Off the Wire

Off The Wire Archive

News items for August 2003

Experts dub MSBlaster suspect a 'script kiddie'
A teenager who the FBI said admitted writing a variant of the MSBlaster virus was apparently a novice code writer who made too many mistakes, experts said Friday. [more]
Saturday, 30 August 2003, 1:01 AM CET

Review - Ilium Software eWallet 3.1
eWallet is a tool that can contain all your private data in a compact and secure manner. The review is based on eWallet 3.1.OT running on a Microsoft Windows Mobile 2003 powered HP IPAQ 5550. [more]
Friday, 29 August 2003, 4:19 PM CET

Opinion - SCO vs. IBM
Bob Toxen, the author of "Real World Linux Security: Intrusion Prevention, Detection, and Recovery", gives his take on the SCO situation. [more]
Friday, 29 August 2003, 4:18 PM CET

Teen-age Blaster worm suspect may be arrested
A teen-ager suspected of making the devastating Blaster Internet worm even more potent will likely be arrested on Friday, the Seattle Times reported citing two U.S. Justice Department sources. [more]
Friday, 29 August 2003, 2:32 PM CET

Innocents caught in SCO-Linux cross fire
The battle between The SCO Group and the Linux and open-source communities is apparently taking some innocent bystanders hostage. [more]
Friday, 29 August 2003, 8:18 AM CET

Securing MySQL: step-by-step
This article describes the basic steps which should be performed in order to secure a MySQL database against both local and remote attacks. [more]
Friday, 29 August 2003, 8:17 AM CET

Public urged to avoid biometric trial
No cooperation - no ID cards, say privacy advocates. [more]
Friday, 29 August 2003, 8:13 AM CET

Hidden trails to 'pirates' revealed
The music industry's methods of tracking down suspected music pirates have been revealed for the first time. [more]
Friday, 29 August 2003, 8:12 AM CET

Future of computer security is in central databases, not PCs
Computer viruses are becoming so aggressive and sophisticated that they may soon be able to elude antivirus programs installed on individual computers, according to many in the security industry. [more]
Friday, 29 August 2003, 8:06 AM CET

Grid security: state of the art
Grid computing soon could be central to your enterprise's networking strategy. But what about security? Author Anne Zieger explores advances in grid security that are beginning to address critical security issues. [more]
Friday, 29 August 2003, 8:05 AM CET

Microsoft hides behind Linux for protection
Microsoft is relying on Linux to keep its Web site safe from attackers. [more]
Friday, 29 August 2003, 8:03 AM CET

Windows security tools for free
Here are five of those tools that may just give IT people the slanted perspective they need to really bulletproof a network. [more]
Friday, 29 August 2003, 8:02 AM CET

Amazon sues spam spoofers
"The nice thing with this lawsuit and with spoofing in general is that Amazon is [relying on] enforceable law," IDC research manager Jonathan Gaw told the E-Commerce Times. "It's commercial fraud. It's different from the anti-spam laws, which haven't been tested." [more]
Friday, 29 August 2003, 7:58 AM CET

FBI hunts Sobig, MSBlast makers
The FBI is actively investigating the two most recent - and most damaging - worms and viruses, the agency says, and is "confident" it will bring those responsible to justice. [more]
Friday, 29 August 2003, 7:52 AM CET

Review - Building Secure Wireless Networks with 802.11
As you can see, we have yet another wireless review on Help Net Security. As more and more people are migrating their wired networks into wire-free environment, wireless security is becoming one of the most talked about IT topics. What is this book all about? Read on. [more]
Thursday, 28 August 2003, 4:30 PM CET

IIS 6.0 makes URLScan almost obsolete
IIS 6.0 has many significant security improvements, which is one reason I frequently hear the question "Do I need to run URLScan with IIS 6.0?" Probably not. [more]
Thursday, 28 August 2003, 1:03 PM CET

Avoid security vulnerabilities in your CGI programs
Because CGI is easy to use as a front-end, it has a lot of flexibility and power that can go awry. [more]
Thursday, 28 August 2003, 12:59 PM CET

Is SCO hack a Linux attack?
The software developer's website has already been hit once after the company began trying to collect royalties from users of Linux. Now it's happened again and SCO is starting to take it personally. [more]
Thursday, 28 August 2003, 12:57 PM CET

Want to visit Britain? Join the fingerprint queue
The Government today announced plans to extend the use of biometric technology throughout the UK visa system in a crackdown against abuse of the immigration system. [more]
Thursday, 28 August 2003, 12:48 PM CET

Secure programmer: developing secure programs
This column explains how to write secure applications; it focuses on the Linux operating system, but many of the principles apply to any system. [more]
Thursday, 28 August 2003, 12:45 PM CET

A legal fix for software flaws?
Critics call for new liability laws after virus attacks. [more]
Thursday, 28 August 2003, 12:43 PM CET

Security pros: be wary of tech analysts
Established analysis houses have been attacked by security professionals who claim the companies don't have the specific expertise required to deliver a meaningful insight into security technologies. [more]
Thursday, 28 August 2003, 12:41 PM CET

Exploiting holes in the Net
Worms prove security needs to be updated. [more]
Thursday, 28 August 2003, 12:39 PM CET

Fighting for the freedom to tinker
Copyright and computer security guru Ed Felten warns: "A collision is happening between creativity and protecting intellectual property". [more]
Thursday, 28 August 2003, 12:35 PM CET

U.S. sponsors anti-censorship web service
A federal agency contracts with Anonymizer to help Iranians bypass their government's Internet blacklist. [more]
Thursday, 28 August 2003, 12:34 PM CET

Network Associates sniffs out VoIP patent
Filtering technology helps optimise VoIP calls. [more]
Wednesday, 27 August 2003, 2:47 PM CET

Automating security patches
Microsoft explained its highly publicised service for managing security patches at this week's Tech-Ed at Sun City, saying a choice of three methods is available to resolve the inadequacy of reactive current practices. [more]
Wednesday, 27 August 2003, 2:45 PM CET

Viral opportunity
Outdated newspaper ads, misinformative bounce messages and a "good" virus-killing virus made amusing sideshows to the SoBig - Blaster circus. [more]
Wednesday, 27 August 2003, 2:28 PM CET

Netgear routers attack university
A design flaw in a router product has seen the University of Wisconsin's network bombarded with network time protocol synchronisation requests, in an accidental denial of service attack. [more]
Wednesday, 27 August 2003, 2:22 PM CET

FBI hunts down worm writers
The FBI is "confident" that it will capture those who are responsible for creating and spreading the MSBlast worm and the Sobig.F virus, the bureau said Tuesday. [more]
Wednesday, 27 August 2003, 2:11 PM CET

Security tool targets small networks
Network Associates ships Netasyst Network Analyzer. [more]
Wednesday, 27 August 2003, 2:10 PM CET

Digital content protection, part II
How anti-piracy technologies are transforming digital media. [more]
Wednesday, 27 August 2003, 2:10 PM CET

St. Bernard announces E-mail filtering appliance
St. Bernard Software Inc., announced ePrism Mail Filter. This e-mail filtering appliance features a full combo of e-mail security, spam protection, anti-virus scanning and content control. [more]
Wednesday, 27 August 2003, 1:39 AM CET

CERT computer expert faces sex charges
A Carnegie Mellon University computer security expert is accused of using the Internet to arrange a sexual rendezvous with someone he believed to be a naive 15-year-old Westmoreland County girl named "Kelly." [more]
Wednesday, 27 August 2003, 12:33 AM CET

Secure Digital connectors help keep data safe
FCI has added two Secure Digital (SD) memory card connectors to its multimedia product range. [more]
Tuesday, 26 August 2003, 2:57 PM CET

Hardware-based PC firewalls
Just how secure is your network? Chris van Niekerk, country manager of 3Com SA, asks the question many IT managers ask themselves daily. [more]
Tuesday, 26 August 2003, 2:54 PM CET

A big battle’s over, but the worm war continues
Eleventh-hour efforts by security experts, Internet service providers and law enforcement apparently blocked the execution of a scheduled updating of the Sobig worm this weekend, but the venerable code continues to pose a threat. [more]
Tuesday, 26 August 2003, 2:53 PM CET

Review - Identity Theft
Identity theft has been one of the most discussed subjects in the news during the previous year. According to the cover of this book, it's the fastest growing crime in America. I was very intrigued when I got my hands on this title since the initial browsing of the content promised a very interesting read. Does the book deliver? Read on to find out. [more]
Tuesday, 26 August 2003, 2:06 PM CET

BlackBerry reveals bank's secrets
When a computer consultant buys a used wireless pager - once the property of a former Morgan Stanley executive - on eBay, he ends up with an unexpected bonus: a trove of sensitive corporate data. [more]
Tuesday, 26 August 2003, 12:34 AM CET

Web surfers flock to antivirus sites
With computer users under siege from a variety of worms, Internet buffs are rushing to Microsoft's antivirus site to search for ways to combat the problem. [more]
Tuesday, 26 August 2003, 12:25 AM CET

Hackers cut off SCO Web site
This weekend, a denial-of-service attack took down the Web site of The SCO Group, which is caught in an increasingly acrimonious row with the open-source community over the company's legal campaign against Linux. [more]
Tuesday, 26 August 2003, 12:21 AM CET

Identity theft: It's not about you
The only ones sowing fear about digital identity are the ones who don't need it. [more]
Tuesday, 26 August 2003, 12:17 AM CET

Microsoft copes with worm chaos
Even top executives pitched in to answer phones after Blaster hit. [more]
Tuesday, 26 August 2003, 12:14 AM CET

DVD-copying code loses free speech shield
The California Supreme Court ruled Monday that a Web publisher could be barred from posting DVD-copying code online without infringing on his free speech rights. [more]
Tuesday, 26 August 2003, 12:10 AM CET

Latvian bank joins list of Baltic computer virus casualties
One of Latvia's biggest banks was forced to shut down cash machines and other electronic operations as the Sobig.F computer virus, which has been wreaking havoc around the world in the past week, continued to make its presence felt in the three Baltic countries. [more]
Tuesday, 26 August 2003, 12:07 AM CET

NIST to host a Biometrics Conference
NIST is holding the Biometric Consortium's fall conference, BC 2003, to showcase recent advances in the field and examine technological and security issues facing the biometrics industry. [more]
Monday, 25 August 2003, 5:49 PM CET

Symantec AntiVirus for Handhelds announced
Symantec Corp. announced the Symantec AntiVirus for Handhelds line of consumer and enterprise solutions. All three products are scheduled to be available for purchase in early September. [more]
Monday, 25 August 2003, 5:40 PM CET

HNS Newsletter issue 176 has been released
You can read the Newsletter in TXT or PDF format. If you haven't done it yet, consider subscribing. [more]
Monday, 25 August 2003, 2:54 PM CET

Security software booms in the Gulf
The software security market is booming in the Gulf, according to IDC. It says that the market hit US$44.31 million in 2002 with the secure content management (specifically antivirus software) segment overshadowing the rest of the market with a 57.2% share of spending. [more]
Monday, 25 August 2003, 10:26 AM CET

Microsoft Windows: insecure by design
Between the Blaster worm and the Sobig virus, it's been a long two weeks for Windows users. But nobody with a Mac or a Linux PC has had to lose a moment of sleep over these outbreaks -- just like in earlier "malware" epidemics. [more]
Monday, 25 August 2003, 10:23 AM CET

Postfix: a secure and easy-to-use MTA
Postfix was developed as a replacement for Sendmail and is known to compile on almost every flavor of Unix including Mac O/S X. [more]
Monday, 25 August 2003, 10:18 AM CET

Why virus writers get away with it
Last week, the Internet was hit with a one-two-three punch. Two so-called direct Internet worms, MSBlast and Nachi, tied up Web traffic while the fastest-spreading e-mail worm ever, Sobig, slowed e-mail communications. [more]
Monday, 25 August 2003, 10:17 AM CET

War of the worms
As millions of computers strain under another attack, Paul Harris meets the virus writers - and the cyber sleuths who aim to hunt them down. [more]
Monday, 25 August 2003, 10:16 AM CET

WLAN eye in the sky
Properly configuring and maintaining a WLAN requires an appropriate tool kit, and Observer 8.3 delivers in spades. [more]
Monday, 25 August 2003, 10:14 AM CET

A patchy understanding of security investment
The techniques hackers are using to hit networks are relying more and more on unpatched systems. [more]
Monday, 25 August 2003, 10:13 AM CET

Arizona company subpoenaed in virus attack
Security experts managed to avert a threatened Internet attack, while FBI agents subpoenaed an Arizona company for clues to the origins of a fast-spreading computer virus that slowed e-mail systems worldwide this week. [more]
Monday, 25 August 2003, 10:12 AM CET

The only ways to stop spam and viruses
What will it take to get rid of online pests and make the Internet a safer, less irritating place to work and play? New computers, for one. And an end to online anonymity, for another. Let me explain. [more]
Monday, 25 August 2003, 10:08 AM CET

Why people write computer viruses
Millions of inboxes and networks have been brought to their knees by a triple whammy of computer viruses. So who are the people behind these creations that can wreak havoc on the net? [more]
Monday, 25 August 2003, 10:02 AM CET

Review - How Secure is Your Wireless Network?
Niels Ferguson, the author of the "Michael" message integrity code algorithm used in TKIP said - "Using a wireless netwok for mission-critical data is plain stupid. Using it for life-critical data is criminally negligent". Will this book help you secure your wireless LAN? Read on to find out. [more]
Friday, 22 August 2003, 10:12 PM CET

Survey: viruses impact one-third of American internet users
Edelman provides comprehensive public relations and marketing services to computer security companies in the US. They're recent survey shows that nearly one in three Internet users in the US has been affected by a computer virus or hacker in the past two years. [more]
Friday, 22 August 2003, 10:10 PM CET

Officials looking to unearth Internet worm writers
Experts believe writers of malicious codes that snarl e-mail traffic are out to impress others. [more]
Friday, 22 August 2003, 4:27 PM CET

Wireless on Linux, part 1
Today let's take a look at which brands and devices work on Linux. [more]
Friday, 22 August 2003, 3:17 PM CET

Did Blaster cause the blackout?
Rumours are circulating that the MSBLAST worm, also affectionately known as Blaster, may have been the cause of the blackout that killed the power in a whole swathe of states from the mid-west through to New York recently. [more]
Friday, 22 August 2003, 3:12 PM CET

How I survived MSBlast
The Blaster worm is affecting hundreds of thousands of Windows computers whose owners couldn't be bothered to patch them. But there's a very good reason why so many PCs are left insecure, as Matthew Broersma found out first-hand. [more]
Friday, 22 August 2003, 3:09 PM CET

Hi-tech crime a 'significant' threat, warn police
The potential for losses through hi-tech crime to grow is rising as criminals become more technically competent, according to an annual assessment of serious and organised crime in the UK. [more]
Friday, 22 August 2003, 2:58 PM CET

Boeing launches messaging security company
Boeing has spun off its internally developed messaging and compliance technology into a company called MessageGate. [more]
Friday, 22 August 2003, 2:51 PM CET

Slow down internet worms with tarpits
This timely article discusses how to slow the spread of Internet worms using a tarpit and IPtables on Linux. A similar approach could potenially be used with tarpits on Windows platforms, Solaris, OpenBSD, and others. [more]
Friday, 22 August 2003, 2:44 PM CET

August: a real can of worms
Spam, fame, opportunity fuel newest pests, but the blame goes around. [more]
Friday, 22 August 2003, 8:05 AM CET

WS-Security spec nearing completion
The draft specification designed to connect Web services with security measures can't be approved fast enough for companies eager to get Web services projects online. [more]
Friday, 22 August 2003, 8:04 AM CET

Apathy remains a threat to security
UK internet users dont appear to be worried about the effects of viruses until its almost too late. This is the latest from research into BT Openworlds customer base. [more]
Friday, 22 August 2003, 8:03 AM CET

Microsoft watching newsgroups
Ever get the feeling your Usenet newsgroup list is being watched? By Microsoft? [more]
Thursday, 21 August 2003, 1:48 PM CET

Sobig-F is fastest growing virus ever - official
Sobig-F has taken the record as the world's most rapidly spreading virus to date, according to managed services firm MessageLabs, which stopped more than one million copies of the email-borne nuisance since its first appearance earlier this week. [more]
Thursday, 21 August 2003, 1:43 PM CET

New e-mail scam targets St. George
Yet another online banking spam scam is doing the rounds, this time targeting St. George bank users. [more]
Thursday, 21 August 2003, 1:33 PM CET

Hacking the hacker
How a consultant shut down a malicious user on a client's FTP server. [more]
Thursday, 21 August 2003, 1:29 PM CET

Why Microsoft's security needs a patch
Again, a virus threatens to bring down the Net. The Blaster worm shows us that Microsoft learned nothing from January's Slammer attack. [more]
Thursday, 21 August 2003, 1:21 PM CET

Penetration testing for web applications (part three)
The third and final article in this series investigates session security issues and cookies, buffer overflows and logic flaws, and provides links to further resources for the web application penetration tester. [more]
Thursday, 21 August 2003, 8:26 AM CET

Hassled to death: Rain Forest Puppy, nerd overlord
If you think famed security researcher Rain Forest Puppy's (RFP) recent announcement that he's stepping away from the limelight means he's precious, think again -- the guy has just had enough, and the problems he's been confronted with are fairly familiar. [more]
Thursday, 21 August 2003, 8:26 AM CET

Passwords are evil and expensive
Says a survey commissioned by the company with the solution. [more]
Thursday, 21 August 2003, 8:20 AM CET

Small firms ignore security protection
Survey finds firewall and antivirus software considered unimportant by SMEs. [more]
Thursday, 21 August 2003, 8:19 AM CET

RISC processor takes network security onboard
The SH7710 32bit RISC microprocessor features an IPsec accelerator for fast encryption and communication processing. [more]
Thursday, 21 August 2003, 8:19 AM CET

Review - Secure Shell in the Enterprise
There are still telnet users but a great number of users have realized that you can use SSH to encrypt all your traffic and thus eliminate many well-known attacks. No wonder SSH is being implemented in many enterprises Worldwide. This book promises to be the answer to your implementation problems. Does it deliver? Read on to find out. [more]
Wednesday, 20 August 2003, 2:57 PM CET

Powerful wireless security tools for free
For a network administrator or curious end-user looking to do basic sniffing of the airwaves for WLAN traffic and locations, Kismet, NetStumbler and AirSnort have a price that's hard to beat. [more]
Wednesday, 20 August 2003, 2:51 PM CET

Small firms shun IT security
Despite large numbers of computer systems being struck down with deadly viruses over the past weeks, almost one-third of small firms do not think anti-virus or firewall protections is important to their business. [more]
Wednesday, 20 August 2003, 2:48 PM CET

Scams that sting even smart people
You can't avoid all of them but you can at least try to minimize the damage. [more]
Wednesday, 20 August 2003, 2:48 PM CET

Slammer worm crashed Ohio nuke plant network
A computerized safety monitoring system at the Davis-Besse nuclear plant was crippled after the worm entered through the business network of the plant's operator, FirstEnergy Corp. [more]
Wednesday, 20 August 2003, 2:46 PM CET

Palm Wi-Fi PDA gets Aegis security
Palm's Tungsten C Wi-Fi PDA is now backed by Meetinghouse's Aegis enterprise-oriented WLAN access authentication software, the network security specialist said. [more]
Wednesday, 20 August 2003, 2:42 PM CET

Host-hopping scripts in Python
How and why I used SSH, Python and Expect to transfer Web logs to a central computer for processing. [more]
Wednesday, 20 August 2003, 2:39 PM CET

Legislation has spam on the run
There is now a better understanding among lawmakers over how the Internet works -- a change from the early 1990s when a lack of knowledge resulted in such unpopular measures as the Communications Decency Act. [more]
Wednesday, 20 August 2003, 2:39 PM CET

Navy's Intranet crippled by worm outbreak
The Navy confirmed today that its multibillion-dollar Navy/Marine Corps Intranet (N/MCI) has been taken off-line by what could be a combined onslaught of the Blaster worm variant and Sobig.F Internet worms, which are spreading fast. [more]
Wednesday, 20 August 2003, 2:35 PM CET

Computer virus hinders Air Canada operations
A computer virus designed to inoculate against another infection brought down some computer networks Tuesday, forcing Air Canada to check in passengers manually at airports across the country. [more]
Wednesday, 20 August 2003, 2:34 PM CET

Worm and virus overload networks
Corporate networks worldwide are struggling under the double burden of the "good" MSBlast variant and a new version of the malicious Sobig email virus. [more]
Wednesday, 20 August 2003, 2:34 PM CET

Sygate Announces Sygate Secure Enterprise 3.5
The latest version of Sygate's enterprise solution includes strategic enhancements that enable Sygate agents to automatically enforce corporate security policies on both internal and external endpoints.
Wednesday, 20 August 2003, 12:14 AM CET

PointGuard: protecting pointers from buffer overflow vulnerabilities
This paper presents a compiler technique to defend against most kinds of buffer overflows by encrypting pointers when stored in memory, and decrypting them only when loaded into CPU registers. [more]
Tuesday, 19 August 2003, 3:53 PM CET

Microsoft celebrates fifteen years of poor security
That the Blaster worm should spread as rapidly as it did was testament to one thing only, the poor security in Microsoft's software. [more]
Tuesday, 19 August 2003, 3:52 PM CET

Vulnerability assessment is no longer an ad hoc luxury
The risk of information security vulnerabilities in the global (and more specifically) South African business landscape, is unfortunately, an ever-increasing and alarmingly constant. [more]
Tuesday, 19 August 2003, 3:50 PM CET

Sobig is back, badder than ever
The Sobig email virus which caused havoc two months ago has reappeared in a virulent new form, according to email service provider MessageLabs. [more]
Tuesday, 19 August 2003, 3:49 PM CET

DirectX attack expected - patch Windows now
Following last week's MSBlast worm attack, security experts at Microsoft and other firms are worried that a recently discovered vulnerability in DirectX could cause even more problems. [more]
Tuesday, 19 August 2003, 3:41 PM CET

No new service pack for Win XP until late next year
Microsoft won't release a second service pack for Windows XP until the second half of next year, giving users more responsibility for applying individual patches and updates. [more]
Tuesday, 19 August 2003, 3:40 PM CET

Pocket Wi-Fi sniffers end missing hotspot misery
Road warriors know the frustration: you're in a foreign city and want to find a Wi-Fi access point. [more]
Tuesday, 19 August 2003, 3:39 PM CET

Internet information scam uses Citi logo
Citigroup Inc.'s corporate logo is the latest one to be lifted by Internet scammers as a way to steal information from unwitting consumers. [more]
Tuesday, 19 August 2003, 3:36 PM CET

The IT security spending conundrum
The market is growing, revenues are up, spending has not increased. Er, what's up? [more]
Tuesday, 19 August 2003, 3:34 PM CET

Are you a good or a bad worm?
A new worm being circulated on the Internet is designed to kill MSBlaster, the worm that wreaked havoc on computers last week. Some security officials are not amused. [more]
Tuesday, 19 August 2003, 3:30 PM CET

MRTG for intrusion detection with IIS 6
This article explains how to use a Multi Router Traffic Grapher (MRTG) to see the big picture of your network traffic and to help visually spot attacks. [more]
Tuesday, 19 August 2003, 3:10 PM CET

Review - Practical Unix & Internet Security 3/e
The book contains numerous practical examples that help administrators understand what should be done about securing their systems and what is the best way to achieve security. [more]
Tuesday, 19 August 2003, 12:56 AM CET

HNS Newsletter issue 175 has been released
You can read the Newsletter in TXT or PDF format. If you haven't done it yet, consider subscribing. [more]
Monday, 18 August 2003, 6:12 PM CET

Gartner predicts more serious Internet security incidents
With more than 600 million individuals worldwide now on the Internet, cybercriminals are taking advantage of users, enterprises and unsecured systems to usher in a new era of high-profit, low-overhead crimes, according to Gartner. [more]
Monday, 18 August 2003, 10:06 AM CET

Langa letter: managing your Windows XP passwords
Losing a Windows XP password is surprisingly common! Here are Fred's suggestions about how to get back into your accounts and files. [more]
Monday, 18 August 2003, 8:15 AM CET

Forensic plan key to hacker prosecution: detective
Having a forensic readiness plan is critical to a company's ability to prosecute a computer-based attacker, a detective of Victoria's computer crime squad has told the Hack 2003 conference in Melbourne. [more]
Monday, 18 August 2003, 8:11 AM CET

Think like a hacker: the best scanning tools
They may be the best way to make sure your network is safe, but today's scanning appliances are far more complex than the simple tools of yesteryear. [more]
Monday, 18 August 2003, 8:08 AM CET

Cryptography locks down WAP and P2P transmissions
Find out how you can make your wireless apps a little safer. [more]
Monday, 18 August 2003, 8:03 AM CET

The end of e-mail viruses and antivirus apps
The MSBlast worm that wreaked havoc last week signals a sea change in the virus world. E-mail viruses are on their way out, says Robert, and so are antivirus solutions as we know them today. [more]
Monday, 18 August 2003, 8:02 AM CET falls to DOS attack
Microsoft's main Web site was inaccessible for two hours Thursday evening, the victim of an Internet-borne DOS attack, the company said. [more]
Monday, 18 August 2003, 7:57 AM CET

FreeBSD access control lists
Unix permissions are flexible and can solve almost any access control problem, but what about the ones they can't? [more]
Monday, 18 August 2003, 7:55 AM CET

Wireless networking
Remember how fun it was to get your first Net connection working? It's like that. [more]
Monday, 18 August 2003, 7:52 AM CET

Cyber-security: set a thief to catch a thief
The recent much-hyped internet hacks and "worm" virus that have hit banks in South Africa may have shocked most people but came as no surprise to a Cape Town teenager. [more]
Monday, 18 August 2003, 7:49 AM CET

Worm's growth contained as deadline looms
The MSBlast worm is spreading more slowly as users patch PCs, with its attack on Microsoft's update service scheduled to start from midnight on Friday. [more]
Friday, 15 August 2003, 11:52 AM CET

Making your PC secure: a responsibility
Each passing year, software which protects against viruses is becoming more and more crucial. If you're reading this and you do not have virus protection, I'd advise you to get it as soon as you can. [more]
Friday, 15 August 2003, 11:50 AM CET

Which VPN: SSL, IPsec or both?
What does the future hold for secure virtual private networks? Illena Armstrong gazes into her crystal ball to look for the answer. [more]
Friday, 15 August 2003, 11:44 AM CET

The bright side of Blaster
Experts predict the worm will leave a more secure Internet in its wake. [more]
Friday, 15 August 2003, 11:43 AM CET

Squashing the next worm
Two years after the Code Red and Nimda worms spread across the Internet, home users and many companies still aren't doing enough to secure themselves against Internet threats, said security experts. [more]
Friday, 15 August 2003, 11:41 AM CET

This hacker has designs on Stanford
The unassuming teenager who doubles up as a hacking expert and has helped global think-tanks and police officials combat computer attackers and digital swindlers, is spurning job offers to pursue a degree at the prestigious Stanford University. [more]
Friday, 15 August 2003, 11:40 AM CET

Security in business processes
A while ago I hypothesised about who might supply your security. A good example of this is SeeBeyond who have a suit of products based around connecting trading partners. [more]
Friday, 15 August 2003, 11:34 AM CET

Blaster only set to stun
After worldwide calamities such as CodeRed and Nimda, why were lessons not learned in order to protect computers against the rapid spread of such a malignant terror? [more]
Friday, 15 August 2003, 2:55 AM CET

A firewall for IM: Just what we needed?
This week, firewall solution provider Zone Labs is releasing a dedicated software product that it says offers the sort of protection no instant messaging user can do without. [more]
Friday, 15 August 2003, 2:52 AM CET

Statement regarding GNU FTP site hack
Bradley M. Kuhn, Executive Director at Free Software Foundation wrote the following statement regarding the GNU FTP hack. [more]
Friday, 15 August 2003, 2:47 AM CET

Companies struggling with data protection
Study reveals FTSE 100 firms fail to meet recommended procedures. [more]
Friday, 15 August 2003, 2:41 AM CET

Microsoft reportedly testing security technologies
Microsoft is reportedly testing anti-virus and other security technologies to see if they could boost customers' perception of Windows, suggesting the technologies may one day become a part of the operating system. [more]
Friday, 15 August 2003, 2:36 AM CET

Detecting and understading rootkits
You've installed the latest Linux distribution and stopped all unnecessary services. You have a set of Netfilter rules that would make the Pentagon Security Department envy you. You drool with delight. But... [more]
Thursday, 14 August 2003, 12:50 AM CET

Techs begin task of fixing worm's damage
Computer technicians begin task of cleaning up after worm that invaded networks worldwide. [more]
Thursday, 14 August 2003, 12:27 AM CET

Copycat version of MSBlast worm already on the loose
It didn't take long for a quick copycat of MSBlaster to show its face. Wednesday, Moscow-based security firm Kaspersky Labs detected a variation of the MSBlast worm loose in the wild. [more]
Thursday, 14 August 2003, 12:20 AM CET

Anti-US hackers deface Australian government site
An Australian government Web site has been revealed as another victim of Sunday night's Web defacement spree by hacker group The Ghost Boys. [more]
Thursday, 14 August 2003, 12:17 AM CET

FSF FTP site cracked, looking for MD5 sums
The Free Software Foundation's FTP site at has been "compromised", and they don't seem to have full backups. [more]
Thursday, 14 August 2003, 12:16 AM CET

Honeypot farms
This article is about deploying and managing honeypots in large, distributed environments through the use of Honeypot Farms. [more]
Thursday, 14 August 2003, 12:15 AM CET

Experts: more sophisticated Windows worms likely
Despite infecting tens of thousands of computers worldwide, the recent W32.Blaster worm is poorly written and inefficient, blunting its impact, according to security experts. [more]
Thursday, 14 August 2003, 12:12 AM CET

Hackers claim new fingerprint biometric attack
Presenters at the Chaos Computer Camp say thin invisible latex can fool advanced fingerprint scanners. [more]
Thursday, 14 August 2003, 12:11 AM CET

Tech guide: how secure is your SAN?
With all they've got to worry about these days, most IT executives don't lose a lot of sleep over whether the data stored on their companies' tape and disk devices is secure. [more]
Thursday, 14 August 2003, 12:09 AM CET

Sun Microsystems opens early registration for secure desktop
Project Mad Hatter to provide relief to massive security hole in Windows operating system. [more]
Thursday, 14 August 2003, 12:07 AM CET

Microsoft braces for Saturday 'blast'
Like sharp-shooters armed and ready to fire, hundreds of thousands of computers are poised to let fly a potentially crippling data attack on a lone Web site belonging to software giant Microsoft. [more]
Thursday, 14 August 2003, 12:03 AM CET

Warnings did little to stop latest computer outbreak
The latest Internet attack on Microsoft operating systems by rogue software disabled tens of thousands of computers worldwide Tuesday, though a fix had been available for nearly a month. [more]
Wednesday, 13 August 2003, 2:07 AM CET

NEC Solutions unveils security software
NEC Solutions America unveiled a three-layer data security product aimed at health care organizations facing patient privacy rules. [more]
Wednesday, 13 August 2003, 1:54 AM CET

Viruses, hackers hit a third of net users
Nearly 32 percent of Internet users surveyed in mid-July said they had been affected by a hacker or computer virus in the past two years. [more]
Wednesday, 13 August 2003, 1:50 AM CET

Advanced encryption standard by example
The purpose of this paper is to give developers with little or no knowledge of cryptography the ability to implement AES. [more]
Wednesday, 13 August 2003, 1:14 AM CET

Acxiom hacker charged
The hacking allegedly took place last December. [more]
Wednesday, 13 August 2003, 12:43 AM CET

Benchmarking encryption technology
Although the cost of encryption technology -- be it Triple DES, AES, Blowfish, RSA or one of many other alternatives on the market -- is negligible, implementing it can lead to higher storage and processing costs. [more]
Wednesday, 13 August 2003, 12:41 AM CET

Computer co-location facility vulnerabilities
A possible scenario of how terrorists could smuggle and detonate explosives. [more]
Wednesday, 13 August 2003, 12:39 AM CET

File security plan proposed
New plan afoot to allow online security validation of software files from multiple vendors. [more]
Wednesday, 13 August 2003, 12:37 AM CET

Basic IIS lockdown using scripts and group policy
This paper is written for system administrators who want to make their life managing IIS easier using scripts with Active Directory and Group Policy. [more]
Wednesday, 13 August 2003, 12:35 AM CET

Hackers own all Wi-Fi hot-spot data
There are ways to protect enterprises from easily available packet-sniffing tools like dsniff, one of which is to deploy 'client-encryption' technology on all PCs, laptops, and mobile devices used to access sensitive corporate systems. [more]
Wednesday, 13 August 2003, 12:30 AM CET

Postal ID plan creates privacy fears
A government report that urges the U.S. Postal Service to create "smart stamps" to track the identity of people who send mail is eliciting concern from privacy advocates. [more]
Wednesday, 13 August 2003, 12:29 AM CET

Many Bluetooth gadgets open to wireless snooping
A new software tool could allow sensitive data could be pilfered through the air from laptops, mobile phones and handheld computers. [more]
Tuesday, 12 August 2003, 4:19 PM CET

Unholy matrimony: spam and virus
Their common goal is subterfuge, and by combining their strategies, they could make today's junk e-mail look like a mere nuisance. [more]
Tuesday, 12 August 2003, 4:18 PM CET

Labels to take fingerprints
Digital song-tracking company Audible Magic is striking a deal with Universal Music Group for song information, getting another leg up in its quest to be able to identify--and potentially block--music as it is transferred online. [more]
Tuesday, 12 August 2003, 4:07 PM CET

ISPs question RIAA subpoenas
An Internet company trade association sent a letter to the Recording Industry Association of America, asking for information and dialogue over issues related to the subpoenas being issued for file-swappers' identities. [more]
Tuesday, 12 August 2003, 4:06 PM CET

28 year old hacker commits suicide
Robert Skulj, an 28 years old hacker, who found serious security hole in electronic business system called Klik from Nova Ljubljanska Banka (Bank in Slovenia, EU), commited an suicide on friday. [more]
Tuesday, 12 August 2003, 4:05 PM CET

MS Blaster Worm Roundup
This roundup includes advisories, media releases, vendor information and news items dealing with MS Blaster worm. [more]
Tuesday, 12 August 2003, 1:10 PM CET

Blaster - RPC DCOM worm hits the net
A malicious worm that exploits last month's RPC DCOM vulnerability struck the Internet Monday afternoon, targeting unpatched Windows 2000 and Windows XP machines. [more]
Tuesday, 12 August 2003, 8:05 AM CET

Insuring security
As the risks of lost data and buggy systems increase, underwriters are offering cyber-insurance policies. But what exactly are you paying for? [more]
Tuesday, 12 August 2003, 7:55 AM CET

Zone Labs steps into IM security
Zone Labs is expected to announce its entry into the instant messaging (IM) security market with IMSecure Pro. [more]
Tuesday, 12 August 2003, 7:51 AM CET

More security certification courses go online
IT security pros can beef up their skills in new online security standards certification programs this fall. [more]
Tuesday, 12 August 2003, 7:39 AM CET

The next generation of active operating system fingerprinting
Although some advancement was made in the field of active operating system fingerprinting in the recent years, still, there are many issues to resolve. This paper presents the enhancements made with Xprobe2 v0.2 RC1 and discusses the tool’s future development. [more]
Monday, 11 August 2003, 2:34 PM CET

HNS Newsletter issue 174 has been released
You can read the Newsletter in TXT or PDF format. If you haven't done it yet, consider subscribing. [more]
Monday, 11 August 2003, 2:32 PM CET

Simple Nomad's DefCon11 rant
Have you noticed the change? Do you remember where you were when you first felt the change? I am talking about the change in the security community, especially the underground community. Less trust. More control. Less truth. [more]
Monday, 11 August 2003, 11:48 AM CET

Security spending to hit $13.5bn by 2006
Global revenues in enterprise security technology are predicted to reach $13.5 billion by 2006, up from $7.1 billion in 2002 last year. [more]
Monday, 11 August 2003, 11:44 AM CET

Comparison of Bayesian spam filters
The beauty of bayesian filtering is that the filter can be trained by each individual user simply by categorizing each received e-mail as either spam or not-spam; after the user has categorized a few e-mails the filter will begin to make this categorization by itself, and usually with a very high level of accuracy. [more]
Monday, 11 August 2003, 11:21 AM CET

A look at 802.11a, b, and g throughput
Now that the 802.11g standard has been finalized, comparisons with the other standards in the 802.11 family are inevitable. [more]
Monday, 11 August 2003, 11:17 AM CET

How an e-mail virus could cripple a nation
A simple e-mail virus outbreak could bring down a nation's information infrastructure, says one security expert. Robert explains how this could happen--and why it's good to talk about cyberterrorism. [more]
Monday, 11 August 2003, 9:00 AM CET

A turning point for e-government
Feds express a mixture of optimism, concern in the wake of Forman's departure. [more]
Monday, 11 August 2003, 8:57 AM CET

Affordable firewalls
Info World: "We test whether firewall appliances can really do the job." [more]
Monday, 11 August 2003, 12:15 AM CET

NSA proposes backdoor detection center
National think tank would develop automated tools and techniques for detecting malicious tampering in source code and executables. [more]
Monday, 11 August 2003, 12:12 AM CET

FreeBSD ports tricks
One of the many reasons to love FreeBSD is its ports collection. Nearly 10,000 applications are available, and any installation is a mere make install clean away. In this article, I'd like to share some of my favorite ports tricks. [more]
Monday, 11 August 2003, 12:10 AM CET

'Do not spam' lists find skeptics
Frustrated Internet users inundated with unwanted get-rich-quick schemes and herbal Viagra offers may have noticed a new, unsolicited pitch promising to reduce the amount of "spam" e-mail they receive. [more]
Monday, 11 August 2003, 12:08 AM CET

SA banks, retailers prepare for global security standards
SA banks and retailers have stepped up their efforts to meet the mandated Visa and MasterCard deadline for the security of their PIN-handling systems to comply with the global Triple DES (T-DES) algorithm standard. [more]
Friday, 8 August 2003, 8:28 AM CET

New ID system sparks privacy debate
Fingerprints, DNA and behavioural characteristics are unique and difficult to forge, but using them to identify an individual in the modern world is legally problematic. [more]
Friday, 8 August 2003, 8:22 AM CET

New WLAN attacks identified
AirDefense says that during monitoring at the DefCon hacker convention in Las Vegas last weekend the company identified new security issues specifically effecting wireless LANs. [more]
Friday, 8 August 2003, 8:19 AM CET

LinuxWorld: 2.6 kernel cures some security shortcomings
Concerns about security may keep some IT shops from choosing Linux. Those concerns aren't justified, says Dan Frye, director of IBM Corp.'s Linux Technology Center. In this interview, Frye discusses Linux's few security shortcomings and the security advances coming in the 2.6 kernel. [more]
Friday, 8 August 2003, 8:11 AM CET

New security woes for e-vote firm
A January source code leak revealed the innards of Diebold Election Systems' proprietary voting software. A new breach threatens to expose the company's business practices -- including its security methods. [more]
Friday, 8 August 2003, 8:06 AM CET

Hacker attack damages 2,000 computers at Stanford
Officials at Stanford University are scrambling to repair the damage from a hacking attack that has infected thousands of campus computers. [more]
Friday, 8 August 2003, 8:01 AM CET

Know your security onions
Steve Brown, managing director of Novell UK, recommends the multiple, overlapping layers of the 'onion' approach to cyber-security. [more]
Friday, 8 August 2003, 8:00 AM CET

Hacker gets Acxion customer information
A computer hacker gained access to private files at Acxiom Corp., one of the world's largest consumer database companies, and was able to download sensitive information about some customers of the company's clients. [more]
Friday, 8 August 2003, 7:58 AM CET

Time running out to manage security
Hundreds of point security solutions and a poor industry record in security management have led to a level of complexity today that can still be resolved. [more]
Friday, 8 August 2003, 7:45 AM CET

SCO battle rooted in Unix's fragmented history
The SCO Group's attempts to squeeze a revenue stream out of Linux is rooted in the long and tangled history of computer operating systems. [more]
Friday, 8 August 2003, 7:44 AM CET

Chief Security Officer's point of view
CSO magazine recently did a poll, where 480 chief security officers and senior security executives discussed security issues and industry regulations. [more]
Friday, 8 August 2003, 4:58 AM CET

Entrust releases new secure web portal solution
Entrust released its latest Secure Web Portal Solution based on Entrust TruePass Version 7.0, the first Web security solution in the market today to deliver bi-directional, end-to-end security for online information regardless of an organization's Web infrastructure. [more]
Thursday, 7 August 2003, 10:10 AM CET

NIAP certification becoming a priority
The government's plan to pressure software vendors to build more secure products seems to be gathering a bit of momentum. [more]
Thursday, 7 August 2003, 9:02 AM CET

Win32 device drivers communication vulnerabilities - tutorial
The following a complete tutorial on how to exploit Norton Antivirus's device driver to gain elevated privileges. The tutorial is comprehensive, and detailed enough to be used to learn on the issue, and how to find these types of vulnerabilities in other products. [more]
Thursday, 7 August 2003, 9:01 AM CET

Blogs: another tool in the security pro's toolkit (part two)
Part two on blogs covers RSS feeds that are highly relevant to the security community. [more]
Thursday, 7 August 2003, 8:59 AM CET

Swollen orders show spam's allure
A New Hampshire company appears to be grossing close to half a million dollars each month by spamming people with sales pitches for an herbal "male enhancement" product. The discovery may explain the intractability of junk e-mailers on the Internet. [more]
Thursday, 7 August 2003, 8:50 AM CET

The costly password problem
Do you have a card in your wallet or a list on your PDA consisting of user names and passwords you use? If so, you're not the only person who can't remember them all, and there may be security risks and costs associated with the way you manage the data. [more]
Thursday, 7 August 2003, 8:46 AM CET

Security guard
Once burned, lesson learned, the adage goes. So why do IT departments keep getting burned by the same security issues? [more]
Thursday, 7 August 2003, 1:10 AM CET

Hackers and vendors brawl over nothing
The issue of security vulnerability disclosure has been a hot topic for a long time now, however recent efforts to bring in new disclosure guidelines are unlikely to change anything. [more]
Thursday, 7 August 2003, 1:04 AM CET

The Internet security demon that won't die
"A traditional regulatory model applied to the Internet is doomed to failure. By the time it was regulated, you'd be dealing with an Internet that was two years older," says Larry Clinton, chief operating officer at the Internet Security Alliance. [more]
Thursday, 7 August 2003, 1:03 AM CET

Wireless LAN security falls short
Wireless LAN vendors have failed to deliver interoperable, highly secure wireless LANs, according to META Group. [more]
Thursday, 7 August 2003, 12:59 AM CET

Vulnerability Assessment
This document serves as an introduction to the subject of security vulnerability assessments. It focuses primarily on vulnerability assessments performed from an external/remote location (like that of an actual hacking attack). [more]
Thursday, 7 August 2003, 12:53 AM CET

Memory sticks are the latest security risk
Memory sticks have been branded as the latest security risk by security firm SecureWave, whose intrusion prevention technology can be used to control the use of the popular devices in corporate environments. [more]
Thursday, 7 August 2003, 12:34 AM CET

Lack of security at wireless conferences
During the 802.11 Planet Expo in Boston, wireless security company AirDefense monitored WLAN activity and reported a number of security issues. [more]
Wednesday, 6 August 2003, 1:36 PM CET

Reducing "Human Factor" Mistakes
This paper will try to summarize various mistakes done by System Administrators, Company Executives and of course the end users, and will also provide you with useful strategies that will definitely help you reduce or completely eliminate the mistakes. [more]
Wednesday, 6 August 2003, 10:19 AM CET

Linux approved for use on sensitive computers in the US
Linux software has been approved for use on the most sensitive computers in US corporations and the US federal govern-ment, including those inside banks and the Pentagon, an important step for software widely considered the top rival to Microsoft. [more]
Wednesday, 6 August 2003, 10:16 AM CET

Attack of the mutant internet worms
Internet worms that spread themselves through corporate networks or e-mail programs, wreaking havoc on thousands of computers, are growing faster, smaller and more virulent, a security expert has said. [more]
Wednesday, 6 August 2003, 10:14 AM CET

DefCon 2003 - myth, reality and pictures
Attendees at this year's DEFCON hacker convention in Las Vegas were more annoyed at the long lines for speaker sessions than any appearance by "The Man" (i.e. the Feds). [more]
Wednesday, 6 August 2003, 10:06 AM CET

Britain: a nation of cyber snoopers
Britain is fast becoming a nation of cyber snoopers, according to a study. [more]
Wednesday, 6 August 2003, 9:58 AM CET

Wardrivers map vast areas of wireless hotspots
Wardrivers Matthew Hyson, left, and J.P. Tanguay, CEO of Wireless Friendly, know where unprotected wireless networks are in Toronto and they say the number is worrisome. [more]
Wednesday, 6 August 2003, 9:57 AM CET

Hacker hit parade goes live
Security firm Qualys has begun producing a real-time index of the vulnerabilities that are the current favourites of the net's community of malicious hackers. [more]
Wednesday, 6 August 2003, 9:52 AM CET

Host-based intrusion detection with Samhain
Samhain is a wonderful GPL host-based intrusion detection system. [more]
Wednesday, 6 August 2003, 9:51 AM CET

E-mail fraud takes a new twist
There's a new Internet fraud scheme you can add to your list: phishing. [more]
Wednesday, 6 August 2003, 9:49 AM CET

Novell eDirectory has additional Linux support and enhanced security
Novell eDirectory will ship with built-in support for advanced authentication methods, such as biometrics, smart cards and tokens. [more]
Wednesday, 6 August 2003, 9:47 AM CET

Thought for the day: Stop crying virus wolf
The security industry has a duty to be more realistic, says security expert Jan Hruska. [more]
Wednesday, 6 August 2003, 9:40 AM CET

Country-coded computer worms may be ahead
Future computer worms could be programmed to attack only within a particular country, according to a leading computer security expert. [more]
Tuesday, 5 August 2003, 1:53 PM CET

'Ethical hackers' test for weakness
In a 17th-floor corner office in north Toronto, a group of computer nerds is feverishly attacking Corporate Canada -- and getting paid for its efforts. [more]
Tuesday, 5 August 2003, 1:47 PM CET

Robot 'guard dog' sniffs out Wi-Fi holes
DefCon: A group of security experts have created a two-wheeled robot that detects security problems in Wi-Fi networks. [more]
Tuesday, 5 August 2003, 1:43 PM CET

Berkeley braces for hacker attack
University to shut down outside access to part of its network this morning. [more]
Tuesday, 5 August 2003, 1:40 PM CET

LDAP injection: are your web applications vulnerable?
The objective of this paper is to inform developers, system administrators and security professionals about various techniques that can be used to attack their applications. It also describes preventive measures for protecting applications from these intrusions. [more]
Tuesday, 5 August 2003, 1:36 PM CET

Demonstrating ROI for penetration testing (part two)
The second article in this series will introduce Risk Management concepts as they relate to Information Asset valuation. [more]
Tuesday, 5 August 2003, 1:26 PM CET

Hack attacks at record levels
Attacks on Australian computer systems are at record levels. More than 1000 incidents a week are being reported, internal figures from the security organisation, AusCERT, reveal. [more]
Tuesday, 5 August 2003, 1:16 PM CET

NZ CCIP chief talks security
Monitoring security issues and making sure all the latest patches are installed on your system could be almost a full-time job for one staff member in a moderate-sized IT department, says Jay Garden, head of the New Zealand government's Centre for Critical Infrastructure Protection. [more]
Tuesday, 5 August 2003, 1:14 PM CET

IBM gives nod to Wave security tools
Wave Systems' push to pull in corporate customers for its security software got a lift from IBM, which has given the thumbs-up to two of the company's new products. [more]
Tuesday, 5 August 2003, 1:11 PM CET

Virus poses as admin e-mail
People are being warned to be on the lookout for a Windows e-mail virus which pretends to be a message from computer support staff. [more]
Tuesday, 5 August 2003, 1:10 PM CET

Securesuite XS disposes of passwords
I/O software's SecureSuite XS Workstation 4.2 reduces help desk costs associated with forgotten user passwords by eliminating passwords altogether. [more]
Tuesday, 5 August 2003, 1:08 PM CET

Patch your software - it'll help secure the Net
When a security researcher or vendor first releases information about a software vulnerability, the clock starts ticking. How long will it be until a malicious user takes advantage of it? [more]
Monday, 4 August 2003, 10:15 AM CET

Review - Web Services Security
Web Services are appearing and dominate as new application solutions. At the same time they present great challenges for security. This book describes a union of Web Services and information security. [more]
Monday, 4 August 2003, 10:12 AM CET

Microsoft's web site brought down by attack
Denial of service is blamed for outage that lasted more than an hour. [more]
Monday, 4 August 2003, 12:23 AM CET

Microsoft warns browser users about 'worm' virus
Microsoft is warning its customers about a computer worm that exploits a flaw in its Internet Explorer browser. [more]
Monday, 4 August 2003, 12:20 AM CET

When employees are the enemy - security from the inside
Beyond the network level, firewalls also can be erected at the application and desktop levels to give employees only the access they need accordig to Check Point project marketing manager Sweta Duseja. [more]
Monday, 4 August 2003, 12:19 AM CET

Blocking malicious URLs
Many exploits on many Web servers—most often Microsoft IIS—have been based on URLs that were technically legal but employed buffer overflows or similar techniques. [more]
Monday, 4 August 2003, 12:17 AM CET

Wireless security: Harder than you think
Adding encryption to wireless networking isn't always simple. [more]
Monday, 4 August 2003, 12:16 AM CET

Dos & don'ts: configuring Linux routers
Even the most experienced network administrator can get stumped when configuring Linux routers, says Tony Mancill, author of Linux Routers: A Primer for Network Administrators, 2nd Ed. [more]
Monday, 4 August 2003, 12:14 AM CET

Could crackers steal the 2004 election?
A report by the Information Security Institute at Johns Hopkins University says the touch-screen machines are Swiss cheese — full of holes — for hackers. “Common voters, without any insider privileges, can cast unlimited votes without being detected,” the report claims. [more]
Friday, 1 August 2003, 12:22 PM CET

Black Hat puts hacker on mock trial
A raucous conference crowd heard real-life attorneys battle over a hacker's guilt in a mock trial held to illustrate how slippery electronic evidence can be in computer crime cases. [more]
Friday, 1 August 2003, 12:18 PM CET

Services from a security point of view
In this article, we'll go over each of the most commonly used Internet services, briefly examining each for their weaknesses and abuse potential. [more]
Friday, 1 August 2003, 12:14 PM CET

Government security: stormy on several fronts
The number of different IT issues facing our government—from ID-theft to intrusion detection—would challenge even the most capable corporate information officer. [more]
Friday, 1 August 2003, 12:12 PM CET

Stolen PDAs provide open door to corporate networks
The PDA Usage Survey 2003 has found that PDA owners commonly download the entire contents of their personal and business lives onto their handheld computers - with many leaving the information unencrypted and without password protection. [more]
Friday, 1 August 2003, 12:12 PM CET

APEC furthers plans to combat cybercrime
Greater use of the Internet has become a boon for cybercriminals. [more]
Friday, 1 August 2003, 12:07 PM CET

Fed: Cyberterror fears missed real threat
When airliners crashed into the World Trade Center and the Pentagon on September 11th, 2001, the nature of the attack took America's defenders by surprise. They were expecting hackers. [more]
Friday, 1 August 2003, 12:00 PM CET

Hoax e-mail may be worse for business than viruses
“Hoax e-mails are a major headache for IT departments,” said Chris Belthoff, senior security analyst at Sophos. “They're more insidious; they prey upon weaknesses of the end-user; they panic employees over non-existent viruses.” [more]
Friday, 1 August 2003, 11:58 AM CET

Intel locks up deal for secure PCs
Intel has signed a deal to integrate security software into motherboards that will be used in business computers, part of a larger industry effort to improve security. [more]
Friday, 1 August 2003, 11:57 AM CET


Patching: The least understood line of defense

Posted on 29 August 2014.  |  How many end users, indeed how many IT pros, truly get patching? Sure, many of us see Windows install updates when we shut down our PC and think all is well. It’s not.

Weekly newsletter

Reading our newsletter every Monday will keep you up-to-date with security news.

Daily digest

Receive a daily digest of the latest security news.


Tue, Sep 2nd