Off the Wire

Off The Wire Archive

News items for September 2004

Sticky security problems
The potential threats posed by memory sticks. [more]
Thursday, 30 September 2004, 6:10 PM CET


Secure Linux: hope or hype?
The race is on to deliver a version of the Linux open-source operating system that will be more secure than any of its predecessors but also manageable and affordable enough to garner widespread acceptance. [more]
Thursday, 30 September 2004, 4:20 PM CET


Putting Wi-Fi behind the corporate firewall
"For years, company employees have had dial-up access to the corporate network over a virtual private network," says Wi-Fi Alliance managing director Frank Hanzlik. "Today, the security is still provided with a VPN -- they just connect with Wi-Fi." [more]
Thursday, 30 September 2004, 4:16 PM CET


IM worm crawls through JPEG hole
Attack largely unsuccessful, but security experts warn of more to come. [more]
Thursday, 30 September 2004, 4:15 PM CET


So many viruses, so little time
Those who design new ways of launching attacks on computers are shortening the development cycle for new exploits, worrying companies and systems manufacturers. [more]
Thursday, 30 September 2004, 4:12 PM CET


Data and security key issues in BI roll-out
Companies see big operational benefits in implementing business intelligence software but only after overcoming numerous technical, cultural and process challenges. [more]
Thursday, 30 September 2004, 4:11 PM CET


Warspammer pleads guilty under anti-spam law
A Los Angeles man who spewed porn advertisements from his car likely faces up to six months in jail. [more]
Wednesday, 29 September 2004, 7:26 PM CET


Large scale IM virus attack feared
Security researchers are seeing the first signs of a large-scale virus attack taking advantage of a known flaw in the way JPEG images are processed in Microsoft Windows products. [more]
Wednesday, 29 September 2004, 7:25 PM CET


How to combat spyware
There's no doubt that the presence of spyware on a computer is a serious intrusion of privacy that needs to be dealt with. [more]
Wednesday, 29 September 2004, 7:22 PM CET


SysAdmin to SysAdmin: five flags you completely forgot about
Administrators are creatures of habit. So much so that we often read things and think, "hey, that's really cool," and then we completely forget about them, even though they might, in some instances, be useful on a regular basis. [more]
Wednesday, 29 September 2004, 7:17 PM CET


Going further to stop hackers
The OpenBSD free Unix project has focused on auditing software security since its inception in 1995, in a bid to thwart malicious hackers. [more]
Wednesday, 29 September 2004, 6:42 PM CET


Sarbanes-Oxley documentation for administrators
This article examines the U.S. Sarbanes-Oxley Act of 2002 from a systems administrator’s viewpoint and looks at some tips to help you be better prepared for such an assessment. [more]
Wednesday, 29 September 2004, 6:41 PM CET


What security means for the chief executive
Legislation and cybercrime mean greater responsibility for senior management. [more]
Wednesday, 29 September 2004, 6:34 PM CET


Defeating honeypots : network issues, part 1
The purpose of this paper is to explain how attackers behave when they attempt to identify and defeat honeypots, and is useful for security professionals to deploy honeypots in a more stealthy manner. [more]
Wednesday, 29 September 2004, 6:33 PM CET


IT bosses eye up biometric security
Firms prepare to introduce iris scans and fingerprint recognition in the workplace. [more]
Wednesday, 29 September 2004, 6:26 PM CET


Vendors struggle to cope with WLAN security threats
The market for wireless local area network (WLAN) security technologies is growing "phenomenally", but vendors are struggling to keep up with the fast-moving nature of WLAN security threats, industry experts have warned. [more]
Wednesday, 29 September 2004, 6:25 PM CET


UK policeman arrested over phone tap claims
Six men - including a serving Metropolitan Police officer - have been arrested concerning the alleged illegal interception of private phone calls. [more]
Wednesday, 29 September 2004, 6:24 PM CET


Japanese bank uses biometrics to boost security
Japan's third-largest bank, The Bank of Tokyo-Mitsubishi, will deploy a biometric security system based on vein-pattern recognition technology in branches nationwide in October. [more]
Wednesday, 29 September 2004, 6:23 PM CET


Security firms merge to form Cybertrust
"We are going to see more consolidation in this space. I don't think many of these managed security companies are making a huge profit or having much impact on the market. The whole area is a minefield and requires huge investment," Bernie Dodwell, business development director at distributor Wick Hill, said. [more]
Tuesday, 28 September 2004, 5:48 PM CET


Security in a world without borders
As the perimeter loses ground in the battle for secure networks, some security executives want to do away with perimeter security altogether. But others aren't so sure. [more]
Tuesday, 28 September 2004, 5:45 PM CET


OpenSSH marks its fifth birthday
OpenSSH marks five years of its existence this week and a new round of internet SSH version mapping shows that it has over 88 percent of the SSH server market. [more]
Tuesday, 28 September 2004, 4:11 PM CET


Microsoft, Amazon.com file phishing, spamming lawsuits
Suit alleges Gold Disk Canada is responsible for sending millions of deceptive e-mails. [more]
Tuesday, 28 September 2004, 4:10 PM CET


Wireless security: 'We have to do the right things'
With its security improving, wireless is set for deployment. [more]
Tuesday, 28 September 2004, 4:03 PM CET


UK firm promises super-secure email
Jeftel .safe service bypasses servers to avoid snooping and spam. [more]
Tuesday, 28 September 2004, 4:01 PM CET


Security vendors harden products
Security companies are trotting out intrusion-prevention system and vulnerability-assessment products. [more]
Tuesday, 28 September 2004, 3:57 PM CET


Nokia breaks into home security market
Wireless home monitoring device controlled by text message. [more]
Tuesday, 28 September 2004, 3:56 PM CET


Nuke watchdog issues cybergeddon alert
The United Nations' nuclear watchdog agency warned of growing concern about cyber attacks against nuclear facilities. [more]
Tuesday, 28 September 2004, 3:55 PM CET


Terrorists grow fat on email scams
Organisations such as al-Qaeda, ETA en PKK are copying Nigerian scams to fund terrorism, two Dutch experts told Dutch daily De Telegraaf. [more]
Tuesday, 28 September 2004, 3:51 PM CET


Security leaders get bigger
Consolidation in the security sector continued last week as three firms planned a merger to form a new security giant offering global services. [more]
Tuesday, 28 September 2004, 3:50 PM CET


House struggles over security bill
House Republicans rejected language in a bill that would have shifted oversight responsibility for cybersecurity from the Homeland Security Department to a newly created position in the Office of Management and Budget. [more]
Tuesday, 28 September 2004, 3:48 PM CET


Not Yet Another Setup Tool (YaST) anymore
GUI-Based, Application-Level Security Management for Novell's SLES 9. [more]
Monday, 27 September 2004, 4:23 PM CET


Financial web sites vulnerable to phishing attacks
Survey shows nine out of 10 financial web sites contain security flaws. [more]
Monday, 27 September 2004, 4:17 PM CET


Will we have a wireless public safety network?
Group demonstrates possible solutions, but lawmakers also need to act. [more]
Monday, 27 September 2004, 4:05 PM CET


Information security fast becoming core issue in corporate governance
A large number of corporations in Middle East are beginning to identify 'information security' as a core area of corporate governance, said sources from information security sector. [more]
Monday, 27 September 2004, 3:56 PM CET


Mandrakesoft in bid For EAL5 certification
Mandrakesoft is teaming with a consortium of European partners in an effort to win Common Criteria Evaluation Assurance Level 5, the highest security certification. [more]
Monday, 27 September 2004, 3:55 PM CET


Audio - The certification of SSL VPNs
Brian Monkman, Technology Programs Manager at ICSA Labs, discusses how SSL VPNs are certified at ICSA Labs. Help Net Security visitors are introduced to the background and the process of this thorough certification procedure. [more]
Monday, 27 September 2004, 3:27 PM CET


Biometrics: a security makeover
The reliability of facial biometrics has been seriously questioned in the past. A4Vision has developed and marketed 3D facial biometrics technology that is drawing strong interest. [more]
Monday, 27 September 2004, 1:25 PM CET


Hackers smell blood in Common Windows Interface
Hackers smell blood in Common Windows Interface [more]
Monday, 27 September 2004, 1:23 PM CET


E-business sites hit with attacks, extortion threats
Attackers may be shifting strategy and aiming at specific companies. [more]
Monday, 27 September 2004, 1:22 PM CET


Security in a single package
Hercules offers patch management, remediation, policies in unified interface. [more]
Monday, 27 September 2004, 1:18 PM CET


VeriSign, RSA introduce authentication tools
VeriSign Inc. added yet another security system to the industry with VeriSign Unified Authentication. [more]
Monday, 27 September 2004, 1:17 PM CET


'UTM appliances' will supplant firewalls
The basic building block of today's network security is the firewall but two market analyses from research company IDC offer compelling evidence that this is about to change. [more]
Monday, 27 September 2004, 1:15 PM CET


Designing Network Security, Second Edition
This is a comprehensive guide which will help you understand the fundamentals of securing your network infrastructure. [more]
Friday, 24 September 2004, 6:07 PM CET


Virus writers focus on image bug
A critical weakness found in many Microsoft programs looks like it is about to be exploited by virus writers. [more]
Friday, 24 September 2004, 12:55 PM CET


Wireless tip: Don't hide from risk
The best wireless network security is to not have a wireless network, according to Defense and intelligence experts. [more]
Friday, 24 September 2004, 11:09 AM CET


House drops plans to move cybersecurity role to White House
House Republican leaders backed away Thursday from a proposal to move important cybersecurity functions from the Homeland Security Department to the White House budget office. [more]
Friday, 24 September 2004, 11:08 AM CET


Identity theft on the rise in the UK
But neither banks nor consumers are doing enough to mitigate the risk. [more]
Friday, 24 September 2004, 11:07 AM CET


Hardening Linux authentication and user identity
PAM is an authentication mechanism that originated on Solaris, but is used on various systems, including Linux. [more]
Friday, 24 September 2004, 12:19 AM CET


System attackers up the ante
Attacks are not only rising in number, but in speed and sophistication too. [more]
Friday, 24 September 2004, 12:16 AM CET


Anti-spam standard body dismantled
Row over Microsoft's Sender ID leads to disbanding of IETF working group. [more]
Friday, 24 September 2004, 12:15 AM CET


Mac or PC? Windows' security issues help users choose
This virus and security problem might be the biggest challenge to Microsoft in years. The message I get is that people are fed up with the vulnerability of Windows. They are increasingly willing to consider other options. And, for whatever reasons, Apple's Macintosh and Linux-based computers hardly get infected or invaded at all. [more]
Friday, 24 September 2004, 12:10 AM CET


IT security culture must start from the top
Global survey warns senior execs against 'delegating' security awareness. [more]
Friday, 24 September 2004, 12:03 AM CET


French Defense Ministry commissions high-security Linux
The French Ministry of Defense has awarded an $8.6 million, three-year contract to a consortium of companies, including Linux vendor Mandrakesoft, to develop a highly secure Linux operating system. [more]
Friday, 24 September 2004, 12:02 AM CET


Are firewalls useful? and another thing...
Address spoofing depends crucially on being able to hide the real source address, so why not make that impossible? One way to do it would be to have all the ISPs and network carriers whose connections constitute the Internet certify where packets entering the network come from. [more]
Thursday, 23 September 2004, 3:37 PM CET


Nokia breaks into home security market
Wireless home monitoring device controlled by text message. [more]
Thursday, 23 September 2004, 12:54 PM CET


Firm justifies job for virus writer
A German computer security firm has defended its decision to hire the self-confessed teenage author of the Sasser and Netsky worms. [more]
Thursday, 23 September 2004, 12:08 PM CET


P-cube goes hunting for zombie PCs
P-Cube, the traffic management firm Cisco agreed to buy for $200m last month, is aiming to tackle the problem of spam at source by detecting and quarantining spam zombie machines. [more]
Thursday, 23 September 2004, 12:01 PM CET


Ireland cracks down on net scams
Calls to 13 other countries will be blocked to thwart auto-dialer software. [more]
Thursday, 23 September 2004, 11:46 AM CET


4 must-have security solutions
Vulnerability and automated patch management top the list. [more]
Thursday, 23 September 2004, 11:44 AM CET


Bill would narrow intruder surveillance
Senate proposal would scale back a provision of the USA Patriot Act that lets the FBI monitor alleged computer trespassers without a warrant [more]
Thursday, 23 September 2004, 11:39 AM CET


Hackers hit credit card company
DDoS attack on e-commerce service provider is preceded by an extortion note. [more]
Thursday, 23 September 2004, 11:34 AM CET


Exploit posted for Microsoft JPEG flaw
Customers are urged to install software updates. [more]
Thursday, 23 September 2004, 11:33 AM CET


DHS expands biometric use
Biometric programs should be expanded to fight terrorism and crime, a Homeland Security Department official said. [more]
Thursday, 23 September 2004, 11:30 AM CET


Information security fails to reach the boardroom
Global security survey shows need for greater awareness still an issue. [more]
Thursday, 23 September 2004, 11:29 AM CET


The spy threat from the internet
Browsing the web can let unwanted visitors into your system - and simple anti-virus software can't catch them. [more]
Wednesday, 22 September 2004, 1:19 PM CET


There's 100,000 of them... and they're after you
As a new study reveals that the number of malicious computer programs has reached the 100,000 mark for the first time, Adrian Mather looks at the dangers facing us in our own homes and what we can do to ward off an attack. [more]
Wednesday, 22 September 2004, 1:18 PM CET


Activists find more e-vote flaws
More weaknesses appear in the Diebold electronic voting system that activists say could be used to rig the November election. The company says auditing procedures would catch any vote fraud. [more]
Wednesday, 22 September 2004, 11:44 AM CET


Uncle Sam demands all air travel records
The US Transportation Security Administration (TSA) has demanded the passenger records of all domestic flights during the month of June, 2004, so that it can test its new "CAPPS Lite" data mining operation before putting it into production, the Associated Press reports. [more]
Wednesday, 22 September 2004, 11:37 AM CET


Backing up your Linux desktop with rsync
This article explain how to use rsync to backup your computer to a drive attached to your system. [more]
Wednesday, 22 September 2004, 11:35 AM CET


Security fears still blocking WLAN adoption
Despite the best efforts of the Wi-Fi industry to assure companies wireless networking is safe in the workplace, a new survey of executives finds security remains the leading barrier to WLAN adoption. [more]
Wednesday, 22 September 2004, 11:24 AM CET


Offshore security can be compromised by cultural differences
Gartner has warned companies that outsource to countries like India and China not to overlook the impact of cultural differences on security. [more]
Wednesday, 22 September 2004, 11:18 AM CET


I/O devices are trusted with PC security
Two new SafeKeeper Trusted Input/Output (I/O) devices are designed to embed security into desktop and notebook computer motherboards. [more]
Wednesday, 22 September 2004, 11:18 AM CET


The building blocks of a customized security service
New IP VPN services can be customized to fit specific user needs, speeding time-to-market without investing in dedicated hardware or applications. [more]
Tuesday, 21 September 2004, 9:14 AM CET


Secure ID tags at AOL
Internet provider introduces new service to put a 'dead bolt' on accounts. [more]
Tuesday, 21 September 2004, 9:13 AM CET


Nmap examination of various operating systems
The purpose of this short comparison is to perform some sort of evaluation of the quality of the TCP/IP stack which is implemented differently in various Operating Systems. [more]
Tuesday, 21 September 2004, 12:18 AM CET


Hackers costing enterprises billions
Hackers continued adding billions to the cost of doing business on the Internet in the first half of 2004, despite security executives' efforts to prevent malicious attacks. [more]
Tuesday, 21 September 2004, 12:12 AM CET


Can all-in-one security appliances secure the network?
Some might do the job, but consultants recommend a layered security approach. [more]
Tuesday, 21 September 2004, 12:07 AM CET


Avoid security tools you don't need
Many technologies may be a waste of time and money, researcher says. [more]
Tuesday, 21 September 2004, 12:06 AM CET


Sasser author gets IT security job
Securepoint technical director Lutz Hausmann says the teenager deserved a second chance. [more]
Tuesday, 21 September 2004, 12:04 AM CET


Microsoft-Cisco security fight hurts us all
Microsoft and Cisco pachyderms are fighting over network security standards, and the losers, once again, are the folks on the ground. [more]
Tuesday, 21 September 2004, 12:03 AM CET


Oracle security patches causing headaches
Oracle Corp. released a batch of security patches earlier this month, addressing dozens of vulnerabilities discovered this year. With limited information on each patch, DBAs are being forced to take entire systems out of production. [more]
Tuesday, 21 September 2004, 12:02 AM CET


Gartner: Information security is still key
Despite claims from some quarters that security will cease to be a key issue over the next few years, Gartner stressed today that information security will remain a major executive concern for the foreseeable future. [more]
Tuesday, 21 September 2004, 12:00 AM CET


Biometrics for Network Security
With all the problems related to using simple password-based authentication methods, biometrics surely has major "pros" for its implementation in enterprise networks. Can this book help you? Read on and find out. [more]
Monday, 20 September 2004, 3:41 PM CET


Hackers deploying 'bots' on a massive scale
Symantec reports up to 75,000 PCs being compromised daily. [more]
Monday, 20 September 2004, 2:26 PM CET


FTC backs spammer bounties (false)
A program to encourage members of the public to become "bounty hunters" tracking down email spammers received the luke warm backing of the US Federal Trade Commission (FTC). [more]
Monday, 20 September 2004, 1:46 PM CET


4 tips for a strong defense
Agency efforts to tighten system security have evolved in recent months from documenting weaknesses to deploying security safeguards, said experts familiar with federal programs. [more]
Monday, 20 September 2004, 1:21 PM CET


VMware - secure access goes virtual
VMware offers a new option for controlling access to corporate systems. [more]
Monday, 20 September 2004, 1:19 PM CET


Microsoft trials piracy lock on Download Center
New feature locks out pirated copies of Windows. [more]
Monday, 20 September 2004, 1:18 PM CET


Arrest made in Cisco source code theft
Police in the UK have arrested a man in connection with the theft of source code from networking equipment maker Cisco Systems in May, a Scotland Yard spokeswoman confirmed on Friday. [more]
Monday, 20 September 2004, 1:17 PM CET


A feast of anti-spam
The proliferation of anti-spam offerings has left many businesses bewildered. Which products should they choose? [more]
Monday, 20 September 2004, 1:14 PM CET


Net security threats growing fast
More than 30,000 PCs per day are being recruited into secret networks that spread spam and viruses, a study shows. [more]
Monday, 20 September 2004, 1:13 PM CET


A visual history of spam and virus emails
Raymond chen, a Microsoft employee has kept every single piece of spam since mid-1997. The results were then put into a graph to show a visual representation of spam and viruses received for the last 6 years. [more]
Monday, 20 September 2004, 1:12 PM CET


Open source security: still a myth
This article looks at why open source software may currently be less secure than its commercial counterparts. [more]
Friday, 17 September 2004, 8:48 PM CET


How to protect yourself if you use Windows
If you use a Windows personal computer to access the Internet, your personal files, your privacy and your security are all in jeopardy. [more]
Friday, 17 September 2004, 9:26 AM CET


SSH - the Secure Shell: an overview
SSH is an application protocol and software suite that allows secure network services over an insecure network such as the public Internet. [more]
Friday, 17 September 2004, 9:25 AM CET


Hackers seek to save America
A new cyber security centre has been launched in a remote area of eastern Idaho in the US to give expert hackers access to an entire isolated infrastructure to test computing vulnerabilities. [more]
Friday, 17 September 2004, 9:21 AM CET


Microsoft: security now key issue in browser market
Another security scare has hit Microsoft's Internet Explorer. [more]
Friday, 17 September 2004, 9:17 AM CET


NEC extends quantum cryptography range and speed
NEC researchers have developed a quantum cryptography system with sufficient speed and range to make it commercially viable. It could go on sale in the second half of 2005. [more]
Friday, 17 September 2004, 9:15 AM CET


Hackers jump on Windows vulnerability
Hackers are drooling at the thought of exploiting Microsoft's most recent vulnerabilities, security analysts said Thursday. [more]
Friday, 17 September 2004, 9:13 AM CET


Symantec to acquire @stake
Symantec has agreed to acquire @Stake, a Cambridge, Mass.-based provider of IT security consulting services. [more]
Friday, 17 September 2004, 9:10 AM CET


Phones gain coded security
"Pressure for greater security is coming from enterprise customers. [Security] used to be seen as an add-on to IT systems, but lately it has been regarded as something that has to be embedded from the beginning," commented Certicom's vice-president of marketing, Roy Pereira. [more]
Friday, 17 September 2004, 9:05 AM CET


Bugwatch: Managing network security risk
Jukka Sieppi, director of product management at network protection firm Stonesoft, warns of the dangers of adopting a so-called 'silver bullet' solution to network security. [more]
Thursday, 16 September 2004, 5:34 PM CET


Man pleads guilty in massive credit info theft case
Personal financial information stolen from more than 30,000 people [more]
Thursday, 16 September 2004, 2:27 PM CET


Sharing files over a network with NFS
As users chose to supplement their RISC OS computers with a second machine, there grows a need to manage files over a network. With this in mind, Paul Stewart guides us through evaluating and configuring NFS with RISC OS and Windows. [more]
Thursday, 16 September 2004, 2:24 PM CET


Extortion online
Technology can help fight the growing cyberextortion threat, but experts say not enough companies are prepared. [more]
Thursday, 16 September 2004, 2:22 PM CET


MySQL administrator
In this article, the author recommends MySQL Administrator, which allows an adminstrator to configure a MySQL server easily. [more]
Thursday, 16 September 2004, 2:21 PM CET


Bug detected In Unix and Linux admin console
A bug in Usermin, a widely used administration console for Unix and Linux, could allow a hacker to run malicious code through a specially crafted email, reported security researchers. [more]
Thursday, 16 September 2004, 2:18 PM CET


Academia battles forces of IT anarchy
Academic institutions who have to add, manage, and secure thousands of new users within a period of just a few days face political and social issues on top of the immense technical ones, suggests Scott Granneman. [more]
Thursday, 16 September 2004, 2:15 PM CET


Feds say Lamo inspired other hackers
Prosecutors blame the New York Times hacker for inspiring others of his generation to become cyber outlaws. [more]
Thursday, 16 September 2004, 2:13 PM CET


Give us a job, plead virus writers
Antivirus developers have to ensure that their software works reliably, detecting over 90,000 viruses on a wide variety of operating systems and network configurations without causing problems, explained consultant Graham Cluley. "Virus writers don't care if their code crashes or causes incompatibilities. You don't have to be a genius to write a virus," he said. [more]
Thursday, 16 September 2004, 2:12 PM CET


Microsoft not trying to hijack anti-spam spec
Though it has raised concerns about Microsoft's Sender ID anti-spam technology, the Internet Engineering Task Force, an organization devoted to establishing standards for Internet architecture, has not banned the software giant's participation in the development of an e-mail specification. [more]
Thursday, 16 September 2004, 2:10 PM CET


Five fired at Los Alamos lab
As part of the fallout from an incident at Los Alamos National Lab in July, five workers have been fired. They are among 23 suspended when computer disks containing classified information went missing. [more]
Thursday, 16 September 2004, 2:09 PM CET


Service monitoring with Nagios
Nagios calls itself an "open source host, service and network monitoring program". [more]
Wednesday, 15 September 2004, 3:24 PM CET


Intrusion detection with Tripwire
Tripwire is a file integrity checker for UNIX/Linux based operating systems and works as an excellent intrusion detection system. [more]
Wednesday, 15 September 2004, 10:05 AM CET


Super-secure network could flag data danger
It's a hacker's nightmare but a dream for bankers and spies: A computer network so secure that even the simplest attempts to eavesdrop will interrupt the flow of data and alert administrators to the snooping. [more]
Wednesday, 15 September 2004, 9:57 AM CET


Samba servers vulnerable to denial-of-service attacks
The Samba Team released on Tuesday a patch to fix two flaws that could result in disruptions for networks using the widely installed Unix and Linux software. [more]
Wednesday, 15 September 2004, 9:56 AM CET


Major graphics flaw threatens Windows PCs
Microsoft published on Tuesday a patch for a major security flaw in its software's handling of the JPEG graphics format and urged customers to use a new tool to locate the many applications that are vulnerable. [more]
Wednesday, 15 September 2004, 12:14 AM CET


Wardriving: you can look, but don't touch
Is wardriving legal? Until a court rules otherwise, it is. But should you access an open wireless network you stumble upon? The answer is no. [more]
Wednesday, 15 September 2004, 12:13 AM CET


Brazil is world 'hacking capital'
Brazil has become the global capital for computer hacking and internet fraud, according to experts meeting in the country's capital, Brasilia. [more]
Wednesday, 15 September 2004, 12:12 AM CET


Sun touts tougher security in Solaris 10
Sun Microsystems said its Solaris 10 operating system will be ready for general release by year's end, complete with a sharper set of security teeth. [more]
Wednesday, 15 September 2004, 12:11 AM CET


Nokia joins Secure Digital industry group
Nokia said it has joined an industry group working on technical and specification standards for Secure Digital memory card applications. [more]
Wednesday, 15 September 2004, 12:10 AM CET


BorderWare firewall fights VOIP threats
BorderWare Technologies Inc. has joined Ingate Systems AB and others in providing an edge solution to the external threat problem in voice-over-IP PBXes. [more]
Wednesday, 15 September 2004, 12:08 AM CET


IBM expands RFID services for manufacturers
IBM will offer a range of new services to help industrial firms respond to retail and government pressure to implement radio-frequency identification. RFID services will include consulting, developing the business case, technological proof of concept, and full rollout of the systems. [more]
Wednesday, 15 September 2004, 12:08 AM CET


Internet standards body rejects Sender ID proposal
The Internet Engineering Task Force has rejected Microsoft's Sender ID proposal due to the company's refusal to reveal details of a possible patent application on its proposed technology. [more]
Tuesday, 14 September 2004, 4:22 PM CET


SQL Server 2000 security - DTS security
In this article of our series presenting SQL Server 2000 Security, we are turning our attention towards Data Transformation Services. [more]
Tuesday, 14 September 2004, 4:05 PM CET


Analysts herald arrival of smart security patching tools
IT security managers can look forward to the arrival of enhanced patching technology which will automate and reduce the cost of installing software security and maintenance updates, industry experts have predicted. [more]
Tuesday, 14 September 2004, 3:58 PM CET


Wired for security
McAfee has always been synonymous with PC security, but CEO George Samenuk intends to make a priority of protecting wireless networks and voice communications over the Internet. [more]
Tuesday, 14 September 2004, 3:57 PM CET


Video interview with Chris Potter, PricewaterhouseCoopers Information Security Assurance Partner
In this video Mr. Potter talks about what can be done in order to minimize the recovery time from an incident, discusses the threat posed by increased mobile computing, the most important step businesses must take in order to manage their information security risks in the future, and more. [more]
Tuesday, 14 September 2004, 9:25 AM CET


Graphs for security
Most programmers are familiar with the access-control list (ACL) as a datastructure used for authorization. This article describes using a more robust structure called an access-control graph (ACG). The ACG has several advantages over traditional ACL designs and has special relevance in Web-based applications. [more]
Tuesday, 14 September 2004, 8:51 AM CET


Symantec launches antiphishing service
Symantec is fishing for dollars with a new service designed to help companies combat the ongoing epidemic of online identity theft, or "phishing," scams. [more]
Tuesday, 14 September 2004, 8:46 AM CET


Spycam may be watching you work
If you have a webcam and a microphone on your computer and a broadband connection to the internet, as many now do to chat with their friends around the world, a hacker could be watching you - maybe, if your PC is in your bedroom, just when you really needed privacy. [more]
Tuesday, 14 September 2004, 8:41 AM CET


I spy with my little eye
Forget Congress' myopic efforts to outlaw spyware. What we really need is better enforcement of existing computer crime laws. [more]
Tuesday, 14 September 2004, 2:48 AM CET


Extreme Wi-Fi
Take that wireless hot spot in the local java joint, jack it up on steroids and use it to connect an entire city full of computers. [more]
Tuesday, 14 September 2004, 2:46 AM CET


Safe databases are key to security
Your database and network design may help prevent critical vulnerabilities from being exploited. [more]
Tuesday, 14 September 2004, 2:36 AM CET


Multicore network security processor
Cavium will sample a line of single-chip, multi-core "network services processors" (NSPs) in Q1, 2005. [more]
Tuesday, 14 September 2004, 2:35 AM CET


SP2 fights worms, has bugs
Software conflicts are not the only issue causing some users heartburn. Many people have downloaded or installed the update without a hitch, but others have not been so lucky. [more]
Tuesday, 14 September 2004, 2:34 AM CET


Hercules, Stat Scanner, bulk up security
Financial-services firms get help fixing vulnerabilities with automated scanning and management applications. [more]
Tuesday, 14 September 2004, 2:32 AM CET


Beware of malformed MIME artists
The UK's top UK security co-ordination agency today warned of a series of vulnerabilities involving implementations of the Multipurpose Internet Mail Extensions (MIME) protocol within email and web security products. [more]
Tuesday, 14 September 2004, 2:25 AM CET


Certicom announces hardware security
Digital rights have become a bigger issue for the wireless industry in the last few years as music and other protected content is offered by carriers. [more]
Tuesday, 14 September 2004, 2:21 AM CET


Want more secure software? Then give your vendor hell
Software holes will mean security-related downtime will triple by 2008, unless IT managers take matters into their hands. [more]
Monday, 13 September 2004, 5:20 PM CET


Moving to the Linux Business Desktop
I've read countless articles debating whether Linux is ready for the desktop showcasing the strengths and weaknesses of this OS. This book goes beyond that discussion as the author doesn't think Linux is just ready for the desktop but for the business desktop. Did Gagne manage to guide the reader as well as in his previous books? Read on and find out. [more]
Monday, 13 September 2004, 12:15 PM CET


Identity fraud crisis spirals out of control
APACS calls on UK channel players to support anti-CNP schemes. [more]
Monday, 13 September 2004, 12:09 PM CET


New Windows OS boosts security
With its next version of Windows, dubbed Longhorn and due out in 2006, Microsoft is working on technology that will give companies more control over whether to prohibit devices that can easily be used to transfer data to and from personal computers. [more]
Monday, 13 September 2004, 12:12 AM CET


Enhancing Apache with mod_security
ModSecurity is an open source intrusion detection and prevention engine for web applications. [more]
Monday, 13 September 2004, 12:12 AM CET


MS Premium customers get early security warnings
Microsoft is giving premium customers advance notice of security bulletins, internetnews.com has learned. [more]
Monday, 13 September 2004, 12:11 AM CET


AKCP CameraProbe8 data center security monitor
AKCP has used embedded Linux to build a data center security monitor that can track both physical and network-related events. The CameraProbe8 has an integral low-light pan-and-tilt camera, and supports up to eight environmental sensors. It also runs network service monitoring software. It is manageable via secure SNMP or HTTP. [more]
Monday, 13 September 2004, 12:10 AM CET


OpenBSD’s Theo de Raadt talks software security
In an exclusive interview with Computerworld's Rodney Gedda, the man behind an operating system that lays claim to only one remote exploit in the default install in seven years, reveals where we are headed – and how far we have to go – in the search for more secure software. [more]
Monday, 13 September 2004, 12:10 AM CET


U.S.Robotics Secure Storage Router Pro
This device is a multifunctional router with the VPN server and client support as well as with integrated functions of a network database. [more]
Monday, 13 September 2004, 12:07 AM CET


Spammers twist Microsoft's good into evil
According to a recent study, spammers have now begun to use Microsoft’s latest arsenal against spam, the Sender Policy Framework (SPF), to give their mail a garb of legitimacy. [more]
Monday, 13 September 2004, 12:07 AM CET


Managing background commands in shell scripts
Rainer Raab discusses how to manage multiple background jobs in Korn shell scripts. After a short job control tutorial, he presents his job_monitor_status shell function that alerts the calling script when all background jobs have completed successfully or failed. [more]
Monday, 13 September 2004, 12:06 AM CET


Smart card use grows
Federal agencies are moving toward large-scale adoption of smart cards for identification, according to the latest survey from the Government Accountability Office. [more]
Monday, 13 September 2004, 12:06 AM CET


Runing Linux on an iPAQ
Installing Linux on your iPAQ can be a great way to breathe new life into aging hardware or make an existing tool even better, particularly if you are a fan of Linux on the desktop. [more]
Monday, 13 September 2004, 12:06 AM CET


Microsoft: Sasser bounty hinges on conviction
Sven Jaschan, the alleged author of the Sasser worm and several variants of the Netsky virus, was charged this week by German police, but the informant who led authorities to the suspect will have to wait for a promised $250,000 reward, Microsoft officials said Friday. [more]
Monday, 13 September 2004, 12:05 AM CET


Cisco to acquire network-monitoring firm NetSolve
The acquisition of NetSolve will enable Cisco and its channel partners to offer customers real-time monitoring of Cisco products and to help ensure continuous, secure operation of such services as IP telephony and network security, Cisco says. [more]
Monday, 13 September 2004, 12:04 AM CET


MyDoom spawns four small offshoots
Four minor copies of the program surface, which some security experts believe indicates that a more lethal MyDoom may be on the way. [more]
Monday, 13 September 2004, 12:04 AM CET


Microsoft sticks with controversial Longhorn security
Although Microsoft continues to tweak a controversial architecture for securing PCs, it still plans to include the feature in Longhorn, the next release of Windows. [more]
Thursday, 9 September 2004, 12:35 PM CET


Securing that PC
A book on computer security can often be boring. The author of this review thinks Thomas C. Greene's book is not boring at all. [more]
Thursday, 9 September 2004, 11:55 AM CET


StillSecure enforces network security policies
StillSecure announced the release of Safe Access version 2.0, which tests all PCs on a network and gives access only to those that meet an organization's established security policies, while quarantining others. [more]
Thursday, 9 September 2004, 11:40 AM CET


House panel moves to criminalize spyware, net piracy
People who illegally share copyrighted music and movies over the Internet could be jailed for up to five years under a bill approved by a powerful
congressional panel today. [more]
Thursday, 9 September 2004, 10:19 AM CET


Perimeter security is changing fast
Most security solutions today are built around attempting to protect the vulnerability of the PC and, or the server, by attempting to keep "bad" things outside of the network security perimeter. But, with the changing and disappearing perimeter - security now needs to be intrinsic in every system and for every user. [more]
Thursday, 9 September 2004, 10:15 AM CET


Microsoft offers more time to test XP Service Pack 2
Registry key to prevent PCs from automatically downloading update now good for 240 days. [more]
Thursday, 9 September 2004, 10:13 AM CET


Microsoft puts fingerprint readers into hardware
Microsoft unveiled a new array of keyboard and mice, with some featuring built-in fingerprint readers to make it easier for users to log on to personal computers and Web sites. [more]
Thursday, 9 September 2004, 10:10 AM CET


Spammers use e-mail ID to gain legitimacy
With few junk e-mail filters supporting a protocol for verifying the source address of digital messages, spammers have adopted it themselves as a way to appear more legitimate, according to a report released on Wednesday. [more]
Thursday, 9 September 2004, 10:09 AM CET


ISPs given thumbs down for virus, hacker control
U.S. residential Internet users are much more satisfied with the spam protection from their Internet service providers, but remain unhappy with their ISPs' defenses against hackers and viruses, J.D. Power and Associates said Wednesday. [more]
Thursday, 9 September 2004, 10:09 AM CET


Primus claims secure broadband first
Australia’s fourth largest ISP, Primus Telecom, has launched a secure DSL service in the hope of boosting its credibility as a tier-one carrier. [more]
Thursday, 9 September 2004, 10:08 AM CET


Security: from the horse's mouth
Network Times decided to ask a few security vendors a set of three questions to hopefully give readers a better idea of what is important and what is available in the security arena. [more]
Wednesday, 8 September 2004, 2:01 PM CET


Samba-3 by Example: Practical Exercises to Successful Deployment
This is a cookbook you've been searching for. That is a slogan. And it is a fact. If you use Samba or you think of using it, this book is something you are going to need. [more]
Wednesday, 8 September 2004, 1:48 PM CET


'War drive' reveals New York's hidden security flaws
While physical security was tightened to unprecedented levels here last week for the Republican National Convention, IT security researchers uncovered an unsettling number of unencrypted wireless devices that they said created a potential information security nightmare for convention organizers and delegates. [more]
Wednesday, 8 September 2004, 12:53 PM CET


Security: Can you really trust just techies?
HR, senior execs and staff all off the hook as IT team take the blame... [more]
Wednesday, 8 September 2004, 12:43 PM CET


'Trusted' systems move to the mainstream
When it comes to operating systems, it's a matter of trust—or mistrust, as the case may be. [more]
Wednesday, 8 September 2004, 12:28 PM CET


Can spammers really exploit wireless networks?
A US citizen is thought to have become the first person to be accused of hacking a wireless network in order to send spam. [more]
Wednesday, 8 September 2004, 12:23 PM CET


Spyware interferes with Microsoft patch
Though Microsoft's new security update package is all about protecting systems from worms, viruses and spyware, it can't do much about what's already on computers - and that could pose a problem. [more]
Wednesday, 8 September 2004, 12:12 PM CET


Windows XP SP2 release surrounded by a feast of egos
Eager to tarnish Microsoft's shiny new Service Pack 2, the security press managed to spin the most thin and marginal issues into "gaping holes" and "security craters." [more]
Wednesday, 8 September 2004, 11:37 AM CET


Using ctelnet in Sun Cluster software with secure shell
You can use the ctelnet application in Sun Cluster software to connect to systems by means of the ssh command instead of telnet. The ctelnet tool is part of the Sun Cluster Console (SUNWccon) package in Sun HPC ClusterTools software. [more]
Wednesday, 8 September 2004, 11:33 AM CET


Metasploit framework, part 2
Newly updated. This article provides insight into the Metasploit Framework, a very useful tool for the penetration tester. Part two of three. [more]
Wednesday, 8 September 2004, 11:31 AM CET


Five steps to enforcing your endpoint security
Your security policy has to have teeth. Here's how to enforce your endpoint security policy. [more]
Wednesday, 8 September 2004, 11:22 AM CET


Spammers exploit anti-spam trap
Some spammers are getting their messages through using techniques designed to spot and stop them. [more]
Wednesday, 8 September 2004, 11:21 AM CET


Top UK companies are failing to develop written security policies
Almost half (47%) of the UK's top 350 companies do not have a fully documented information security policy. [more]
Wednesday, 8 September 2004, 11:19 AM CET


Red Hat upgrades security
Linux software maker Red Hat on Tuesday released an update to its enterprise product with security upgrades, support for IBM Power5 servers, new driver support and bug fixes. [more]
Tuesday, 7 September 2004, 9:06 PM CET


Start-up says it can deliver secure VoIP
A start-up called Net6 claims that its virtual private network products offer companies high-quality voice communications over any network from anywhere. [more]
Tuesday, 7 September 2004, 9:05 PM CET


McAfee AV ate my application
An Australian software developer has been left fuming after the latest virus definition update from McAfee caused his package to be wrongly identified as a Trojan horse programme. [more]
Tuesday, 7 September 2004, 8:53 PM CET


Is JBoss ready for your enterprise?
It's been about a month since JBoss, the Open Source J2EE application server, received its full certification from Sun. [more]
Tuesday, 7 September 2004, 8:47 PM CET


Juniper incorporates third-party security in SSL VPNs
Juniper Networks Inc. is expanding users' security options by opening new interfaces that allow integration of third-party tools with Juniper's line of SSL VPNs. [more]
Tuesday, 7 September 2004, 5:14 PM CET


Patch plugs WinZip flaw
WinZip Computing has released a patch WinZip 9.0 Service Release 1, which it claims will resolve a buffer overflow issue. [more]
Tuesday, 7 September 2004, 5:08 PM CET


Spam: shoot the vendor
The constant evolution of spam to look as much as possible like real email will guarantee that filtering cannot be a complete solution. [more]
Monday, 6 September 2004, 3:20 PM CET


Who goes to jail?
Not having kept, or being able to access, the right information at the right time is now a serious offence that puts the CEO and/or the CFO in jail for perjury, regardless of who in the organisation may or may not have been to blame. [more]
Monday, 6 September 2004, 3:18 PM CET


Companies still fail to take security seriously
Too many firms see security as an IT issue, says survey. [more]
Monday, 6 September 2004, 2:08 PM CET


Web app security using Struts, servlet filters, and custom taglibs
In this article, you will develop a generic security solution that can be used by most enterprise-level Web applications. [more]
Monday, 6 September 2004, 1:14 PM CET


Wireless: new eye on crime aids security in real time
Wireless technology has in recent weeks helped extend the long arm of the law at events ranging from the Republican National Convention in New York City to a rock concert in Staffordshire, England. [more]
Monday, 6 September 2004, 12:38 PM CET


SSL VPNs: full access with maximum security
Many companies are turning to a relatively young technology, Secure Sockets Layer Virtual Private Networks, to provide a full range of remote access while ensuring maximum security. [more]
Monday, 6 September 2004, 12:35 PM CET


v710 hackers reward program
The v710 Hacker Reward Program is a community-sponsored initiative to enable key features on the Verizon/Motorola v710 mobile phone which were disabled by the carrier. [more]
Monday, 6 September 2004, 12:31 PM CET


eBay domain hijacker arrested
Police in Germany have arrested a 19 year-old from Helmstedt for hijacking the site of eBay Germany about a week ago. [more]
Monday, 6 September 2004, 12:26 PM CET


Security: the bigger picture
Symantec chairman and CEO John W. Thompson tells vnunet.com about the company's strategy, and why he's not bothered about Microsoft's entry into the market. [more]
Monday, 6 September 2004, 12:22 PM CET


Army puts up its defenses
Army information technology officials started the Fort Campbell Network Upgrade in December 2003... [more]
Monday, 6 September 2004, 12:21 PM CET


Midrange firewalls face off
ServGate, SonicWall, and StoneGate boxes prove their mettle. [more]
Friday, 3 September 2004, 1:52 PM CET


600,000 students warned of identity theft
California university officials have warned nearly 600,000 students and faculty that they might be exposed to identity theft following incidents where computer hard drives loaded with their private information were lost or hacked into. [more]
Friday, 3 September 2004, 1:51 PM CET


Bluetooth can bite
With an estimated 250 million Bluetooth-enabled devices currently in use, the fact that Bluetooth is about as secure as the proverbial wide-open barn door should be of concern to everyone responsible for the safekeeping of corporate data. [more]
Friday, 3 September 2004, 1:44 PM CET


WinXP SP2 = security placebo?
We evaluated the security features of Windows XP SP2 on a test machine, following a clean install of XP Pro with no configuration changes and no third-party software or drivers installed. [more]
Friday, 3 September 2004, 1:27 PM CET


Slack security for old computers
Less than 25% of old computers sold or given away by companies have had data removed from them, raising concerns about personal information security. [more]
Friday, 3 September 2004, 1:27 PM CET


Apache says it won't support sender ID
The foundation is balking at Microsoft's strict licensing terms for the proposed anti-spam standard. [more]
Friday, 3 September 2004, 1:26 PM CET


Simple and secure isn't so simple
Simple to code does not always mean simple for the user. And simple for the user is often not easy to code. [more]
Friday, 3 September 2004, 1:25 PM CET


Security flaws in WinZip could allow attacks
WinZip Computing Inc. recently revealed that Version 9.0 of its popular WinZip file compression program is vulnerable to a variety of security attacks. [more]
Friday, 3 September 2004, 1:13 PM CET


Fallout from virus war persists
Netsky, Bagle and Mydoom variants still topping the virus charts. [more]
Friday, 3 September 2004, 1:12 PM CET


Army honors security work
The Army this week issued its first awards to service personnel and contractors for excellence in information assurance. [more]
Friday, 3 September 2004, 1:10 PM CET


Spam avalanche keeps growing
The spam flood is rising, contributing to a reduction in the usefulness of e-mail, a market research firm said Wednesday. [more]
Thursday, 2 September 2004, 3:15 PM CET


Big Brother watches Britain
The teenagers who stabbed wealthy Joao Da Costa Mitendele to death before burgling his home were careful to conceal the crime. They used a pretty girl to gain access to his apartment, where they wore rubber gloves while committing their crimes. [more]
Thursday, 2 September 2004, 3:12 PM CET


AIDE and chkrootkit
Network security is continuing to be a big problem for companies and home users. The problem can be resolved with an accurate security analysis. In this article I show how to approach security using aide and chkrootkit. [more]
Thursday, 2 September 2004, 3:11 PM CET


Hack to school
School wasn't even in session, and Dartmouth College chief information officer Lawrence Levine was penning the kind of letter technology executives dread. [more]
Thursday, 2 September 2004, 3:03 PM CET


802.11 Wireless Networks: The Definitive Guide
Despite providing a wealth of extensive in-depth technical pieces of information, which vary from cryptic shorts to descriptions of specific frame parts, the book is very easy to read. [more]
Thursday, 2 September 2004, 10:43 AM CET


WPA2-certified Wi-Fi toughens security
Wi-Fi Protected Access 2 is meant to significantly strengthen wireless security, and certified products are now available. [more]
Thursday, 2 September 2004, 12:16 AM CET


Affordable IT: desktop security
Protecting your organization means guarding against attackers as well as internal problems. Tools are essential, but so is user education. [more]
Thursday, 2 September 2004, 12:16 AM CET


Secure mobile phones will use fingerprint ID
The fingerprint locking system is already in use in Japan. [more]
Thursday, 2 September 2004, 12:15 AM CET


IT users seek to certify security
Industry-wide standards sought by IT experts at major companies. [more]
Thursday, 2 September 2004, 12:15 AM CET


Ballmer beats security drum
Microsoft CEO Steve Ballmer believes the software industry will create more positive change in the next 10 years than it did in the previous 10 -- provided that security threats are effectively handled. [more]
Thursday, 2 September 2004, 12:12 AM CET


MessageLabs, Symantec team on antispam service
MessageLabs, a provider of e-mail security services, will use Symantec's Brightmail filtering technology as part of its own antispam service, the company said Wednesday. [more]
Thursday, 2 September 2004, 12:11 AM CET


Xerox multifunction systems earn high standard for security
Xerox Corporation has earned the coveted international standard in security assessments for six of its office multifunction systems. [more]
Wednesday, 1 September 2004, 3:59 PM CET


Breaking into voicemail systems is a easy
Businesses are placing themselves at risk because they are failing to secure their internal voicemail systems from hackers. [more]
Wednesday, 1 September 2004, 12:21 PM CET


To catch a virus
Is there another attack in the pipeline? Will the Internet totally collapse? Graphs showing Internet activity have nothing significant to report. The Panda Technical Support network has not reported any increase in calls. All seems to be calm and peaceful. [more]
Wednesday, 1 September 2004, 12:18 PM CET


Circumventing web services security problems
When Aeroplan, an airline affinity program owned by Air Canada with over six million members worldwide, decided to rapidly expand its partnership program, it needed a secure way to bridge its XML infrastructure with partners’ systems. [more]
Wednesday, 1 September 2004, 12:09 PM CET


PDA security still dismal
Worker apathy about PDA security is putting corporate data in jeopardy. [more]
Wednesday, 1 September 2004, 12:07 PM CET


Passing the WLAN security buck
Company offers outsourced wireless LAN to overcome security vulnerabilities. [more]
Wednesday, 1 September 2004, 12:06 PM CET


Is encryption doomed?
Our entire information society rests on a fragile foundation that mathematicians are racing to dismantle. [more]
Wednesday, 1 September 2004, 12:05 PM CET


DOD reveals viral infection
The breach of security, Dodgen said, illustrated the need for "diligence, diligence, diligence" when it comes to information security and assurance — although he described his initial reaction to the incident as, "Who are we going to shoot?" [more]
Wednesday, 1 September 2004, 12:01 PM CET


Sendmail searches for antispam testers
Sendmail has taken a first stab at software to authenticate the source of e-mail messages, a technology that will be key to preventing the proliferation of spam. [more]
Wednesday, 1 September 2004, 1:23 AM CET


Hardware today - next-gen firewalls reach high
Firewalls have come a long way since 1985, when U.S. Department of Defense experiments spawned basic packet filtering technologies. [more]
Wednesday, 1 September 2004, 1:07 AM CET


Army CIO asks for better security
The Army's chief information officer wants service and industry information technology officials to do a better job of protecting networks and building more secure products. [more]
Wednesday, 1 September 2004, 1:02 AM CET


Report casts doubt on IRS hacking-detection system
The problems found raise questions about the agency's modernization plans. [more]
Wednesday, 1 September 2004, 1:00 AM CET


Spotlight

The evolution of backup and disaster recovery

Posted on 25 July 2014.  |  Amanda Strassle, IT Senior Director of Data Center Service Delivery at Seagate Technology, talks about enterprise backup issues, illustrates how the cloud shaping an IT department's approach to backup and disaster recovery, and more.


Weekly newsletter

Reading our newsletter every Monday will keep you up-to-date with security news.
  



Daily digest

Receive a daily digest of the latest security news.
  

DON'T
MISS

Mon, Jul 28th
    COPYRIGHT 1998-2014 BY HELP NET SECURITY.   // READ OUR PRIVACY POLICY // ABOUT US // ADVERTISE //