protecting US complex networks from attack by newbie and experienced attackers. [more]
Tuesday, 10 December 2002, 12:00 PM CET

Security by numbers?
An Aberdeen Group report claims that open source is less secure than Windows. And how did they come to this profound conclusion? [more]
Tuesday, 10 December 2002, 11:52 AM CET

Nagios - a feature-rich network monitoring package
Its displays provide current information about system or resource status across an entire network. It can also send alerts and perform other actions when problems are detected. [more]
Tuesday, 10 December 2002, 11:40 AM CET

UK Police Offer Cyber-Crime Victim Firms Anonymity
Britain's digital crime-fighting force said it will grant businesses victimized by digital attacks full anonymity if they come forward, an effort to jumpstart investigations into the growing wave of cyber crime. [more]
Tuesday, 10 December 2002, 10:49 AM CET

HNS Newsletter Issue 139 has been released
You can read the Newsletter in TXT or PDF format. If you haven't done it yet, consider subscribing. This issue is sponsored by ScannerX. [more]
Monday, 9 December 2002, 9:19 PM CET

WorldCom Announces their Anti-Spam Solution
The WorldCom Internet Managed Scanning Service is an anti-spam service that enables customers to effectively counteract the costs and lost productivity incurred by unsolicited emails. [more]
Monday, 9 December 2002, 7:52 PM CET

NAI Secures High-Speed Wireless Networks With Sniffer Wireless
Network Associates announced new security and management for high-speed wireless networks through its Sniffer Wireless solution. [more]
Monday, 9 December 2002, 7:50 PM CET

DeCSS author goes on trial
Jon Lech Johansen was only 15 when he wrote DeCSS. The case is seen as an important test of Norway's strict laws against computer piracy and hacking. [more]
Monday, 9 December 2002, 4:59 PM CET

Customs searches software firm near Boston
Customs agents searched a high-tech company looking for evidence that the software provider - which has numerous government agencies as clients - may have ties to al Qaeda. [more]
Monday, 9 December 2002, 4:42 PM CET

Report: Spam not a problem at work
Contrary to popular belief, the majority of American office workers arenít overwhelmed with spam, and most consider e-mail very valuable in helping them do their jobs, a new study shows. [more]
Monday, 9 December 2002, 1:40 PM CET

Drop that E-Book or I'll Shoot!
With the first ever criminal DMCA trial halfway over, it's already raising novel legal, jurisdictional and ethical challenges. [more]
Monday, 9 December 2002, 1:39 PM CET

Hacker From the 'Hood Tells All
Ejovi Nuwere survived growing up in a tough Brooklyn neighborhood by learning how to hack -- and doing well at it. His message in his new autobiography: "Kids, don't try most of this at home." [more]
Monday, 9 December 2002, 10:40 AM CET

Setting Up Sophos + Amavis For Postfix
Protecting a system against viruses is an important thing for every system administrator. In this article the author shows us how to install Sophos and Amavis. [more]
Monday, 9 December 2002, 10:22 AM CET

Feds Label Wi-Fi a Terrorist Tool
Attention, Wi-Fi users: The Department of Homeland Security sees wireless networking technology as a terrorist threat. [more]
Monday, 9 December 2002, 10:21 AM CET

New web seminar from Sophos
On Tuesday December 10th, 2002 Sophos will host a web seminar titled "Safe computing: Anti-virus Software Alone is not Enough". [more]
Friday, 6 December 2002, 12:46 PM CET

2600 Australia going to sleep
The group's front-man says: "I changed the front page of to indicate that 2600 Australia is now in maintenance mode. In other words, we're putting it to sleep." [more]
Friday, 6 December 2002, 12:42 PM CET

/etc/inittab - The Most Overlooked Cracker Haven
Crackers can cause their software to be run by adding entries to /etc/inittab, a file frequently missed by administrators. [more]
Friday, 6 December 2002, 12:08 PM CET

VeriSign Announces Trusted Content Delivery for Software Providers
VeriSign, Inc. announced it will be providing a Trusted Content Delivery service for software providers that creates a secure distribution channel for sending software programs and updates over the Internet. [more]
Friday, 6 December 2002, 11:35 AM CET

Tower Records site exposes data
A security hole on Tower Records' Web site exposed data on millions of U.S. and U.K. customers until it was closed late Wednesday. [more]
Friday, 6 December 2002, 11:11 AM CET

Does Research Support Dumping Linux?
Microsoft's security policies are getting better every day, even as a new report slams open-source competitors as security nightmares. But the easy answers aren't always the right ones. [more]
Friday, 6 December 2002, 11:01 AM CET

Charges filed in alleged eBay scam
A Los Angeles man was charged on Wednesday with defrauding eBay buyers on six continents in what prosecutors called one of the largest Internet auctions scams uncovered. [more]
Friday, 6 December 2002, 10:58 AM CET

Trouble With Trojans
A security crisis is starting to emerge in the world of computing. The year 2002 will prove to be the worst year yet for malicious hacking. The following year will probably be worse. [more]
Friday, 6 December 2002, 10:56 AM CET

Adobe: ElcomSoft Outside U.S. Law
A former piracy investigator for Adobe Systems testifies that he did not tell ElcomSoft to stop selling its eBook-cracking program because he didn't think U.S. copyright law crossed international borders. [more]
Friday, 6 December 2002, 10:52 AM CET

Panda Reports the Appearance of the Lagel Worm
Panda Software's Virus Laboratory has been receiving reports of incidents caused by Lagel.A, a new worm that spreads via e-mail. [more]
Thursday, 5 December 2002, 3:32 PM CET

New Year to Bring Nastier Viruses Yet
Many odd factors encourage online pests, but businesses should keep up their guard, security expert says. [more]
Thursday, 5 December 2002, 3:15 PM CET

Ethics in Data Mining and Cryptography
In recent years, computer science has become more of an applied science than a pure discipline. It is true that much of the driving force behind proliferation of computing devices is commercial. [more]
Thursday, 5 December 2002, 3:13 PM CET

Homeland security waiting for Wi-Fi
Security needs to become a priority for users and makers of wireless networking equipment in order to stop insecure connections from being used to attack federal and corporate systems. [more]
Thursday, 5 December 2002, 3:10 PM CET

UK still vulnerable to hackers
Security experts have rejected claims of a dramatic reduction in hack attacks on the UK last month, maintaining that UK websites are no more secure than others. [more]
Thursday, 5 December 2002, 3:06 PM CET

Who goes there?
Identity management tools can help CIOs gain control of who gets access to what and when. [more]
Thursday, 5 December 2002, 1:50 PM CET

Does Cybercrime Still Pay?
Jeff Moss, a.k.a. The Dark Tangent and founder of DefCon, the largest annual hacker convention in the United States, said companies no longer hire hackers who have a police record. [more]
Thursday, 5 December 2002, 1:37 PM CET

Identity Theft More Often an Inside Job
You can take all the steps you want to protect yourself against identity theft: Guard your wallet, shred your personal financial papers before throwing them in the trash, monitor your credit reports. [more]
Thursday, 5 December 2002, 1:32 PM CET

Sybase patches three security holes
Sybase has issued a security patch for three vulnerabilities affecting the newest versions of its database software. [more]
Wednesday, 4 December 2002, 1:56 PM CET

Qualys CTO Receives Industry Recognition
The next issue of InfoWorld Magazine will present in-depth profiles of this year's "25 Most Influential CTOs". One of the "chosen ones" is Gerhard Eschelbeck, CTO and VP of Engineering, Qualys, Inc. [more]
Wednesday, 4 December 2002, 1:04 PM CET

5-Factor Antivirus System for Exchange Launched
800onemail Inc., a company that provides 24x7x365 managed e-mail and Exchange services, launched a 5-Factor Antivirus system for Exchange business email. [more]
Wednesday, 4 December 2002, 1:01 PM CET

Permeo Application Security Platform Showcase
Permeo Technologies, one of the key players in the application security field will exhibit the latest version of its Permeo Application Security Platform at the 2002 InfoSecurity conference and show in NYC. [more]
Wednesday, 4 December 2002, 12:50 PM CET

Asian businesses spending more on Internet security
Businesses in Asia are spending more on Internet security to shield themselves against viruses, external hacking and data corruption, an industry monitor said. [more]
Wednesday, 4 December 2002, 12:40 PM CET

Vendors complete tougher ICSA 4.0 firewall tests
ICSA Labs, which provides one of the most important certifications firewall vendors strive for, said it has completed the first wave of tests of product against version 4.0 of its certification criteria. [more]
Wednesday, 4 December 2002, 12:26 PM CET

An Introduction to Distributed Denial of Service Attacks
This article will explain the concept of DDoS attacks, how they work, how to react if you become a target, and how the security community can work together to prevent them. [more]
Wednesday, 4 December 2002, 12:22 PM CET

U.S. Government Fails to Make Security Grade
For the second year running, the federal government has flunked Computer Security 101. [more]
Wednesday, 4 December 2002, 12:16 PM CET

We have met the enemy and he is us...
Chet Heath, VP and CTO of Omnicluster, says a company's own worst enemy when it comes to security is itself. In this paper, he describes the implementation of server specific security. [more]
Wednesday, 4 December 2002, 12:08 PM CET

Linux shows potential as it meets smart cards
With the development of smart cards technology mirroring that of the PC development, Linux is also beginning to appear as a contender on the smart card frontier as well. [more]
Wednesday, 4 December 2002, 12:04 PM CET

Report on Microsoft Windows Encrypting File System
Network Associates has published an analysis of the architecture, use and security of the Microsoft Windows Encrypting File System. [more]
Tuesday, 3 December 2002, 3:43 PM CET

PGP Corp. Releases PGP 8.0 for Windows and Macintosh
PGP Corporation today announced the release of several eagerly awaited products - PGP Enterprise 8.0, PGP Desktop 8.0 and PGP Personal 8.0 for Windows and Macintosh. [more]
Tuesday, 3 December 2002, 3:42 PM CET

Source Code for PGP 8.0 Released
Simultaneously with today's release of PGP 8.0 for Windows and Macintosh, PGP Corporation announced the availability of PGP 8.0 source code. [more]
Tuesday, 3 December 2002, 3:42 PM CET

HNS Book Giveaway Winners
Three lucky winners have been chosen, each one gets a copy of "Real World Linux Security, 2/e". Are you one of them? [more]
Tuesday, 3 December 2002, 2:50 PM CET

ReefEdge Licenses SSH Sentinel VPN Client
ReefEdge, Inc. has licensed the SSH Sentinel 1.4 VPN client software for secure access with the ReefEdge Connect System 3.0, the latest security and management solution for Wireless Local Area Networks. [more]
Tuesday, 3 December 2002, 2:39 PM CET

S/MIME - the reality of interoperability
People assume that when they buy an S/MIME compliant email application they can send digitially signed and encrypted emails to any other S/MIME compatible client. The reality however is somewhat different... [more]
Tuesday, 3 December 2002, 2:37 PM CET

Making wireless LAN security air tight
All-in-one security gateways are helping to boost confidence in wireless networks. [more]
Tuesday, 3 December 2002, 2:10 PM CET

Hacker Log: Pathway to Successful Site Attack
A few fairly simple practices would have prevented my successful attack on eWeek's OpenHack site. Application security can be attained, but it must be consistently applied and methodically checked to be effective. [more]
Tuesday, 3 December 2002, 2:09 PM CET

Despite Precautions, Net Fraud Up
Greater awareness among consumers and merchants has helped deter some online fraud. Trouble is, fraudsters are always updating their methods. [more]
Tuesday, 3 December 2002, 2:03 PM CET

Wireless network launches amid security concerns
Wireless Internet access across Switzerland has moved a step closer to reality with the provision of 100 new locations where the infrastructure is available. [more]
Tuesday, 3 December 2002, 2:01 PM CET

All Eyes on ElcomSoft Trial
Opening arguments begin Tuesday in the copyright infringement case against ElcomSoft, a trial expected to test the limits of federal copyright law. [more]
Tuesday, 3 December 2002, 1:53 PM CET

Downloadable exploits accelerate security concerns
For hackers or 'script kiddies' to attack and severely damage a Web site or corporate server it's almost a point-and-click exercise using widely available 'downloadable exploits'. [more]
Tuesday, 3 December 2002, 1:48 PM CET

HNS Newsletter Issue 138 has been released
You can read the Newsletter in TXT or PDF format. If you haven't done it yet, consider subscribing. This issue is sponsored by Qualys. [more]
Monday, 2 December 2002, 7:28 PM CET

PC Guardian releases Encryption Plus Email 3.0
Encryption Plus Email 3.0, enterprise software uses public-private key technology to automatically encrypt and decrypt email messages between users. [more]
Monday, 2 December 2002, 7:17 PM CET

CyberWhoCares? IT Should!
Is cyberterrorism real? Should corporate IT be worried about it? [more]
Monday, 2 December 2002, 7:02 PM CET

Security Firm Deserts Users
Lucira Technologies Inc. has been defunct since August when it filed for bankruptcy. Users say they've never been notified that their managed service has been terminated. [more]
Monday, 2 December 2002, 6:26 PM CET

Bruce Schneier: No "magic security dust"
This is an interview with Bruce Schneier, computer security experts and co-founder of Counterpane Internet Security. [more]
Monday, 2 December 2002, 6:11 PM CET

Nation's infrastructure far from secure
Ken Watson, the current Cisco Systems executive, is president and chairman of the Partnership for Critical Infrastructure Security. He answers questions related to security. [more]
Monday, 2 December 2002, 4:00 PM CET

Air Force piloting secure portal
The Air Force is in the initial phases of developing a secure portal that will provide air operations centers with access to the data they need to make critical warfighting decisions. [more]
Monday, 2 December 2002, 2:15 PM CET

Lax Security: ID Theft Made Easy
Victims of one of the largest identity theft cases in the United States agree with industry experts that limp security policies at credit bureaus made it easier for the criminals to do their dirty work. [more]
Monday, 2 December 2002, 2:07 PM CET

Security market still strong
Companies are spending more of their IT budgets on security, according to a study by research firm IDC. [more]
Monday, 2 December 2002, 2:05 PM CET

Cisco backtracks on security functionality
Having previously said that it had added firewall and intrusion-detection features to its IOS security software, Cisco now said that those features will not actually be integrated into the product until 2003. [more]
Monday, 2 December 2002, 2:04 PM CET


Patching: The least understood line of defense

Posted on 29 August 2014.  |  How many end users, indeed how many IT pros, truly get patching? Sure, many of us see Windows install updates when we shut down our PC and think all is well. Itís not.

Weekly newsletter

Reading our newsletter every Monday will keep you up-to-date with security news.

Daily digest

Receive a daily digest of the latest security news.


Tue, Sep 2nd