|
|
Free Newsletters
|
|
|
|
|
|
IT trainer offers master's degree for hackers In an effort to produce the next generation of chief security officers and IT systems defense experts, an online training company is offering a new master's degree program in security science. Security outsourcing on the rise As one of the world's largest outsourcing providers, Wipro Technologies is ramping up its security services business in a big way.  September 20, 2:30 p.m. PDT Is the US at risk from cyberwarfare? May was not a good month for geeks in Estonia. The tiny Baltic republic weathered a month-long cyberattack that shuttered Internet servers nationwide. At the height of the crisis, people who wanted to use payment cards to buy bread or gas had to wait, as the onslaught crippled Estonia's banks. September 20, 8:54 a.m. PDT PayPal claims gains against phishers PayPal security chief Michael Barrett isn't ready to claim a victory in the fight against phishing schemes, but he said that his company is slowly turning the tide using a set of new partnerships and technological means. September 20, 4:23 a.m. PDT Fear of insider threats hits home The more money that companies spend on securing their IT operations from external attack, the more it seems they become aware that the potential threat posed by their own employees remains their most significant risk. September 18, 10:42 a.m. PDT Expert do's and don'ts for dealing with data breaches Organizations that experience data breaches must move quickly to assuage the fears of their constituents and go beyond expectations to address the situations effectively, according to those most familiar with the incidents. September 11, 3:45 a.m. PDT Forrester security show stresses risk management Enterprise security decision makers have long been more likely to be swayed by flashy new technologies than by the notion of comprehensive IT restructuring to protect data and other corporate assets, but the situation is evolving rapidly, according to experts participating in Forrester Research's ongoing Security Forum. September 5, 11:33 a.m. PDT FBI: Enterprises need counterintelligence The Chinese government has denied involvement in a series of hacks carried out against IT systems at the Pentagon in June this week, but the threat of technology-driven espionage has forced the FBI to push businesses and academic institutions to better prepare for such attacks. September 4, 3:45 p.m. PDT Intel's vPro chips in more security for businesses With the introduction of its latest vPro microprocessors on Monday, Intel contends it is injecting a heavy dose of new security capabilities for the benefit of business customers and third-party technology providers alike. August 27, 8:00 a.m. PDT Intel adds desktop NAC to latest chips Intel's move to provide new integration with NAC (network access control) tools in its latest vPro desktop processors could provide interesting opportunities for use with the device authentication systems while further strengthening the technology standards it supports, according to industry watchers. August 27, 8:00 a.m. PDT Wells Fargo recovering from computer crash Wells Fargo customers may have a hard time getting an up-to-date balance statement Tuesday as the nations' fifth-largest bank continued to iron out service problems related to a Sunday computer failure. August 21, 11:26 a.m. PDT Making a case for virtual patching The period during which businesses work to install security patches to protect IT systems from attack undeniably remains one of the most vulnerable timeframes for many companies -- but a recently-launched startup selling a virtual patching alternative claims to have found a solution to the problem. August 20, 2:20 p.m. PDT Sourcefire acquires ClamAV open-source anti-malware project Network security specialist Sourcefire announced Friday that it has acquired ClamAV, an open-source gateway anti-malware project whose technologies are used in the products of a number of other vendors. August 17, 8:58 a.m. PDT Apps security to dominate Black Hat Black Hat kicks off this week in Las Vegas with a big shift in focus from Internet viruses to application security. July 31, 3:00 a.m. PDT McAfee sets Rootkit Detective free On July 26, McAfee will begin offering a new application called Rootkit Detective, designed to detect and remove dangerous rootkit attacks. The software will also help end-users ward off the threats, as well as funnel new intelligence into the company's ongoing research operations. July 25, 1:12 p.m. PDT Organized crime infiltrates financial IT In Martin Scorsese's hit movie "The Departed," actor Matt Damon plays the part of a mole -- someone who helps his connected mob friends stay a step ahead of the cops by becoming one of the very law enforcement officials assigned to stop them. July 23, 11:14 a.m. PDT Piecing together IBM's security puzzle IBM owns some of the world's leading IT security talent, products, and services, but executives with the massive company say it will likely never aim to become what people might label as a true "security vendor." July 23, 3:00 a.m. PDT Much ado over click-fraud statistics The battle between advertisers and online search networks over the pervasiveness of click-fraud continues to grow more heated with researchers claiming rapid growth of automated ad impressions and outside observers noting an overall lack of transparency in the space. July 19, 4:18 p.m. PDT Government, contractors hit in targeted attack Computers belonging to the U.S. government, contractors, and companies in the transportation industry were hit by a targeted computer attack in July that yielded password information for hundreds of Internet and intranet Web sites, a computer security vendor said Tuesday. July 17, 4:29 p.m. PDT After attacks, US government sending team to Estonia Two months after much of Estonia's online infrastructure was targeted by an online attack, the U.S government is sending cyberinvestigators to help the Baltic state better understand what happened. July 3, 12:50 p.m. PDT Gonzales: DOJ committed to fighting cybercrime The U.S. Department of Justice and President George Bush are committed to fighting intellectual-property theft and cybercrime, Attorney General Alberto Gonzales told a small audience in Seattle on Wednesday morning. June 27, 12:10 p.m. PDT Veracode debuts system to test binary code Veracode launched its Software Security Ratings Service on June 25, introducing its new system for use in testing the safety of applications development among enterprise customers and third-party software makers. June 25, 1:25 p.m. PDT Homeland Security to detail IT attacks Officials from the U.S. Department of Homeland Security will hold a hearing on Capitol Hill on June 20 to discuss the findings of an investigation into the agency's own problems in battling electronic attacks and IT systems intrusions. June 15, 11:26 a.m. PDT Global co-op feeds FBI's botnet fight Officials with the FBI claim that global law enforcement partnerships are playing a significant role in its ongoing efforts to stomp out botnets and other computer-borne crimes. June 14, 3:09 p.m. PDT Helping retailers wipe ID data issue When data breach investigator Bryan Sartin gets a call to check into an incident involving customer records loss at a retailer, he knows that the situation most likely involves information that has been lifted from a company's point-of-sale systems. June 13, 8:44 a.m. PDT Experts: Botnets add fault tolerance Security experts contend that a growing number of operators of compromised computer networks (or "botnets") are finding new ways to grow their networks and make them immune to potential shutdowns, including sophisticated fault-tolerance planning to help ensure that their networks can't be easily wiped out. June 7, 12:00 a.m. PDT Spammers' use of AI only just begun Though security industry experts were openly referring to the death of spam several years ago, the arrival of image-based attacks has resulted in a stunning renaissance in the volumes of unwanted e-mail reaching end-users' inboxes. May 31, 5:03 p.m. PDT Deepwater churns around unencrypted data The most sensitive and highly classified data communicated over the nation's internal computer networks remains at risk for exposure, according to key witnesses in the government's investigation into the United States Coast Guard's Deepwater procurement program. May 17, 11:33 a.m. PDT Botnet management app exposed A new and unusually sophisticated application for controlling and monitoring botnet PCs has been discovered by security company Panda Software. May 14, 8:26 a.m. PDT Building trust in downloads no simple feat The Truste group's goal of creating an online ecosystem through which software makers are held accountable for the functions of their programs and end users are given the power to keep unwanted applications off their devices won't be achieved easily, according to security researchers and participants in the nonprofit's Trusted Downloads project. May 10, 5:04 p.m. PDT Microsoft invites hackers back for Blue Hat Microsoft is once again inviting members of the hacking community into its Redmond, Washington, campus to show the software giant where it's gone wrong. May 10, 4:19 a.m. PDT Symantec pitches rootkit tech as Veritas validation Some industry watchers may still question why Symantec moved to acquire storage software maker Veritas for $10.2 billion in 2004, but the fruits of the companies' combined labors are already proving the deal as a winner, according to executives with the massive security firm. May 9, 4:26 p.m. PDT Infrastructure security powers up He may not have known it at the time, but Lonnie Charles Denison helped prove the need for tighter security at many infrastructure businesses when he launched a multifaceted attack against California Independent System Operator, a quasi-governmental agency responsible for management of the state's power grid. May 9, 4:17 a.m. PDT Cryptome afloat despite Deepwater's ripple The Deepwater defense contractor scandal has echoed from the halls of Congress across the World Wide Web, and despite being shut down by its ISP after posting documents considered central to the controversy, online resource Cryptome.org remains alive. May 8, 4:46 a.m. PDT Document shell code attacks loom large Targeted attacks that utilize vulnerabilities in popular document file formats and execute via hard-to-find shell code are becoming an increasingly popular menace, according to researchers at IBM's Internet Security Systems division. May 2, 12:37 p.m. PDT Nokia expands security appliance line Nokia introduced two new network security appliances on April 30, adding high- and low-end models that aim to help companies filter out malware traffic before it penetrates their IT systems. April 30, 2:17 p.m. PDT Rootkits: The next big enterprise threat? Late at night, a system administrator performed a routine check of a crashed server, one of 48 systems comprising a major online infrastructure that generated about $4 million per month in revenue. He was a bit surprised that the system had gone down, as it had been humming for months without any indication of being prone to crashing. The check uncovered three encrypted files. The administrator called on MANDIANT to analyze them. April 30, 3:00 a.m. PDT Bottom line impact of data breaches unclear Despite the fact that unwanted exposure of consumer data has become a hot-button issue in the media and among legislators nationwide, experts admit that it remains unclear just how much damage the events will cause to the finances and reputations of companies that experience major incidents. April 13, 3:01 p.m. PDT McAfee: Cyber-crime will continue to pay The latest research report from McAfee's Avert Labs paints a frightening picture for enterprise IT administrators and end-users, predicting continued maturation of cyber-crime and the technological means being used to carry out external attacks. April 10, 9:00 p.m. PDT British UFO hacker loses extradition appeal A British hacker who broke into U.S. military computers looking for evidence of UFOs lost another extradition appeal on Tuesday in London's High Court. April 3, 5:02 a.m. PDT ShmooCon hacker event gets under way The third annual ShmooCon convention kicked off in Washington, D.C., on March 23 and will run throughout the weekend with a series of lectures and presentations covering a wide range of enterprise security issues. March 23, 2:12 p.m. PST LoJack for laptops I just love some of these security news stories. For example: Police in Bellevue, Washington have been fighting a large car theft crime spree. One of the tools in their arsenal is remote-controlled, life-sized cars, including a regular-looking Honda Civic with a few tricks up its sleeve. (The Honda Civic was the natural choice because it is one of the favorite targets of car thieves.) March 23, 3:00 a.m. PST Global malady: Virus writers worldwide team up Security researchers have been touting the growing nature of professionalism among virus authors over the last several years, but new evidence points to increased cooperation between malware writers spread around the globe, according to some experts. March 20, 11:13 a.m. PST The fight against Internet child exploitation I love those Dateline NBC-type programs where they catch potential child sex predators who think they are setting up an intimate meeting with a 13- or 15-year old child via the Internet. How can it be that every sicko in the world hasn’t heard that the child they are flirting with online is more than likely a law enforcement officer? February 9, 3:00 a.m. PST Good ideas take time Two years ago, I publicly floated the concept that IT should start thinking more like entrepreneurs. What a disaster! I was speaking at a meeting of CTOs, and I mentioned that I’d heard of a few IT departments that were focusing, at least in part, on creating saleable new products and services for their companies. I asked the group what they thought of the idea. December 4, 3:00 a.m. PST Steal my data, please Last year I landed a job as assistant IT manager at a midsize university. The network there was a typical mix of NetWare and Windows servers, with one big surprise: Our most critical database, the one that handled dorm-room assignments and payment records for the Housing Department, was still running on a Windows NT4 server, long after Microsoft had dropped support for the platform. October 31, 3:00 a.m. PST Future-proof your IT security Asymmetric warfare is hell. Sure, you may have night-vision goggles, body armor, and air support, but you’re also working for a bureaucratic organization built to fight a war that doesn’t look much like the one you’re in. Your adversary, on the other hand, is poorly equipped, yet nimble, resourceful, and adept at spotting and exploiting the slightest weakness. So much so, you may not even know you’re under attack. October 30, 3:00 a.m. PST Flaws found in European voting machines Dutch researchers have found flaws in electronic voting systems used in the Netherlands, Germany, and France. 4:58 a.m. PDT Proactive incident response: Do it by the book I was an EMS paramedic in a prior career. At age 19, I was starting IVs, delivering babies, shocking cardiac arrest victims, and using the "jaws of life." I saw and learned a lot. Strangely, I find upgrading Microsoft Exchange on a huge network much more stressful. August 18, 3:00 a.m. PDT US man indicted over software piracy A 25-year-old man from Oxford, Georgia, has been indicted on four charges of trafficking unauthorized software authenticity certificates, the U.S. Department of Justice (DOJ) announced Monday. July 10, 1:58 p.m. PDT Tackle malicious Web code without infecting yourself How do you investigate potentially malicious Web page code without infecting yourself? June 9, 3:00 a.m. PDT Hack Tales: Network auditing on a shoestring What do you do when the auditors are breathing down your neck, wanting to see an exhaustive report on the Windows network security of a 2,000-user network across eight sites? That’s easy. Break out a text editor and start writing some Perl. May 29, 3:00 a.m. PDT Determina pre-hacks applications against intruders Malicious hackers are constantly exploiting software vulnerabilities. Vendors and IT staff alike spend countless hours racing to update protection signatures and install patches before their exposed systems can be compromised. It’s a never-ending battle that favors the hackers. May 15, 3:00 a.m. PDT Budgeting for security breaches It appears, according to a reliable source, that a national retailer has lost the debit card information from thousands of its customers, but as we go to press, it has still refused to fess up. April 4, 3:00 a.m. PDT Plug-and-play appliances reshape IT landscape Looking for a can’t-miss enterprise trend? I have just one word for you: appliances. During the past year, our Test Center has been inundated with the things. And not just the old standbys like firewalls, switches, and routers. I’m talking appliances that can handle virtually every IT operation: intrusion prevention, intrusion detection, CRM, anti-spam, e-mail security, Web services integration. We’ve even seen a smattering of appliances for Microsoft Exchange that come bundled with managed services (look for our Test Center review in April). March 6, 3:00 a.m. PST 'Intelligent cars' initiative could save lives Equipping new cars with the latest digital safety devices could prevent thousands of road deaths in the European Union and save billions of euros by reducing traffic, a senior European Commission official said Tuesday. February 21, 9:42 a.m. PST RSA - FBI director: Cyber threats 'fluid and far-reaching' Hacker hunters need to develop new techniques to take on the latest generation of sophisticated and better-organized cyber criminals. That's what U.S. Federal Bureau of Investigation Director Robert Mueller told attendees of the RSA Conference 2006 in San Jose, California, Wednesday. February 15, 3:45 p.m. PST U.S. DHS completes large-scale cyber exercise The U.S. Department of Homeland Security (DHS) has completed the first full-scale government-led cyber attack simulation, and officials there called the exercise a "significant milestone." February 10, 1:05 p.m. PST State CIOs need more IT security support from DHS The U.S. Department of Homeland Security (DHS) must improve its support for U.S. state and local governments so they can better protect their IT infrastructures from attackers, two organizations of top IT officials said Wednesday. January 25, 2:57 p.m. PST Subpoena of search engine records irks users The news that major search engine operators Yahoo Inc., Microsoft Corp.'s MSN division and America Online Inc. complied with a U.S. government subpoena that Google Inc. is resisting has prompted strong reactions from Internet users on both sides of the issue. January 20, 2:10 p.m. PST Wall Street Beat: Earnings bring mixed results Earnings season blew in with a vengeance this week, with disappointing fourth-quarter results from industry bellwethers Intel Corp. and IBM Corp. offset by better-than-expected reports from other vendors. January 19, 4:20 p.m. PST Tech reviews for the holidays Even IT takes a holiday now and then. Same goes for the InfoWorld staff, which chills out by taking a one-week break following the publication of this, our 51st and final issue of the year. December 19, 3:00 a.m. PST Rethinking incident response As businesses face increasing regulatory-compliance pressure from Sarbanes-Oxley, HIPAA, and Gramm-Leach-Bliley, many companies are finding themselves deploying intrusion detection systems, log analyzers, and other security tools to assist in finding when an incident has occurred. But when an alarm’s been triggered, every security analyst faces the problem of what to do next. December 12, 3:00 a.m. PST Juniper hires Cisco hacker It looks like there is life after Black Hat for Michael Lynn, after all. The former Internet Security Systems Inc. (ISS) researcher has landed a job with networking vendor Juniper Networks Inc. just months after creating an international stir at July's Black Hat USA conference by disclosing information about security weaknesses in Cisco routers. November 7, 4:33 a.m. PST EnCase broadens the investigation Forensic investigations of computer misuse have always been difficult, painstaking, and slow. They’ll probably remain difficult and painstaking, but Guidance Software’s EnCase Enterprise Edition 5.0 will help to speed them up. This first enterprise edition of EnCase has the unique ability to tap deployed agents, or servlets, to automate the gathering of evidence from any number of workstations or servers. No longer must investigations proceed one machine at a time. July 4, 5:00 a.m. PDT Fujitsu to launch palm-vein security system Fujitsu will start selling globally in July a biometric security device that relies on vein patterns in the hand to verify a user's identity, it said Wednesday. June 29, 11:22 a.m. PDT Experts split on port 445 security risk More than a week after Microsoft patched 10 security flaws in its software, security experts are offering differing views on whether an attack that exploits one of these flaws may be brewing. June 23, 4:33 p.m. PDT Keyboard cops I'm a sucker for true-crime shows. Maybe it comes from being a former police reporter, but believe me, Court TV would love to clone me to boost its ratings. June 17, 5:00 a.m. PDT Putting a stop to counterfeit products Although a bottle of bogus Viagra might prove to be a big disappointment, a counterfeit bottle of a heart medication such as Lipitor could be deadly. On the National Association of Boards of Pharmacy’s list of drugs most susceptible to adulteration and/or counterfeiting, Viagra is No. 23 and Lipitor is No. 10. In 2003 more than 200,000 bottles of phony Lipitor were found on the shelves of major drugstore chains. June 7, 5:00 a.m. PDT Study: US residents at risk for online exploitation U.S. Internet users are dangerously ignorant about the type of data Web site owners collect from them and how that data is used, a new study has found. June 1, 9:38 a.m. PDT Study: Intel's hyperthreading could expose servers Intel's hyperthreading technology could allow a hacker to steal security keys from a compromised server using a sophisticated timing attack, a researcher said Friday in a paper presented at the BSDCan 2005 conference. May 13, 3:28 p.m. PDT Investigators link Cisco hack to other activities A theft of computer source code from Cisco Systems, reported a year ago, has led to a wide-ranging investigation of potential criminal activity involving multiple server break-ins in several countries, according to the U.S. Federal Bureau of Investigation (FBI). May 10, 9:44 a.m. PDT Microsoft creates tools to crack child porn cases Microsoft, in a joint effort with Canadian law enforcement agencies, has developed a system to help track down people who prey on children online, the company said Thursday. April 7, 2:20 p.m. PDT Lessons learned on the road to compliance No one is doing jail time for failing to comply with the recent flood of federal regulations -- yet. April 4, 6:00 a.m. PDT Microsoft expands Windows piracy check on downloads Expanding its measures to combat software piracy, Microsoft will require users who want to download local language add-ons to Windows to first validate their copy of the operating system as legitimate. March 30, 4:53 p.m. PST The consultant's view Steve Manzuik is an independent IT security consultant. March 28, 6:00 a.m. PST The CTO's perspective Kevin Bernstein is CTO of platinum capital group. March 28, 6:00 a.m. PST Managing security in a compliance-crazy world The laws seem to be shooting out of Congress like arrows aimed at the hearts and budgets of IT administrators across corporate America. Sarbanes-Oxley, HIPAA, Gramm-Leach-Bliley, Basel II, and a host of other regulations are pushing IT security management into extremely difficult and potentially expensive territory. March 18, 3:00 p.m. PST Secure architectures Thanks to complex perimeters, sophisticated application-level threats, and regulations that hold CEOs and CIOs accountable for company data, security must now be regarded as more than a bunch of technologies tacked onto the network. “Companies are realizing they must approach security at the enterprise level,” says Rich Caralli, senior member of the technical staff at the CERT Coordination Center’s survivable enterprise management group. “Rather than chasing the latest threat, they’re working on identifying and securing directly the core business processes and information assets essential to the company mission.” March 11, 3:00 p.m. PST Update: Hackers breach LexisNexis, grab info on 32,000 people Hackers have compromised databases belonging to LexisNexis and stolen information on at least 32,000 people, according to a statement Wednesday from LexisNexis' parent company, Reed Elsevier PLC. March 9, 9:39 a.m. PST Scammers use Symantec, DNS holes to push adware Online scam artists are manipulating the Internet's directory service and taking advantage of a hole in some Symantec products to trick Internet users into installing adware and other annoying programs on their computers, according to an Internet security monitoring organization. March 7, 9:57 a.m. PST Microsoft researchers target worms, buffer overruns REDMOND, WASH. - Researchers at Microsoft showed off some forward-looking technologies on Wednesday, including new ways to protect systems against Internet worms, prevent hacker attacks and measure available bandwidth on home networks. March 3, 4:50 p.m. PST Start-ups offer blog and e-mail monitoring I’m just back from the annual Demo conference, this year held in Scottsdale, Ariz. If you’re not familiar with this 15-year-old event, the audience is usually a mixture of venture capitalists, the investment arms of high-tech companies, and the media. Every six minutes, representatives from a different company — mostly startups — appear on stage offering a new product or product idea that they hope will capture the notice of those in attendance. More than any one particular product, though, I typically find that the kind of products shown is a leading indicator of what business buyers are looking for. February 25, 3:00 p.m. PST Security moving closer to OS, networks Last week's RSA Conference 2005 demonstrated that security components are moving rapidly to the OS and the network as enterprises reinforce their IT systems against a growing security threat. February 21, 6:00 a.m. PST Software CTOs call for U.S. cybercrime commission WASHINGTON -- A group of chief technology officers (CTOs) from major software vendors on Thursday called on U.S. President George Bush's administration to convene a national commission to address cybercrime and identification theft. February 10, 3:24 p.m. PST Microsoft releases 12 patches for 16 vulnerabilities On the same day it announced the purchase of antivirus software vendor Sybari Software, Microsoft seeded the Internet with raw material for a possible future harvest of new worms and viruses. February 8, 1:42 p.m. PST Computer joyrides My grandfather owned a junkyard, so as a kid I was fortunate enough to drive a variety of cars (at least when they functioned): Model Ts, Edsels, suicide-door Lincolns, and hot rod Mustangs. One thing that amazed me about the early automobiles was that many had a footswitch on the floor that started the car. It was a vast improvement over the old crankshaft method, let me assure you. February 4, 3:00 p.m. PST Reeling in the phishers Phishers beware. IT is watching you watching them. The FBI is out to get you jailed, too. January 21, 3:00 p.m. PST U.S. Secret Service data compromised in T-Mobile hack A malicious hacker penetrated the network of mobile phone company T-Mobile USA and accessed information on 400 of the company's customers, including sensitive information from the account of a U.S. Secret Service agent, according to statements by T-Mobile and the Secret Service. January 13, 12:58 p.m. PST DOD cyber sleuths swap secrets in Florida The U.S. Department of Defense (DOD) is making changes to streamline its response to online threats across the various branches of the military, and deal with a steady stream of new online woes, from hacking attempts to child pornography and threats posed by powerful portable storage devices such as iPods, according to senior DOD officials. January 12, 2:10 p.m. PST Attacks on Microsoft WINS Service hole raise alarms Internet security monitoring groups are warning Microsoft Windows users about new Internet attacks aimed at Windows NT, Windows 2000 and Windows Server 2003 machines running WINS (Windows Internet Naming Service). January 5, 10:06 a.m. PST Security jobs on the rise While IT employment numbers may be lagging, there is a glimmer of hope. The number of cybersecurity professionals is projected to grow at an annual compound rate of nearly 14 percent from now until 2008, according to a study released in November. December 23, 7:05 a.m. PST Group declares 2005 the year of the IT security pro An organization that certifies information security professionals on Wednesday declared 2005 the year of the information security professional, the start of a campaign to lift the profile of information security professionals and attract new talent to the profession. December 7, 5:18 p.m. PST The top 20 IT mistakes to avoid We all like to think we learn from mistakes, whether our own or others’. So in theory, the more serious bloopers you know about, the less likely you are to be under the bright light of interrogation, explaining how you managed to screw up big-time. That’s why we put out an all-points bulletin to IT managers and vendors everywhere: For the good of humanity, tell us about the gotchas that have gotten you, so others can avoid them. November 19, 3:00 p.m. PST Study: Information security field to grow steadily WASHINGTON - The number of cybersecurity professionals is projected to grow at an annual compound rate of nearly 14 percent from now until 2008, according to a study released this week during the Computer Security Institute (CSI) trade show in Washington, D.C. November 9, 1:26 p.m. PST EnCase keeps tabs on compliance complexity It's a sad fact that many a network manager will skip this review. This in spite of Sarbanes-Oxley, HIPAA, and Gramm-Leach-Bliley. This in spite of identity theft, corporate espionage, and a bucket full of other white-collar crimes. Network managers will avoid this review because these are worst-case scenarios, and it's easier not to think about them than it is to rationally consider their potential costs. Mitigating these costs, both soft and hard dollar, is precisely what Guidance Software's EnCase Enterprise Edition is designed to handle. October 8, 3:00 p.m. PDT When is a virus not a virus? Many of the leading anti-virus vendors are looking for ways to incorporate anti-spyware capabilities into their products, but there’s still a long way to go before virus and spyware protection will be fully integrated. Reviewing spyware products provided me with some insight into spyware and adware, and how detecting them differs from virus and Trojan detection. October 1, 3:00 p.m. PDT Highwall raises barriers against wireless intruders High deployment cost remains a problem with current wireless IDSes and rogue detection solutions, because IDS sensors have to be placed alongside wireless APs deployed throughout the enterprise infrastructure. Competing solutions from AirMagnet and AirDefense have a wider detection radius than the average AP, primarily because they receive, but do not transmit, wireless traffic. Highwall’s RDS (Rogue Detection System) takes a different approach. July 30, 3:00 p.m. PDT The shaky state of enterprise security Faced with a seemingly endless onslaught of virulent Internet worms, spam, and e-mail scams, less than half of IT professionals report strong confidence in the security of their enterprise networks, according to the results of the 2004 InfoWorld Security Survey. July 23, 3:00 p.m. PDT Patrolling an always-on network Butch Johnstone looks back at the past year with a mixture of pride and concern when it comes to the issue of enterprise security. July 23, 3:00 p.m. PDT > Security |
|
|
||||||||||||||||||
