Off the Wire

Off The Wire Archive

News items for July 2005

Furor over Cisco IOS router exploit erupts at Black Hat
Cisco and ISS filed lawsuits against Michael Lynn and the Black Hat conference. [more]
Friday, 29 July 2005, 9:54 AM CET

Sophos is latest anti-virus vendor with vulnerabilities
A bug in Sophos' anti-virus software can be exploited by attackers to gain complete control of a compromised computer, the bug tracker firm Secunia said on Thursday. [more]
Friday, 29 July 2005, 9:44 AM CET

Data-security bill advances in Senate
Measure would require notification when sensitive information is compromised. [more]
Friday, 29 July 2005, 9:28 AM CET

Secure wireless networking using SSL VPNs
While providing users wireless access to file shares, applications, and other network resources offers many benefits, doing so can present security and manageability challenges. [more]
Friday, 29 July 2005, 9:16 AM CET

Beefed up OWASP 2.0 introduced at BlackHat
The Open Web Application Security Project yesterday unveiled a revised and more robust popular guide for protecting Web services that reflects best practices, common coding errors and the increasing threat of phishing. [more]
Friday, 29 July 2005, 9:04 AM CET

Hackers look outside Windows for flaws
Security vulnerabilities are on the rise with a 10.8 percent increase in vulnerabilities over last quarter, according to a study from the SANS Institute. [more]
Friday, 29 July 2005, 8:06 AM CET

Geeks gather at 'What the Hack' conference
There are hundreds of tents on the hot and soggy campground, but this isn't your ordinary summertime outing, considering that it includes workshops with such titles as "Politics of Psychedelic Research" or "Fun and Mayhem with RFID." [more]
Friday, 29 July 2005, 7:40 AM CET

Growing concern over identity cloning
Protecting consumer identity and preventing data loss and leakage are the new brand protection priorities facing large organisations. [more]
Friday, 29 July 2005, 6:36 AM CET

Warning on London Underground spam
Bogus advice spreads to inboxes in sick prank. [more]
Friday, 29 July 2005, 5:31 AM CET

Lighten up: spam should be a game
Treating spam as if it was a game could be the key to the undoing of bulk-mailers everywhere, according to a Greek scientist. [more]
Friday, 29 July 2005, 3:46 AM CET

Phishing is yesterday's news - get ready for pharming
Phishing and pharming attacks are both on the rise, but pharming is much more dangerous and difficult to detect, learn how to protect against phishing and pharming. [more]
Friday, 29 July 2005, 3:18 AM CET

Securing Windows member servers
This article will discuss some of key security configurations that can be made to help protect your member servers. [more]
Friday, 29 July 2005, 3:05 AM CET

Workstation security: lock down that Mac
In this series on Macintosh infrastructure security, I've opted to include as many ways to secure a network as possible. [more]
Friday, 29 July 2005, 2:32 AM CET

Wireless hijacking under scrutiny
A recent court case, which saw a West London man fined £500 and sentenced to 12 months' conditional discharge for hijacking a wireless broadband connection, has repercussions for almost every user of wi-fi networks. [more]
Friday, 29 July 2005, 2:13 AM CET

Build a secure enterprise infrastructure with Geronimo
A real-world demonstration of Geronimo's robust security features. [more]
Friday, 29 July 2005, 1:12 AM CET

Cisco, ISS file suit against researcher
Cisco and Internet Security Systems filed a restraining order against the management of the Black Hat Conference and a security expert who told conference attendees that attackers can broadly compromise Cisco routers. [more]
Thursday, 28 July 2005, 1:22 PM CET

Security vendors holding off on 64-bit Windows
Any software that runs in kernel mode, such as anti-virus, will need to be rewritten for 64-bit Windows. [more]
Thursday, 28 July 2005, 1:17 PM CET

Ethical hacking is challenging but training is expensive
According to one site listing ethical hackers' resources, most large organisations now make use of their services. [more]
Thursday, 28 July 2005, 1:11 PM CET

Introduction to .Net security
.Net is a software framework from Microsoft that enables language-non-specific software development, resulting in applications that can easily interoperate across platforms and networks. [more]
Thursday, 28 July 2005, 5:34 AM CET

How to eliminate spyware to protect your business
IT security experts warn that spyware is rapidly moving from personal computers to business networks connected to the Internet. [more]
Thursday, 28 July 2005, 3:06 AM CET

Counter-espionage for your PC
When it comes to defenses, there are things you can do on your own to avoid being a victim and there are software tools you can load on your PC to help prevent or remove malicious software or e-mail. [more]
Thursday, 28 July 2005, 3:01 AM CET

ID theft - bank finds a way to profit
Federal regulators say Wells Fargo jeopardized the personal information of hundreds of thousands of customers through a string of security breaches over the past two years. Wells in turn has found a way to profit from the problem. [more]
Thursday, 28 July 2005, 2:34 AM CET

IBM says new big box safer from hackers
Trying to stay atop the market for corporate computer servers, IBM renewed its lucrative line of mainframe computers with a new system aimed at helping banks, government agencies and other big customers keep data secure. [more]
Thursday, 28 July 2005, 2:20 AM CET

UK 'hacker' fights US extradition
The extradition hearing of a British man accused of hacking into the US military computer system has begun. [more]
Thursday, 28 July 2005, 2:12 AM CET

Vendors compete for hacker zero days
Competition has come to the vulnerability research market, with 3Com Corp yesterday saying it will pay independent security researchers for their zero-day vulnerabilities. [more]
Thursday, 28 July 2005, 2:08 AM CET

Secure servers standards launched
The Trusted Computing Group has announced an open specification for trusted servers to allow manufacturers to offer better data and transaction security. [more]
Thursday, 28 July 2005, 1:45 AM CET

Identity management comes of age
Identity management is an idea whose time has come, as evidenced by the variety of tools, initiatives and services. We discuss a few in this article, but there are many more that affect not only employees and partners, but consumers as well. [more]
Thursday, 28 July 2005, 1:26 AM CET

You simply can't steal WiFi...
Like many in the tech community, I found it rather disturbing that someone could be arrested, and then charged with stealing a WiFi signal. What a complete waste of taxpayer resources. I believe (hope) that the judge who sits on the bench will throw out the case. [more]
Wednesday, 27 July 2005, 9:58 AM CET

An introduction to TCP Wrappers
TCP Wrappers is designed to filter incoming connections to network services. This article looks at how this package can be used to enhance the security of a networking system. [more]
Wednesday, 27 July 2005, 9:52 AM CET

How phishers killed the password (and why that's a good thing)
Passwords just don’t cut it anymore. [more]
Wednesday, 27 July 2005, 9:50 AM CET

Deploying Authenticode with cryptographic hardware for secure software publishing
The paper looks at the importance of protecting the credentials that underpin Authenticode and the role of cryptographic hardware in securing digital keys and certificates. [more]
Wednesday, 27 July 2005, 4:55 AM CET

Hackers looking hard for anti-virus software vulnerabilities
A pair of researchers will outline at the Black Hat security conference how they were able to spot vulnerabilities in several anti-virus software packages earlier this year, and why hackers are interested in digging up dirt on enterprise defensive software. [more]
Wednesday, 27 July 2005, 4:41 AM CET

Hackers tapping free web hosting
Websense announced that it had discovered thousands of cases of hackers using free personal Web hosting services to store and distribute malicious code and certain dangerous varieties of spyware. [more]
Wednesday, 27 July 2005, 4:04 AM CET

Good security means covering the basics
It's important to keep your eye on your overall security practices, and not get distracted by the continual hype. [more]
Wednesday, 27 July 2005, 3:48 AM CET

Netscape releases four critical patches
Browser maker lists another 10 flaws that remain to be patched. [more]
Wednesday, 27 July 2005, 3:40 AM CET

How should one respond to a network break in?
How seriously should one react? [more]
Wednesday, 27 July 2005, 3:32 AM CET

The changing threat from pranksters to professionals
In this white paper, we will discuss the magnitude of the new generation of cyber-crime, direction these threats are headed and what is needed to fight back. [more]
Wednesday, 27 July 2005, 3:29 AM CET

Privacy guru locks down VoIP
Zimmermann has developed a prototype program for encrypting voice-over IP. [more]
Wednesday, 27 July 2005, 3:16 AM CET

Installing and configuring Microsoft’s Data Protection Manager part 1
The beta of Microsoft's new Data Protection Manager (formerly called Data Protection Server) is now available to the public. [more]
Wednesday, 27 July 2005, 2:55 AM CET

Professors' product protects Web passwords
Pwdhash scrambles passwords typed into Web sites, then creates a unique sign-on for each site visited. [more]
Wednesday, 27 July 2005, 1:40 AM CET

Russian spammer murdered
The spammer headed the Center for American English whose aggressive spamming practices have angered net users. [more]
Wednesday, 27 July 2005, 1:21 AM CET

Microsoft steps up piracy fight
Anyone downloading updates for Windows XP will be required to check that their operating system is genuine. [more]
Wednesday, 27 July 2005, 12:39 AM CET

Q&A with Liberty Alliance on identity theft prevention
The Liberty Alliance Project is committed to developing an open standard for federated network identity that supports all current and emerging network devices. [more]
Tuesday, 26 July 2005, 12:41 PM CET

System security: a comprehensive approach
This security white paper outlines the seven critical categories of system security necessary to implement a comprehensive security framework. [more]
Tuesday, 26 July 2005, 12:35 PM CET

SQL server port under heavy scanning
Symantec issued an alert Monday that it had detected unusual amounts of scanning of a port normally associated with Microsoft SQL Server, a possible precursor to an attack. [more]
Tuesday, 26 July 2005, 12:14 PM CET

Threat alert highlights vulnerabilities in backup software
The SANS Institute Monday reported 422 new Internet security vulnerabilities discovered during the second quarter, up nearly 11% from the first quarter, with weaknesses in popular backup software highlighting the report. [more]
Tuesday, 26 July 2005, 12:10 PM CET

A new stab at password protection
The increase in identity theft has prompted two Stanford University professors to develop software that protects computer passwords from internet thieves. [more]
Tuesday, 26 July 2005, 12:08 PM CET

Security gets smarter
3Com, VeriSign, Arbor add intelligence to wares. [more]
Tuesday, 26 July 2005, 12:06 PM CET

NTT advances quantum crypto key distribution
In what could be a step forward in the development of quantum cryptography systems, a Japanese laboratory has demonstrated that it can send quantum keys through an optical switch designed for normal optical communications. [more]
Tuesday, 26 July 2005, 11:41 AM CET

Get paid for hacking? It's not just for movies anymore!
I remember the days when hackers kept security exploits to themselves in order to gain hacker points among their fellow hackers. These days they just sell them to companies like TippingPoint... or do they? [more]
Tuesday, 26 July 2005, 11:21 AM CET

Linksys simplifies WLAN security setup
SecureEasySetup technology aims to make it easier to set up secure wireless LANs. [more]
Tuesday, 26 July 2005, 11:19 AM CET

Airborne viruses: real threat or just hype?
"The biggest threat that I see right now is that Research In Motion's Blackberries and palmOne's PDAs are connected to names and addresses," said IBM Global Solutions Manager for Managed Security Services Doug Conorich. [more]
Tuesday, 26 July 2005, 11:17 AM CET

Give up privacy to skip airport security lines?
Industry pushes for nationwide Registered Traveler program to allow frequent fliers to bypass security holdups. [more]
Tuesday, 26 July 2005, 11:15 AM CET

Security professional body blueprint released
Proposals to create a professional institution to raise standards in IT security moved a step forward this week after working groups released detailed blueprints for the new organisation. [more]
Tuesday, 26 July 2005, 11:13 AM CET

Trike - a conceptual framework for threat modeling
Trike is a unified conceptual framework for security auditing from a risk management perspective through the generation of threat models in a reliable, repeatable manner. A security auditing team can use it to completely and accurately describe the security characteristics of a system from its highlevel architecture to its low-level implementation details. [more]
Tuesday, 26 July 2005, 11:06 AM CET

UK war driver fined £500
A man was last week fined £500 after a British jury found him guilty of using a neighborhood wireless broadband connection without permission. [more]
Monday, 25 July 2005, 1:16 PM CET

Real-world strategies for overcoming spam and phishing attacks
This paper presents an overview of the threats posed by spam and Phishing, discusses why traditional technologies fail, and focuses on the requirements for an effective solution. [more]
Monday, 25 July 2005, 1:15 PM CET

Web sites: the weakest link in security
Poorly designed Web sites can open the door to hackers trying to access proprietary information. [more]
Monday, 25 July 2005, 12:53 PM CET

LAPD recruits computer to stop rogue cops
The $35 million computer system tracks complaints and other telling data about officers and then alerts top supervisors to possible signs of misconduct. [more]
Monday, 25 July 2005, 12:50 PM CET

Banks warned over m-commerce security peril
Banks risk exposing customer data to hacking attacks in deploying mobile-phone ATM applications. [more]
Monday, 25 July 2005, 12:49 PM CET

FDIC advises banks on how to protect against spyware
The Federal Deposit Insurance Corp. (FDIC) today issued a list of best practices for financial services firms that details how to protect against spyware [more]
Monday, 25 July 2005, 12:47 PM CET

They're playing our virus
These days, digital attacks on PCs are coming disguised as media files or targeting corporate backup systems. [more]
Monday, 25 July 2005, 12:45 PM CET

Spam haters given right of reply
Now you have a chance to let spammers know how you feel about junk mail. [more]
Monday, 25 July 2005, 12:42 PM CET

UK police chiefs seek powers to attack terror websites
The Association of Chief Police Officers has asked for new legislation giving the security services "powers to attack identified websites". [more]
Monday, 25 July 2005, 12:39 PM CET

How to beat spammers at their own game
Don't think about blocking spam - imagine instead that you are playing a game against the spammers, with cash at stake. [more]
Monday, 25 July 2005, 12:31 PM CET

Poll finds security still keeps IT execs awake at night
A recent poll has found that 88 percent of IT managers believe the complexity in their IT organisation is now higher than it was 18 months ago. [more]
Monday, 25 July 2005, 12:27 PM CET

Virus writers take a different tact
Virus writers who once favored releasing malware that would clog corporate networks by the thousands have shifted to a strategy of secrecy in which they commandeer PCs on the Internet in the pursuit of dollars instead of notoriety, a security expert said Friday. [more]
Monday, 25 July 2005, 12:27 PM CET

New security threat is within
On the eve of the third anniversary of the Sarbanes-Oxley corporate accountability law, it isn't just the accountants who are making money. [more]
Monday, 25 July 2005, 12:24 PM CET

UK companies don't have basic security measures for smart handhelds
Forty per cent of businesses feel they do not secure handheld devices to the level they secure laptops. [more]
Friday, 22 July 2005, 4:20 PM CET

Spy worm spreads over instant messaging
Microsoft's MSN Messenger and AOL's Instant Messenger services are being targeted by malicious messages containing links that could infect a computer with a Trojan horse or dangerous worm. [more]
Friday, 22 July 2005, 4:18 PM CET

Beware the ICE virus hoax
Experts at Sophos have warned of a new virus hoax. If you receive a mail claiming that ICE is a virus, first don't believe it, second don't forward it, because it's a hoax. [more]
Friday, 22 July 2005, 3:58 PM CET

Mitnick preaches social engineering awareness
Mitnick says people are the weakest link and organizations must build 'human firewall'. [more]
Friday, 22 July 2005, 3:24 PM CET

Desktop security: proactive protection against known and unknown desktop security threats
With security threats growing, it is imperative to have a multi-layered security solution that is fast, strong and nimble. [more]
Friday, 22 July 2005, 3:22 PM CET

80 security tips
Whether your PC is 3 years or 3 days old, it faces the same, sometimes scary security issues. [more]
Friday, 22 July 2005, 3:14 PM CET

Intrusion detection on steroids
I like Sourcefire's strategy of employing several technologies to detect intrusions, but I was more impressed by the RNA sensors' ability to detect vulnerabilities in specific hosts in real time. [more]
Friday, 22 July 2005, 3:12 PM CET

Lost dog scams bite online users
Scammers have taken a traditional double-cross played on owners of lost dogs to the Internet. [more]
Friday, 22 July 2005, 3:11 PM CET

Oracle takes years to fix holes
The database vendor fails to patch security holes, despite knowing about the vulnerabilities for as long as two years, an accuser says. But Oracle says it fixes holes in order of severity. [more]
Friday, 22 July 2005, 3:08 PM CET

Secure VoIP on government's hit list
Given recent forecasts of growth in the government telecom market, security issues associated with VoIP are understandably in the spotlight. [more]
Friday, 22 July 2005, 3:07 PM CET

Linux scripts make wireless management a snap
Powerful tools can help you run your own wireless ISP. [more]
Friday, 22 July 2005, 3:02 PM CET

Biggest 419 bust in history
The FBI and Spanish police have arrested 310 people in Malaga, Spain in connection with a €100m bogus (email) lottery scam run by Nigerian gangs. [more]
Friday, 22 July 2005, 3:01 PM CET

Big Brother? The rest of the family is lurking online
With personal data so available, cyber-posses face few barriers in using it as a weapon. [more]
Friday, 22 July 2005, 2:58 PM CET

Identifying P2P users using traffic analysis
With the emergence of Napster in the fall of 1999, peer to peer (P2P) applications and their user base have grown rapidly in the Internet community. With the popularity of P2P and the bandwidth it consume, there is a growing need to identify P2P users within the network traffic. [more]
Friday, 22 July 2005, 2:56 PM CET

CardSystems may be driven out of business after the attack
The head of a payment-processing firm that was infiltrated by computer hackers, exposing as many as 40 million credit card holders to possible fraud, told Congress on Thursday that his company is "facing imminent extinction" because of its disclosure of the breach and industry's reaction to it. [more]
Friday, 22 July 2005, 2:54 PM CET

Is wireless security pointless?
While no personal information appears to have been compromised, SpreadFirefox has encouraged all users to log into their accounts and change their passwords. The site sent out an e-mail to all account holders with instructions on how to do so. [more]
Thursday, 21 July 2005, 3:22 PM CET

Sys admin: friend or foe?
The network system administrator is the first line, and sometimes last line of defence that a network has. What happens though if that very same defender becomes more of a liability? [more]
Thursday, 21 July 2005, 3:20 PM CET

'Alien greeting' harbours Windows malware
A message purporting to come from an alien is in reality, you've guessed it, the latest Windows PC-infecting computer virus. [more]
Thursday, 21 July 2005, 3:17 PM CET

ID theft fears prompt ecommerce boycott
Identity theft fears are prompting some UK consumers to avoid buying goods or services online or over the phone, according to a national survey published this week. [more]
Thursday, 21 July 2005, 3:03 PM CET

Security flaws slip through Oracle patch cycle
A security research firm has reported details of six vulnerabilities in products from Oracle that were not fixed in the supplier’s last round of patches. [more]
Thursday, 21 July 2005, 3:03 PM CET

System security: a comprehensive approach
This security white paper outlines the seven critical categories of system security necessary to implement a comprehensive security framework. [more]
Thursday, 21 July 2005, 3:02 PM CET

Interview with Dan Kaminksy on Microsoft 's security
Dan Kaminsky is a security researcher focusing on applied mechanisms for analyzing and understanding very large scale networks. [more]
Thursday, 21 July 2005, 3:00 PM CET

Review: GFI LANguard Network Security Scanner 6
This is a review of the new release of LANguard Network Security Scanner (GFI LANguard NSS) from GFI. NSS will scan computers for known vulnerabilities and common misconfigurations and other potential security issues. It produces reports that can be used to assist in the tracking and mitigation of security issues that have been identified. [more]
Thursday, 21 July 2005, 2:36 PM CET

Microsoft buys another security firm
Software maker buys FrontBridge Technologies, makers of an e-mail security product. [more]
Thursday, 21 July 2005, 2:55 AM CET

HP ProLiant DL320 hardware ISA firewall review
This sturdy ISA-based hardware firewall is targeted at the experienced ISA firewall administrator who wants a pre-built and pre-hardened ISA firewall delivered to the door, ready to plug in and deploy. [more]
Thursday, 21 July 2005, 1:47 AM CET

Small businesses lack IT security
Companies are not increasing budgets for the most basic systems, including email and wireless network connections. [more]
Thursday, 21 July 2005, 1:19 AM CET

Advanced code injection techniques and testing procedures
Depending upon the nature of the application and the way the malicious data is stored or rendered, the attacker may be able to conduct a second-order code injection attack. [more]
Thursday, 21 July 2005, 1:17 AM CET

Securing wireless technology
Wireless networking frees mobile workers from wires and cables, allowing them to collect and view data whenever, wherever they choose. [more]
Wednesday, 20 July 2005, 11:02 AM CET

Internet users ignorant about data privacy
U.S. Internet users are dangerously ignorant about the type of data that Web site owners collect from them. [more]
Wednesday, 20 July 2005, 10:57 AM CET

Bill puts spotlight back on data theft
Several prominent U.S. Senators, including the leaders of the Commerce Committee, have introduced another bill that takes on the growing online menace of identity and data theft. [more]
Wednesday, 20 July 2005, 10:55 AM CET

Attackers turning to fake online greeting cards
The next e-mail greeting card you get may come with a nasty surprise. [more]
Wednesday, 20 July 2005, 10:50 AM CET

Writing secure PHP
Here are a few of the more common security problems and how to avoid them. [more]
Wednesday, 20 July 2005, 10:48 AM CET

Oracle taken to task for time to fix vulnerabilities
Claiming that Oracle has failed to fix six vulnerabilities despite having more than 650 days to issue a patch, researchers at security firm Red Database Security published details of the flaws on Tuesday. [more]
Wednesday, 20 July 2005, 10:46 AM CET

Visa, Amex cut ties with CardSystems
Visa USA has dumped a card processing firm blamed for a security breach affecting anything up to 40m The payment-processing company left 40 million accounts vulnerable to hackers. A Visa spokeswoman said CardSystems "has not corrected, and cannot at this point correct, the failure to provide proper data security for Visa accounts." [more]
Wednesday, 20 July 2005, 10:43 AM CET

Can't recall passwords? Write them down
Flying in the face of convention, a security expert is now telling users to write down passwords and stick the slip of paper in their wallets. [more]
Wednesday, 20 July 2005, 10:40 AM CET

New worm poses as iTunes
Worm writers are piggy-backing on the success of Apple’s iTunes digital juke box according to an anti-virus software firm. [more]
Wednesday, 20 July 2005, 10:38 AM CET

A security qualification is a must but make sure it fits your field
Europe will need another 680,000 information security professionals by 2008. [more]
Tuesday, 19 July 2005, 3:17 PM CET

Network monitoring with ngrep
With ngrep, you can analyze network traffic in a manner similar to that of other network sniffers. However, unlike its brethern, ngrep can match regular expressions within the network packet payloads. [more]
Tuesday, 19 July 2005, 3:12 PM CET

Ethical issues for IT security professionals
This article takes a look at a neglected area of most computer security professionals' training: how to deal with the ethical issues that can - and invariably do - crop up during the course of doing your job. [more]
Tuesday, 19 July 2005, 1:55 PM CET

Trojans stampede across the web
Malicious code targeting bank accounts. [more]
Tuesday, 19 July 2005, 1:52 PM CET

GAO: Federal systems security still lacking
The good news: Federal agencies are making progress in implementing stronger information security regimes. The bad news: It hasn't helped much. [more]
Tuesday, 19 July 2005, 1:51 PM CET

The need to focus on hidden security threats
Keeping up with spyware, key loggers, Trojans, exploits and other malicious software is challenge on its own. [more]
Tuesday, 19 July 2005, 10:33 AM CET

Bringing spammers to their knees
PC World Senior Writer Tom Spring discusses the latest trends in spam and gives you the tips and tools for getting rid of it. [more]
Tuesday, 19 July 2005, 10:32 AM CET

Windows XP DoS bug worse than thought
It affects several other editions of Windows, and could have buffer overflow potential. [more]
Tuesday, 19 July 2005, 10:31 AM CET

To stop hacker attacks, don't rely on ISPs
Your Internet service provider isn't to blame if your company is hit with a distributed denial-of-service attack. [more]
Tuesday, 19 July 2005, 10:25 AM CET

Financial impact of some security breaches skyrockets
The financial impact of the theft of proprietary information has more than doubled in the last year, according to the 10th annual CSI/FBI Computer Crime and Security Survey. [more]
Tuesday, 19 July 2005, 10:25 AM CET

Email authentication takes big bite of spam
New research suggests anti-spam tools are slowly winning the war on junk mail. [more]
Tuesday, 19 July 2005, 10:20 AM CET

Watch out for third-party systems when managing network security
Even the best security efforts may be missing an entire class of susceptible systems: equipment maintained by other companies. Here's what to watch out for. [more]
Tuesday, 19 July 2005, 10:16 AM CET

Microsoft admits to Media Center hole
Security flaw could allow hackers to crash PCs. [more]
Monday, 18 July 2005, 1:30 PM CET

Prepare for disasters that could bring your business to a halt
This article looks at how “non-traditional” disasters, such as gas leaks and human error, can impact on the operations of your organisation. [more]
Monday, 18 July 2005, 12:39 PM CET

Virus bounties no longer effective
Wild West methods increasingly irrelevant, say security experts. [more]
Monday, 18 July 2005, 12:14 PM CET

Malware maelstrom menaces UK
Lock up your email servers - there's a blizzard of Windows malware out there. [more]
Monday, 18 July 2005, 12:13 PM CET

Troubleshooting IPSec tunnel mode scenarios
In this article we’ll take a look at how to troubleshoot a common site to site IPSec tunnel-mode VPN scenario. [more]
Monday, 18 July 2005, 12:12 PM CET

Secure RSS syndication
I have a problem. It's actually a pretty common problem. I have data that I want to syndicate to myself, but I don't want you to see it. [more]
Monday, 18 July 2005, 12:05 PM CET

How to prevent your website from being used against you in a phishing attack
Phishing has become more and more commonplace and these attacks put companies that conduct online business at risk, and threaten to undermine consumer confidence. [more]
Monday, 18 July 2005, 12:04 PM CET

Online privacy regulations forcing better handling of data
In essence, computerized banking transactions and Internet commerce practices have put new twists on old identity theft methods used by criminals. Federal guidelines are just now starting to focus on electronic processes that did not exist when other federal regulations were first designed. [more]
Monday, 18 July 2005, 12:00 PM CET

How to prevent pharming
Protect your company's online reputation by locking down DNS and guarding against domain hijacking. [more]
Monday, 18 July 2005, 11:56 AM CET

Google growth yields privacy fear
Google is at once a powerful search engine and a growing e-mail provider. It runs a blogging service, makes software to speed web traffic and has ambitions to become a digital library. And it is developing a payments service. [more]
Monday, 18 July 2005, 11:51 AM CET

Rethinking the data security box
Computer security can be a difficult problem to get a handle on, so sometimes it takes some creative thinking. I would say it involves "thinking outside the box," but that's a little too trite and overused. [more]
Monday, 18 July 2005, 11:51 AM CET

Mozilla site attacked to spread spam
A site promoting Firefox was attacked last weekend in order to commandeer it to send spam, the Mozilla Foundation said on Friday. [more]
Monday, 18 July 2005, 11:36 AM CET

Oracle simplifies SOA, Web services security
Oracle announced the industry's first integrated, standards-based business process platform that simplifies the security of service-oriented architectures (SOAs) and Web services. [more]
Monday, 18 July 2005, 11:33 AM CET

Small doesn't mean anything to hackers
Being small doesn’t make you invisible. [more]
Monday, 18 July 2005, 11:32 AM CET

Juniper's Infranet initiative gets backing of Cisco
Juniper's Infranet initiative, designed to help service providers deliver security and quality-of-service guarantees across their boundaries, welcomed Cisco Systems to the group. [more]
Friday, 15 July 2005, 8:43 AM CET

Cybercrime rates, losses fall, survey says
The downturn in losses is because of both better management of security tools and sheer luck in the form of a 12-month run without fast-spreading, big-dollar-amount attacks. But the survey also detailed some gloomier news: Losses to identity and information theft are up--way up. [more]
Friday, 15 July 2005, 8:42 AM CET

An open source approach to security
The perception that a Linux environment and open source software statistically has more vulnerabilities in comparison with other operating systems is only half true. [more]
Friday, 15 July 2005, 3:10 AM CET

Spyware, a thorn in my side
The scenario: You are doing research on the Web - which, by the way, is what a vast majority (more than 80%) of so-called surfers do " and you find a link that looks right on target. [more]
Friday, 15 July 2005, 2:32 AM CET

Trend Micro bug proves costly
Faulty software update released earlier this year cost the company $8 million. [more]
Friday, 15 July 2005, 2:16 AM CET

Firefox update focuses on security and stability
"Software sometimes can be the victim of its own success," said Cluley. Certainly, that is the case with Microsoft's Internet Explorer, which is the leader in the Web browser realm and thus sustains proportionately more malicious attacks. [more]
Friday, 15 July 2005, 2:02 AM CET

Trojans taking over from worms
Worm activity fell last month by over 80 per cent. [more]
Friday, 15 July 2005, 1:54 AM CET

VeriSign acquires security firm iDefense for US$40m
VeriSign announced Wednesday that it had purchased security intelligence firm iDefense for approximately US$40m in cash. [more]
Friday, 15 July 2005, 1:35 AM CET

Open source vs. Windows: security debate rages on
Open source is foremost an "ethos" that "is precisely the best social environment for the best development of anything," said Tim Clarke, I.T. director at Manifest, a maker of electronic voting and research tools. [more]
Friday, 15 July 2005, 1:14 AM CET

Personal data quiz throws wrench into ID theft
Identity thieves and impersonators thrive on publicly available personal information and data pilfering. [more]
Friday, 15 July 2005, 1:08 AM CET

Oracle integrates Web services, security products
Oracle plans to combine two of its Web services products to make it easier for developers to set security policies for applications built using its Oracle BPEL Process Manager software, a company executive said Tuesday. [more]
Thursday, 14 July 2005, 1:45 PM CET

Sun to expand open source moves into secure ID arena
Java developers are encouraged to write apps featuring identity managment. [more]
Thursday, 14 July 2005, 10:47 AM CET

Six rules for encrypting your enterprise data
Regulatory compliance requirements for protecting sensitive data have led many companies to consider encryption. This document provides six fundamental rules that should be considered prior to data encryption deployment. [more]
Thursday, 14 July 2005, 10:40 AM CET

Bank of America adds new online security
Stung by recent high-profile security breaches, Bank of America Corp. is rolling out a new online banking security system aimed at making it harder for cyberthieves to crack customer accounts. [more]
Thursday, 14 July 2005, 10:35 AM CET

ZombieAlert scours networks for spam-spewing PCs
Sophos is touting a new service that scours corporate networks for zombies -- PCs that have been hijacked without the owner's knowledge and turned into spam-spewing engines. [more]
Thursday, 14 July 2005, 10:34 AM CET

Could blogging spread computer worms?
Could RSS feeds become a conduit for the transmission of computer worms? Security experts are at odds over the possibility. [more]
Thursday, 14 July 2005, 10:31 AM CET

Users flock to spam messages
11 per cent admits to buying Viagra and other goods advertised in spam. [more]
Thursday, 14 July 2005, 10:27 AM CET

Hacker tells of bungle that may have cost $1 million
"You end up lusting after more and more complex security measures," the unemployed systems administrator said. "It was like a game. It was addictive. Hugely addictive." [more]
Thursday, 14 July 2005, 10:26 AM CET

What is endpoint security?
Endpoint security is something that many IT professionals think they have, though few can agree on what it is. [more]
Thursday, 14 July 2005, 10:25 AM CET

Apple peels wraps off OSX security patches
Denial of service attack hole and file overwrite bug fixed. [more]
Thursday, 14 July 2005, 10:23 AM CET

Word bug shows trend in file format hacks
The vulnerability in Microsoft Word is only the latest in a spreading trend that's seeing hackers probe for foibles and failings in file formats, a security firm says. [more]
Thursday, 14 July 2005, 10:22 AM CET

Data breaches: turn back the tide
The complexity of today’s business-technology systems, the sorry state of software application security, the general lack of employee IT-security awareness, and the growing "connectedness" of partners and customers all work against the task of security managers to protect critical business information. [more]
Thursday, 14 July 2005, 8:22 AM CET

Penalty plea on cyber criminals
Tougher sentences are needed to make sure computer crime is treated seriously by courts and prosecutors, said an MP as he proposed new laws. [more]
Wednesday, 13 July 2005, 2:15 PM CET

Privacy group: online investigators dig up too many secrets
The Electronic Privacy Information Center says online private eyes dig up unlisted phone numbers, addresses, detailed phone records, employment history, and motor vehicle data on private individuals, often using deceptive practices. [more]
Wednesday, 13 July 2005, 2:09 PM CET

Hackers already exploiting XP flaws
Latest patches more critical than ever, warns Microsoft. [more]
Wednesday, 13 July 2005, 1:56 PM CET

UK EU presidency aims for Europe-wide biometric ID card
The UK is using its Presidency of the Council of the European Union to push for the adoption of biometric ID cards and associated standards across the whole of the EU. [more]
Wednesday, 13 July 2005, 1:54 PM CET

How do compliance issues affect your network?
This article looks at how regulations affecting specific industries impact the computer networks of companies in those industries, as well as some of the common myths and misconceptions about various compliance requirements. [more]
Wednesday, 13 July 2005, 4:04 AM CET

Only 10 per cent of emails are genuine
Just 10 per cent of all email is a genuine message, with the volume of spam email, phishing attacks, trojans and virus-infected email messages rising 600 per cent in the past year. [more]
Wednesday, 13 July 2005, 3:45 AM CET

Hackers grow armies of zombie PCs
Number of systems infected with malicious software has jumped more than 300 percent, McAfee says. [more]
Wednesday, 13 July 2005, 3:41 AM CET

Sophos glitch leaves PCs hanging
A recent security update from Microsoft is tripping up users of Sophos's flagship anti-virus scanning software. [more]
Wednesday, 13 July 2005, 3:30 AM CET

Hot skills: network security
Security systems are becoming easier to set up, but they need skilled staff to configure and maintain them. [more]
Wednesday, 13 July 2005, 3:15 AM CET

Giving new meaning to 'spyware'
Supreme Court Justice Potter Stewart famously said that he couldn't define obscenity, but that he knew it when he saw it. [more]
Wednesday, 13 July 2005, 3:03 AM CET

Sarbox challenge drains security budgets
International corporate spending on compliance with the Sarbanes-Oxley data security legislation has come at the expense of dealing with other security threats, according to the Information Security Forum (ISF). [more]
Wednesday, 13 July 2005, 2:49 AM CET

Firms ignorant of hacker risk
Most IT managers admit they have no way of measuring risk. [more]
Wednesday, 13 July 2005, 2:24 AM CET

Spammers most likely users of e-mail authentication
Spammers are continuing to adopt Sender ID and Sender Policy Framework, two of the prominent e-mail authentication schemes that are actually intended to stop spam. [more]
Tuesday, 12 July 2005, 11:47 AM CET

Security product lets only good code run
Why try and prevent every potential security threat when you can just direct the network to run nothing but authorized code? [more]
Tuesday, 12 July 2005, 11:46 AM CET

Users act to encrypt mobile data
Concerns linger about untested handheld tools. [more]
Tuesday, 12 July 2005, 11:45 AM CET

DOM based Cross Site Scripting or XSS of the third kind
Application developers and owners need to understand DOM Based XSS, as it represents a threat to the web application, which has different preconditions than standard XSS. [more]
Tuesday, 12 July 2005, 11:44 AM CET

When management sets the wrong security culture
During a recent tele-banking transaction, I was instructed to enter my bank account and Social Security numbers. [more]
Tuesday, 12 July 2005, 11:42 AM CET

Security breach - the price is right
How much does a security breach actually "cost," and who pays for it? [more]
Tuesday, 12 July 2005, 11:40 AM CET

Longhorn following Unix on security?
Microsoft's delayed Longhorn operating system appears to be taking a page from the Unix management book by curbing user's administration rights. [more]
Tuesday, 12 July 2005, 11:39 AM CET

Introduction to IPAudit
IPAudit is a handy tool that will allow you to analyze all packets entering and leaving your network. [more]
Tuesday, 12 July 2005, 11:34 AM CET

Has Microsoft made security strides?
Two years after Microsoft CEO Steve Ballmer announced a corporate-wide focus on security, Microsoft claimed that the company is fulfilling its promise. [more]
Tuesday, 12 July 2005, 11:28 AM CET

IDS pays off, even if there's no hacking
When I came into work after the weekend, a very interesting e-mail message was waiting for me. The message, with the subject line "Account Alert," appeared to be from our help desk. It requested that I read an attached document pertaining to my user account. [more]
Tuesday, 12 July 2005, 11:23 AM CET

AirMagnet binds Cisco kit into Wi-Fi security
Wi-Fi security vendor AirMagnet has increased the support for Cisco access points in AirMagnet Enterprise 6, as well as adding multi-tasking sensors, making set-up easier and adding intelligence to spot new attacks. [more]
Tuesday, 12 July 2005, 11:22 AM CET

Security: know your risks
Speed is vital to assess and manage swiftly changing risks and meet regulatory demands. A matrix-based approach can offer a faster route than traditional, bottom-up methods. [more]
Tuesday, 12 July 2005, 11:20 AM CET

Risks and threats to storage area networks
The foundation of enterprise risk analysis is the threat model which defines the points of attack and the methods of attack at each point. This paper investigates risk and common security threats against storage area networks (SANs) and the countermeasures that can be taken to mitigate the vulnerability of the enterprise SAN. [more]
Monday, 11 July 2005, 2:50 PM CET

Feds fear air broadband terror
Law enforcement officials want to eavesdrop on air passengers' internet use with a court order. The federal agencies are concerned that terror attacks could be coordinated using new in-flight broadband connections. [more]
Monday, 11 July 2005, 12:05 PM CET

Penetration testing: taking the guesswork out of vulnerability management
Despite the ongoing investment in information security, sensitive customer information and intellectual property continue to be compromised, this paper focuses on the best practices that will enable organizations to secure this information. [more]
Monday, 11 July 2005, 11:53 AM CET

To catch an ID thief
Bank-sponsored Identity Theft Assistance Center will share information with the FTC to help catch identity thieves. [more]
Monday, 11 July 2005, 11:50 AM CET

Sarbanes-Oxley legislation criticised
Influential US judge and one of the legislation's architects, Michael Oxley, highlight its faults. [more]
Monday, 11 July 2005, 11:48 AM CET

Who owns the information?
From the music you purchase and download to your personal details stored online, it's all just bits of information. [more]
Monday, 11 July 2005, 11:44 AM CET

Writing Linux firewall rules with iptables
This guide will give you some background on IPTables and how to use it to secure your network. [more]
Monday, 11 July 2005, 11:43 AM CET

Vendors tout WLAN security advances
Two wireless LAN security vendors last week separately announced streamlined versions of their software. [more]
Monday, 11 July 2005, 11:42 AM CET

Microsoft to reward informants after Sasser conviction
Microsoft plans to split the $250,000 reward for the information leading to the Sasser author between two tipsters. [more]
Monday, 11 July 2005, 11:41 AM CET

Punishment inconsistent for convicted hackers
These cases involving hackers and purveyors of viruses are scaring off individuals from using the Internet. [more]
Monday, 11 July 2005, 11:34 AM CET

Apache faces Web services security spec roadblock
Open source organization to meet with Microsoft, IBM. [more]
Monday, 11 July 2005, 11:34 AM CET

Trojan exploits London bombings
Promised eyewitness video's carries a payload of its own [more]
Monday, 11 July 2005, 11:31 AM CET

Surfers get smart on spyware
Internet users claim to have changed their habits. [more]
Friday, 8 July 2005, 2:27 PM CET

Effective network management for security and compliance
This white paper provides an overview of network security and compliance for network managers, network architects and network security experts and outlines key solutions. [more]
Friday, 8 July 2005, 2:23 PM CET

Sasser suspect walks free
The teenage author of the infamous Sasser worm has been sentenced to one year and nine months probation. [more]
Friday, 8 July 2005, 2:20 PM CET

Hackers for hire
What started out as an online businessman's dirty tactic lasted for almost half a year and cost victims over US$2 million. [more]
Friday, 8 July 2005, 10:20 AM CET

Windows and Office patches ahead
Patch Tuesday around the corner. [more]
Friday, 8 July 2005, 10:19 AM CET

NAT Traversal (NAT-T) security issues
Network Address Translation (NAT) is a technology that has, in a small way, revolutionized Internet communications. [more]
Friday, 8 July 2005, 10:14 AM CET

The root of the rootkit
Rootkits are hard to detect and can give hackers full control of your system. [more]
Friday, 8 July 2005, 10:10 AM CET

Man arrested for hopping on to home Wi-Fi network
Although security options exist, unprotected wireless LANs are still common. [more]
Friday, 8 July 2005, 10:09 AM CET

Is it spyware or adware?
People are used to antivirus programs where everything is black and white. [more]
Friday, 8 July 2005, 10:08 AM CET

Check Point beefs up spyware defences
Check Point Software is to build improved spyware defences into the next version of its ZoneAlarm. [more]
Friday, 8 July 2005, 10:08 AM CET

A small price to pay for cutting e-crime
Companies could help to reduce the £2.4bn UK e-crime bill. [more]
Thursday, 7 July 2005, 1:54 PM CET

MS downgrades Claria adware detection
Here's one for the conspiracy theorists. Microsoft has downgraded detection of the Claria adware application by its anti-spyware software days after reports began circulating that Redmond might buy the online marketing firm. [more]
Thursday, 7 July 2005, 1:53 PM CET

Simplify your life - eliminate passwords
In this whitepaper, you learn how you can easily implement IBM's recommended password elimination Single Sign-On architecture. [more]
Thursday, 7 July 2005, 1:11 PM CET

Longhorn locked down to fight hackers
Intruders wished "good luck" as new OS prevents unauthorised access. [more]
Thursday, 7 July 2005, 3:05 AM CET

After a privacy breach, how should you break the news?
Based on a recent study conducted by Ponemon Institute, we can provide some insight on what customers' expectations are when they receive notification. [more]
Thursday, 7 July 2005, 2:53 AM CET

Why spam filters don't work
The best analogy might be comparing a spam filter to a cigarette filter -- the heaviest duty cigarette filters still let toxins, fibers and tar through. [more]
Thursday, 7 July 2005, 2:41 AM CET

Adobe update quells Unix PDF peril
Adobe has issued patches for a common vulnerability in various Unix versions of its Acrobat Reader software to guard against possible hacker attack. [more]
Thursday, 7 July 2005, 2:35 AM CET

Threat increases from IM-based attacks
Hackers exploit weaknesses with viruses, worms and phishing scams. [more]
Thursday, 7 July 2005, 2:24 AM CET

Wi-Fi cloaks a new breed of intruder
Though wireless mooching is preventable, it often goes undetected. [more]
Thursday, 7 July 2005, 2:10 AM CET

In the stolen-data trade, Moscow is the Wild East
The most expensive wares in Moscow's software markets, the items that some Russians are calling a threat to their personal safety, aren't on public display. [more]
Thursday, 7 July 2005, 2:05 AM CET

Avoiding identity theft
This article is designed to help network administrators and consumers understand the issues surrounding the rapidly growing concern of "Identity Theft". [more]
Wednesday, 6 July 2005, 4:25 PM CET

Financial firms to share ID theft data with FTC
They hope it will help law enforcement probes of ID thefts. [more]
Wednesday, 6 July 2005, 4:37 AM CET

Who's to blame for insecurity?
If there's one thing the security industry is really good at, it's pointing fingers. [more]
Wednesday, 6 July 2005, 4:17 AM CET

Flawed USC admissions site allowed access to applicant data
A programming error in the University of Southern California's online system for accepting applications from prospective students left the personal information of users publicly accessible, school officials confirmed this week. [more]
Wednesday, 6 July 2005, 3:11 AM CET

Hackers turn to root kits for web attacks
Growing in popularity and difficult to beat. [more]
Wednesday, 6 July 2005, 2:45 AM CET

Preventing malicious spyware in the enterprise
Malicious spyware is an increasing threat to the enterprise. Older technologies are fast becoming ineffective; what is needed is a behavioral heuristics approach. [more]
Wednesday, 6 July 2005, 2:39 AM CET

Hackers make way for criminals, experts say
Spotty teenage hackers who set off global email viruses are being replaced by serious online crooks whose stealth attacks don't make headlines but cause more damage, security software makers said on Tuesday. [more]
Wednesday, 6 July 2005, 2:18 AM CET

German teenager admits in court to creating Sasser worm
Teenager faces maximum of five years in prison for worm that crashed hundreds of thousands of computers. [more]
Wednesday, 6 July 2005, 1:49 AM CET

Outsourcers play down security risk
Offshoring industry moves to calm UK customers' fears after Indian security breach. [more]
Wednesday, 6 July 2005, 1:37 AM CET

Air Force taps secure ultrawideband
Sandia National Laboratories has combined ultrawideband (UWB) radio signals with advanced encryption techniques to develop a secure sensor and communications network for the U.S. military. [more]
Wednesday, 6 July 2005, 1:31 AM CET

New Trojan hits Symbian smartphones
A Trojan capable of ruining smartphones running the Symbian Series 60 operating system has been discovered, a security expert said Tuesday. [more]
Wednesday, 6 July 2005, 1:14 AM CET

IBM and banks draw up data security blueprint
IBM has formed a Data Governance Council with dozens of leading financial companies and other suppliers to develop a “blueprint” to protect personal data. [more]
Tuesday, 5 July 2005, 11:49 AM CET

Security experts warn over mobile threats
While still just a drop in the ocean compared to internet security threats, the incidences of malware targeting mobile phones is growing. [more]
Tuesday, 5 July 2005, 11:48 AM CET

Random Number Generators: what do you need one for?
Random numbers are utilized in many different areas, ranging from cryptography (in general) to source port and process ID randomization in some operating systems. [more]
Tuesday, 5 July 2005, 11:12 AM CET

Open source vs. Windows: security debate rages
It's a topic of fierce debate among high-tech cognoscenti: What's more secure -- "open source" code such as Linux and Apache, or proprietary "closed source" operating systems and applications, Microsoft's in particular? [more]
Tuesday, 5 July 2005, 10:22 AM CET

Securing your network from inbound and outbound threats
A case study of deploying strong authentication and Web filtering to protect from inbound and outbound security threats. [more]
Tuesday, 5 July 2005, 3:03 AM CET

RBC Centura warns 10,000 in security breach
RBC Centura has notified 10,000 customers in five states that their credit and debit card numbers were among those stolen when computer hackers penetrated a credit card processing company. [more]
Tuesday, 5 July 2005, 2:50 AM CET

Decoys suggested for Pentagon network
Two of the Pentagon's leading technologists propose defending the military's Global Information Grid by using decoy networks and "honey pots" to fool hackers. [more]
Tuesday, 5 July 2005, 2:30 AM CET

China signs anti-spam pact
China - the world's second biggest producer of spam behind the US - has signed up to an international agreement to crack down on unsolicited email. [more]
Tuesday, 5 July 2005, 12:35 AM CET

Hackers crack two-factor security
Technology is not the golden bullet to stop web fraud, warn security experts. [more]
Tuesday, 5 July 2005, 12:25 AM CET

Symbian Trojan drains the life from phones
Virus writers have created a new Symbian Trojan called Doomboot-A that loads an earlier mobile virus (Commwarrior-B) onto vulnerable smartphones. [more]
Monday, 4 July 2005, 3:21 PM CET

Are firewalls expendable?
The firewall's fate is up for debate. [more]
Monday, 4 July 2005, 12:54 PM CET

Keeping email under lock and (public) key
With governments and law enforcement organizations pushing for increasingly intrusive monitoring and logging of business email messages, network administrators are put in an uncomfortable situation. [more]
Monday, 4 July 2005, 12:53 PM CET

DNS name serving through NSD
Given the sheer importance of name servers in providing Domain Name System (DNS) resolution, not many people put much thought into the available software alternatives for pulling off this feat. One compelling application is NSD, an alternative to the widely deployed BIND name server. [more]
Monday, 4 July 2005, 12:48 PM CET

Tale of the tape: encrypt data now
Data should be encrypted in transit. [more]
Monday, 4 July 2005, 12:46 PM CET

How (and why) to turn a Linux server into a router
Peter Harrison explains why Linux can reduce the cost of routers and how to make that happen. [more]
Monday, 4 July 2005, 12:45 PM CET

Reverse engineering patches making disclosure a moot choice?
When Microsoft released limited information on a critical vulnerability in Internet Explorer last month, reverse engineer Halvar Flake decided to dig deeper. [more]
Monday, 4 July 2005, 12:42 PM CET

Judge bans company's deceptive anti-spyware claims
The Federal Trade Commission in the US has won an preliminary injunction against Trustsoft. [more]
Monday, 4 July 2005, 12:40 PM CET

Cisco snaps up security firm
Cisco last week said it has agreed to pay $30 million for a year-old start-up called NetSift. [more]
Monday, 4 July 2005, 12:40 PM CET

Data security is retailers' job, too
BJ's Wholesale Club provides a sobering example of what can happen when identity thieves attack, stealing customer data. [more]
Monday, 4 July 2005, 12:37 PM CET

Passive fingerprinting with p0f
P0f is a passive fingerprinting tool that offers interesting possibilities for gathering information about other systems, without generating any traffic at all (unlike active port scanners ala Nmap). [more]
Monday, 4 July 2005, 12:32 PM CET

Laptop theft - an insider’s guide to not becoming another statistic
Protecting against laptop and data theft would appear to be relatively easy but, in a business sense, is rarely so. This article provides some basic steps for employees to follow in order to protect laptops. [more]
Monday, 4 July 2005, 1:20 AM CET

Firms still neglecting PDA security
Survey finds high number of firms failing to enforce security guidelines. [more]
Friday, 1 July 2005, 11:51 AM CET

Affordable IT: securing your IM systems
Your end users are going to use Instant Messaging systems - with or without IT's blessing. Find out how to keep your network safe and secure, whether your IM app is public or private. [more]
Friday, 1 July 2005, 11:49 AM CET

Fake Microsoft security alert includes Trojan patch
Bogus security bulletin links to malicious software that gives attackers complete access to the infected machine. [more]
Friday, 1 July 2005, 4:00 AM CET

Anti-spam success drives malware authors downmarket
Crooks are turning to spyware scams because it's getting harder to make money from spam, according to a leading UK anti-virus expert. [more]
Friday, 1 July 2005, 3:49 AM CET

Rats in the security world
There are many rats in the security world, starting with email and other insecure protocols that should be abandoned overnight. [more]
Friday, 1 July 2005, 3:25 AM CET

Hackers unleash industrial spy Trojan
Malware targets very small number of high value domains. [more]
Friday, 1 July 2005, 3:12 AM CET

ID theft tips
When you and your family or friends go on vacation, you can't let your guard against ID theft go too! Don't let identity thieves take away all the fun from your summer vacation. [more]
Friday, 1 July 2005, 2:59 AM CET

Fighting EPO viruses
This article studies complex Entry Point Obscuring (EPO) viruses, by looking at the detection and removal of the difficult Win32.CTX.Phage virus. [more]
Friday, 1 July 2005, 2:57 AM CET

Share permissions
This article will take an in-depth look at the pitfalls and suggested methods on how to protect the resources that are shared from servers to users on the network. [more]
Friday, 1 July 2005, 2:48 AM CET

Microsoft in talks to buy adware developer
Purchase could fall through because of concerns about how deal would be seen by the public. [more]
Friday, 1 July 2005, 2:39 AM CET

FBI probes phishing of eBay in Norway
A Norwegian Internet radio site has been shut down pending an FBI investigation of a possible attempt to swindle customers of the eBay Web auction house, the company hosting the site said Wednesday. [more]
Friday, 1 July 2005, 2:33 AM CET

Threat to enterprise security - Wi-Fi
With the rapid adoption of Wi-Fi networks by enterprise IT departments everywhere, network security now involves an entirely new dimension of vulnerability to malicious hackers and casual intruders. [more]
Friday, 1 July 2005, 2:14 AM CET

Attackers seek vulnerable Veritas Backup installations
Users urged to apply patch. [more]
Friday, 1 July 2005, 2:04 AM CET

Men blamed for spyware surge
Male workers are twice as likely as their female colleagues to swap music files at work on a daily basis, according to a new survey by censorware firm Surfcontrol. [more]
Friday, 1 July 2005, 1:26 AM CET

Credit card security: saga of broken rules
Remember this equation: (security + privacy) - action = liability [more]
Friday, 1 July 2005, 1:03 AM CET


Successful strategies to avoid frequent password changes

Posted on 19 August 2014.  |  After a widespread, nonspecific data breach, the conventional wisdom is that people should change all their passwords. But, there’s a better way.

Weekly newsletter

Reading our newsletter every Monday will keep you up-to-date with security news.

Daily digest

Receive a daily digest of the latest security news.


Wed, Aug 20th