|
|
Free Newsletters
|
|
|
|
|
|
IT trainer offers master's degree for hackers In an effort to produce the next generation of chief security officers and IT systems defense experts, an online training company is offering a new master's degree program in security science. Security vendors bring zombie fighters to life Data leakage prevention might currently be the hottest IT security submarket, but vendors are also tuning up their product offerings to help customers ward off the presence of botnet-infected zombie computers.  October 4, 3:41 p.m. PDT Security outsourcing on the rise As one of the world's largest outsourcing providers, Wipro Technologies is ramping up its security services business in a big way. September 20, 2:30 p.m. PDT PayPal claims gains against phishers PayPal security chief Michael Barrett isn't ready to claim a victory in the fight against phishing schemes, but he said that his company is slowly turning the tide using a set of new partnerships and technological means. September 20, 4:23 a.m. PDT AT&T: Network perimeter security should be virtual Enterprise companies will soon begin offloading many of their network security responsibilities to telecommunications and Internet service providers and save vast amounts of time and money doing so, if AT&T has its way. September 20, 4:05 a.m. PDT Fear of insider threats hits home The more money that companies spend on securing their IT operations from external attack, the more it seems they become aware that the potential threat posed by their own employees remains their most significant risk. September 18, 10:42 a.m. PDT Infrastructure threats: Botnets show DoS who's boss Malware-infected botnet PCs have overtaken DoS attacks as the top security issue facing Internet service providers and other Web infrastructure hosting players, according to a new survey of the organizations. September 18, 3:54 a.m. PDT Cisco says acquisitions don't impede best-of-breed Cisco executives speaking at the ongoing Security Standard Conference claim that the networking giant hasn't sapped innovation in the security companies it has acquired in its efforts to add to its own expanse of IT systems-defense products, while some customers clearly feel otherwise. September 10, 4:38 p.m. PDT Forrester security show stresses risk management Enterprise security decision makers have long been more likely to be swayed by flashy new technologies than by the notion of comprehensive IT restructuring to protect data and other corporate assets, but the situation is evolving rapidly, according to experts participating in Forrester Research's ongoing Security Forum. September 5, 11:33 a.m. PDT FBI: Enterprises need counterintelligence The Chinese government has denied involvement in a series of hacks carried out against IT systems at the Pentagon in June this week, but the threat of technology-driven espionage has forced the FBI to push businesses and academic institutions to better prepare for such attacks. September 4, 3:45 p.m. PDT Hacks hit embassy, government e-mail accounts worldwide Usernames and passwords for more than 100 e-mail accounts at embassies and governments worldwide have been posted online. Using the information, anyone can access the accounts that have been compromised. August 30, 2:05 p.m. PDT Intel's vPro chips in more security for businesses With the introduction of its latest vPro microprocessors on Monday, Intel contends it is injecting a heavy dose of new security capabilities for the benefit of business customers and third-party technology providers alike. August 27, 8:00 a.m. PDT 10 reasons to be paranoid The truth is out there ... and so is your data. And just because there are no virtual black helicopters following you doesn't mean somebody somewhere doesn't have a bead on who you are and what you are doing. August 27, 3:00 a.m. PDT Get paranoid: Your boss is watching Ever get the feeling your boss -- or your boss's IT department -- is lurking through the network, spying on you? Odds are quite good your instinct is right. And the bigger the organization, the more likely it monitors employees' e-mail, IM, or Web surfing. August 27, 3:00 a.m. PDT Security SaaS maturing fast Security technologies delivered via the SaaS (software-as-a-service) business model may still be in their nascent stage, but some early adopters are already piecing together multiple offerings to outsource a significant portion of their IT systems defense infrastructure. August 22, 11:06 a.m. PDT Mobile workers still struggling with security A fair amount of business users remain oblivious or unconcerned about many of the security issues involved with mobile devices, according to a new study published by Cisco and the National Cyber Security Alliance. August 21, 3:08 p.m. PDT Sourcefire acquires ClamAV open-source anti-malware project Network security specialist Sourcefire announced Friday that it has acquired ClamAV, an open-source gateway anti-malware project whose technologies are used in the products of a number of other vendors. August 17, 8:58 a.m. PDT Government-industry security group expands The Transglobal Secure Collaboration Program (TSCP), an IT security standards consortium that includes heavyweights such as the U.S. Department of Defense (DoD) and many of the largest government contractors in the world, is looking to broaden its ranks. August 14, 1:15 p.m. PDT Mozilla shares scanning tool, Firefox 3 features Open source browser maker Mozilla has developed a wide array of secure coding analysis tools as part of its internal development process, and now it's beginning to share those programs with the outside world. August 3, 2:28 p.m. PDT U.S. spying raises new privacy fears With confirmation from the national intelligence chief that a domestic spying program extends beyond tapping e-mails and phone calls into other kinds of surveillance, attention is turning to the administration's data mining and other clandestine technologies that could be used against people in the United States. August 1, 2:22 p.m. PDT Apps security to dominate Black Hat Black Hat kicks off this week in Las Vegas with a big shift in focus from Internet viruses to application security. July 31, 3:00 a.m. PDT Weird tech: Clearing the fog of war with text messaging Regardless of one's stance on armed conflict, the death of servicemen by friendly fire is a troubling eventuality of war that stirs a very high level of discomfort in all. In the confusion of battle, the risk of being wounded or killed by comrades-in-arms is by no means trivial, and while the Pentagon states that the rate of deaths by friendly fire has diminished in recent conflicts, it still occurs in Afghanistan and Iraq. July 30, 3:00 a.m. PDT Piecing together IBM's security puzzle IBM owns some of the world's leading IT security talent, products, and services, but executives with the massive company say it will likely never aim to become what people might label as a true "security vendor." July 23, 3:00 a.m. PDT Mounting scrutiny for Google security Much as the ubiquity of Microsoft's Windows operating system and Office productivity tools has made the software giant a focal point of security research, search giant Google is facing new scrutiny as it diversifies its products and moves further into the business environment. July 12, 4:24 p.m. PDT Cisco pushes IronPort smarts to firewalls Cisco Systems will begin offering IronPort's security filtering tools to its firewall customers after the networking giant's acquisition of the company closes on June 25. June 22, 10:05 a.m. PDT Homeland Security to detail IT attacks Officials from the U.S. Department of Homeland Security will hold a hearing on Capitol Hill on June 20 to discuss the findings of an investigation into the agency's own problems in battling electronic attacks and IT systems intrusions. June 15, 11:26 a.m. PDT Experts: Botnets add fault tolerance Security experts contend that a growing number of operators of compromised computer networks (or "botnets") are finding new ways to grow their networks and make them immune to potential shutdowns, including sophisticated fault-tolerance planning to help ensure that their networks can't be easily wiped out. June 7, 12:00 a.m. PDT Microsoft unveils integrated security Microsoft shared details of its long-term security product strategy as part of its ongoing TechEd 2007 training conference on June 4, lifting the lid on plans to deliver an integrated suite of its software by mid-2009. June 4, 7:24 a.m. PDT Spammers' use of AI only just begun Though security industry experts were openly referring to the death of spam several years ago, the arrival of image-based attacks has resulted in a stunning renaissance in the volumes of unwanted e-mail reaching end-users' inboxes. May 31, 5:03 p.m. PDT Attackers get chatty on VoIP The recent spate of malware attacks propagating throughout the user base of the Skype Internet calling system illustrates a broader trend toward cyber-criminals moving to take advantage of VoIP platforms as they become increasingly popular. May 30, 12:18 p.m. PDT Google buys into security, acquires GreenBorder Google has jumped into the anti-malware market, snatching up browser-based security software maker GreenBorder Technologies for an undisclosed amount of money. May 29, 9:32 a.m. PDT Companies open wallets for secure data An annual VanDyke Software-sponsored survey of IT network and systems administrators finds that businesses have increased their spending on secure data communications technologies and also have undertaken significant work to improve their internal processes to benefit security. May 22, 11:42 a.m. PDT Microsoft, TCG get closer on NAC The Trusted Computing Group (TCG) is tying its authentication software standard to Microsoft's proprietary network access protection platform -- a move that leaders in the network access control (NAC) segment tout as a major step toward getting products made by different vendors to work together. May 21, 8:20 a.m. PDT Why I hate RBLs I hate real-time block lists (RBLs). I really do. I don’t think there is an administrator or a PC technician that hasn’t cussed them out at one time or another. May 18, 3:00 a.m. PDT Deepwater churns around unencrypted data The most sensitive and highly classified data communicated over the nation's internal computer networks remains at risk for exposure, according to key witnesses in the government's investigation into the United States Coast Guard's Deepwater procurement program. May 17, 11:33 a.m. PDT IBM pitches risk management strategy IBM unveiled a new IT governance and risk management strategy on May 15 that it will market to enterprise customers as a means to weave together security and compliance projects to ease planning and help drive down related expenses. May 15, 12:42 p.m. PDT Building trust in downloads no simple feat The Truste group's goal of creating an online ecosystem through which software makers are held accountable for the functions of their programs and end users are given the power to keep unwanted applications off their devices won't be achieved easily, according to security researchers and participants in the nonprofit's Trusted Downloads project. May 10, 5:04 p.m. PDT Symantec pitches rootkit tech as Veritas validation Some industry watchers may still question why Symantec moved to acquire storage software maker Veritas for $10.2 billion in 2004, but the fruits of the companies' combined labors are already proving the deal as a winner, according to executives with the massive security firm. May 9, 4:26 p.m. PDT Document shell code attacks loom large Targeted attacks that utilize vulnerabilities in popular document file formats and execute via hard-to-find shell code are becoming an increasingly popular menace, according to researchers at IBM's Internet Security Systems division. May 2, 12:37 p.m. PDT Making sense of Websense's SurfControl buyout Websense's $400 million buyout offer for rival network filtering specialist SurfControl should help position the two companies for short-term growth and possible acquisition in the future, according to market watchers. May 1, 11:27 a.m. PDT Nokia expands security appliance line Nokia introduced two new network security appliances on April 30, adding high- and low-end models that aim to help companies filter out malware traffic before it penetrates their IT systems. April 30, 2:17 p.m. PDT Large enterprises still serving up spam Well-known enterprise companies are still having their IT systems hijacked by spammers despite investing in many different types of technologies aimed at stopping the problem. April 17, 3:04 p.m. PDT P2P worms get their turn Massive networks of infected computers controlled by attackers worldwide will serve as a powerful engine for the new breed of so-called P2P worm that is currently echoing across cyberspace. April 16, 11:17 a.m. PDT Bottom line impact of data breaches unclear Despite the fact that unwanted exposure of consumer data has become a hot-button issue in the media and among legislators nationwide, experts admit that it remains unclear just how much damage the events will cause to the finances and reputations of companies that experience major incidents. April 13, 3:01 p.m. PDT More security OEM deals to come With enterprises demanding more tightly integrated security products than ever before and pressure increasing on vendors in the space to offer as many tools as possible to win deals, experts say that an increasing number of technology providers will turn to licensing agreements to help increase their marketability. April 12, 3:57 p.m. PDT McAfee: Cyber-crime will continue to pay The latest research report from McAfee's Avert Labs paints a frightening picture for enterprise IT administrators and end-users, predicting continued maturation of cyber-crime and the technological means being used to carry out external attacks. April 10, 9:00 p.m. PDT Microsoft patching five flaws, two critical Microsoft announced in its monthly Patch Tuesday preview that it plans next week to release security updates for five individual product vulnerabilities, including two critical issues. April 6, 10:28 a.m. PDT ShmooCon hacker event gets under way The third annual ShmooCon convention kicked off in Washington, D.C., on March 23 and will run throughout the weekend with a series of lectures and presentations covering a wide range of enterprise security issues. March 23, 2:12 p.m. PST Global malady: Virus writers worldwide team up Security researchers have been touting the growing nature of professionalism among virus authors over the last several years, but new evidence points to increased cooperation between malware writers spread around the globe, according to some experts. March 20, 11:13 a.m. PST 12 crackpot tech ideas that could transform the enterprise Technologies that push the envelope of the plausible capture our curiosity almost as quickly as the would-be crackpots who dare to concoct them become targets of our derision. February 19, 3:00 a.m. PST PortAuthority tightens its data security net I appreciate when a vendor succeeds at developing a very good application. But what I find more admirable is when a vendor recognizes the deficits in its solutions, makes no excuses, and quickly goes back to the drawing board to make that app excellent. December 1, 3:00 a.m. PST Public key cryptography celebrates anniversary MOUNTAIN VIEW, Calif. -- Dignitaries from the computer security field took the stage at the Computer History Museum Thursday evening to note the 30th anniversary of public key cryptography and wax historical about academic, governmental and commercial developments in security and ponder the future. October 27, 5:00 a.m. PDT Virtual ID card identifies 'Net users Parents with children who love to chat on the Internet are familiar with the problem of how to keep their kids safe from online predators. October 3, 12:48 p.m. PDT Nasty bug found in 'classic' ICQ client AOL is advising users of its ICQ instant message service to update to the latest version of the instant messaging software following the discovery of a bug in an older version of the product. September 7, 3:39 p.m. PDT Mail encryption made easy Basic e-mail encryption between two users isn’t terribly difficult to implement. Free add-ons to the more popular e-mail clients provide for easy encryption and decryption of messages. It’s exponentially more difficult, however, to deploy encryption to hundreds or thousands of clients, which typically involves supplying the software to recipients at the other end of every encrypted connection, coordinating the exchanges of keys, and training users on client-side encryption software. September 7, 3:00 a.m. PDT Hackers beware: You are what you type As anyone who’s ever held forth in a barroom debate can attest, strange topics attract strange people. And no one knows that better than Dr. Neal Krawetz, computer science Ph.D. and renowned expert in “nonclassical” computer forensics, who focuses on ways to identify otherwise anonymous people online. Krawetz, who is the head of Hacker Factor Solutions, is a pioneer in offbeat methods of identification — finger tapping, syntax slips, errant blog posts — they’re all fodder for Krawetz’s analysis, which pieces together bits of incriminating evidence to pin down online bad guys. August 14, 3:00 a.m. PDT Betting on authentication If Paul Roberts ever goes to the track, I’m gonna let him place a few bets for me. He has a knack for picking winners. Case in point, a few weeks back, the InfoWorld senior editor suggested the time was right for a story on the enterprise’s need for stronger, brainier authentication to clamp down on fraud. No sooner had he finished writing this week's authentication cover story than EMC announced plans to buy authentication vendor RSA Security. A week later, it was Secure Computing buying CipherTrust (with its e-mail reputation system), while digital identity vendor Entrust snapped up fraud-detection company Business Signatures. The vendors clearly appreciate Roberts’ trend-spotting abilities. July 24, 3:00 a.m. PDT IBM sued over hacked e-mail server A Washington, D.C., law firm has sued IBM, claiming that the computing giant is responsible for a 2005 attack on its e-mail server. July 12, 1:33 p.m. PDT Running e-mail through a gauntlet E-mail security is a dire necessity these days, and it involves much more than anti-spam or anti-virus filtering. Phishing scams threaten to snare corporate users and their passwords for accessing business networks; other attacks target the mail server directly, trying to harvest usernames or valid e-mail addresses or gain access to the mail server. Organizations may be sued by individuals who receive offensive e-mails from company users, or even by their own employees who receive offensive content from other employees or outside sources. Companies also face the threat of losing corporate secrets or intellectual property through e-mail. May 26, 3:00 a.m. PDT Product Previews Symantec unifies anti-spam and mail security Tightening the integration between brightmail anti-spam and the company’s content security technologies, Symantec Mail Security for SMTP 5.0 — announced last week and due in May — will proactively protect against both inbound and outbound e-mail threats. The product introduces more extensive content filtering capabilities and zero-day virus prevention, and mitigates threats such as phishing and spyware using Sender Policy Framework and Sender ID. Symantec Mail Security for SMTP 5.0, Symantec April 24, 3:00 a.m. PDT Product previews EMC rolls out entry SAN and archiving software EMC introduced the EMC clariion AX150 and AX150i storage systems and the EMC Documentum Archive Services for Email and Archive Services for Reports. The AX150 systems, available with Fibre Channel or iSCSI connectivity, support as many as 10 host servers and scale from 750GB to 6TB of SATA II storage. Pricing starts at $5,600. The new Archiving Services offerings are based on a unified archiving platform for collecting, retaining, securing, and discovering all kinds of information, including e-mail, reports, documents, images, Web content, video, and transactional data. Prices vary by configuration. EMC Clariion AX150 and EMC Documentum Archive Services, EMC April 10, 3:00 a.m. PDT Paid e-mail plan raises the people's ire If the ’60s has left any mark on following generations, it can still be found in high tech. March 7, 3:00 a.m. PST Plug-and-play appliances reshape IT landscape Looking for a can’t-miss enterprise trend? I have just one word for you: appliances. During the past year, our Test Center has been inundated with the things. And not just the old standbys like firewalls, switches, and routers. I’m talking appliances that can handle virtually every IT operation: intrusion prevention, intrusion detection, CRM, anti-spam, e-mail security, Web services integration. We’ve even seen a smattering of appliances for Microsoft Exchange that come bundled with managed services (look for our Test Center review in April). March 6, 3:00 a.m. PST Sidestepping the analog hole On an episode of “The West Wing,” deputy national security adviser Kate Harper (Mary McCormack) reprimands presidential assistant Debbie Fiderer (Lily Tomlin) for displaying the president’s schedule on her computer screen. As Harper correctly points out, anybody could walk into the office and find out something they shouldn’t know. March 1, 3:00 a.m. PST New RedBrowser Trojan first to target J2ME Security researchers have discovered the first malicious software designed to work on mobile devices running the J2ME (Java 2 Mobile Edition) software, used by a large number of phones and consumer electronics products. February 28, 1:37 p.m. PST RSA - FBI director: Cyber threats 'fluid and far-reaching' Hacker hunters need to develop new techniques to take on the latest generation of sophisticated and better-organized cyber criminals. That's what U.S. Federal Bureau of Investigation Director Robert Mueller told attendees of the RSA Conference 2006 in San Jose, California, Wednesday. February 15, 3:45 p.m. PST Researchers find that popular apps have mismanaged security Big-name companies like America Online Inc. (AOL) and Adobe Systems Inc. could do a better job of writing secure software, according to a recent report by two Princeton University researchers. February 6, 1:10 p.m. PST Opening up iTunes U Criticizing free services is always dicey. So when I dinged Stanford University and Apple for the nonaccessibility of the lectures at itunes.stanford.edu, I knew I risked seeming churlish. But there are some things about this deal that rub me the wrong way. February 1, 3:00 a.m. PST AOL patches serious Winamp bug Users of America Online Inc.'s Winamp 5.12 media player are being told to upgrade their software following the release of malicious code that could be used to take over a Winamp user's system. January 30, 3:07 p.m. PST State CIOs need more IT security support from DHS The U.S. Department of Homeland Security (DHS) must improve its support for U.S. state and local governments so they can better protect their IT infrastructures from attackers, two organizations of top IT officials said Wednesday. January 25, 2:57 p.m. PST Document management systems go to court Two proposed amendments to the federal Rules of Civil Procedure, if passed by Congress, will have a major impact on corporations and their IT departments. One expert I spoke with called the situation a legal Chernobyl. December 27, 3:00 a.m. PST Tech reviews for the holidays Even IT takes a holiday now and then. Same goes for the InfoWorld staff, which chills out by taking a one-week break following the publication of this, our 51st and final issue of the year. December 19, 3:00 a.m. PST A constant state of insecurity For the past few months an acquaintance of mine has been sniffing various public wireless and wired networks around the world, looking to see what plain text passwords are visible. It was an eye-opening experiment. November 4, 3:00 a.m. PST Identity management in action Think you’re ready to deploy IDM (identity management) in your organization? John Aisien, vice president of marketing at IDM vendor Thor Technologies, won’t kid you about the realities. October 7, 3:00 a.m. PDT Federation takes identity to the next level When clients of advertising giant Ogilvy & Mather want to collaborate on budgets or watch rough cuts of commercials, they’re likely to log on to the company’s network and do it online. The process speeds delivery and saves on travel costs, but it can also add a big security and regulatory burden. October 7, 3:00 a.m. PDT Microsoft completes FrontBridge acquisition Microsoft Wednesday announced that it has completed its purchase of FrontBridge Technologies, a company that provides managed services for e-mail security, compliance and availability. August 31, 1:24 p.m. PDT Symantec, CipherTrust load up security appliances Much like most enterprise-class IT tasks, security can become weaker when a company network is bogged down with too many devices. Management borders on the impossible and IT can never quite get as clear a picture of its own security as it needs. August 29, 5:45 a.m. PDT > Security |
|
|
||||||||||||||||||
