|
|
Free Newsletters
|
|
|
|
|
|
IT trainer offers master's degree for hackers In an effort to produce the next generation of chief security officers and IT systems defense experts, an online training company is offering a new master's degree program in security science. Retail group takes a swipe at PCI Simmering discontent within the retail industry over the payment card industry (PCI) data security standards erupted into the open Thursday with the National Retail Federation (NRF) asking credit card companies to stop forcing retailers to store payment card data. October 5, 10:23 a.m. PDT Security vendors bring zombie fighters to life Data leakage prevention might currently be the hottest IT security submarket, but vendors are also tuning up their product offerings to help customers ward off the presence of botnet-infected zombie computers.  October 4, 3:41 p.m. PDT PayPal claims gains against phishers PayPal security chief Michael Barrett isn't ready to claim a victory in the fight against phishing schemes, but he said that his company is slowly turning the tide using a set of new partnerships and technological means. September 20, 4:23 a.m. PDT Fear of insider threats hits home The more money that companies spend on securing their IT operations from external attack, the more it seems they become aware that the potential threat posed by their own employees remains their most significant risk. September 18, 10:42 a.m. PDT Forrester security show stresses risk management Enterprise security decision makers have long been more likely to be swayed by flashy new technologies than by the notion of comprehensive IT restructuring to protect data and other corporate assets, but the situation is evolving rapidly, according to experts participating in Forrester Research's ongoing Security Forum. September 5, 11:33 a.m. PDT Intel's vPro chips in more security for businesses With the introduction of its latest vPro microprocessors on Monday, Intel contends it is injecting a heavy dose of new security capabilities for the benefit of business customers and third-party technology providers alike. August 27, 8:00 a.m. PDT Intel adds desktop NAC to latest chips Intel's move to provide new integration with NAC (network access control) tools in its latest vPro desktop processors could provide interesting opportunities for use with the device authentication systems while further strengthening the technology standards it supports, according to industry watchers. August 27, 8:00 a.m. PDT Security SaaS maturing fast Security technologies delivered via the SaaS (software-as-a-service) business model may still be in their nascent stage, but some early adopters are already piecing together multiple offerings to outsource a significant portion of their IT systems defense infrastructure. August 22, 11:06 a.m. PDT Mobile workers still struggling with security A fair amount of business users remain oblivious or unconcerned about many of the security issues involved with mobile devices, according to a new study published by Cisco and the National Cyber Security Alliance. August 21, 3:08 p.m. PDT Pundits on parade: What’s next in tech You’ve heard of Christmas in July, that classic advertising gimmick designed to lure shoppers into stores despite the oppressive heat and humidity. We’ll, we’ve got New Year’s in August, which invites you to stay indoors and read “The next big things in IT” -- 15 predictions about the future of technology. August 20, 3:00 a.m. PDT Mozilla shares scanning tool, Firefox 3 features Open source browser maker Mozilla has developed a wide array of secure coding analysis tools as part of its internal development process, and now it's beginning to share those programs with the outside world. August 3, 2:28 p.m. PDT Apps security to dominate Black Hat Black Hat kicks off this week in Las Vegas with a big shift in focus from Internet viruses to application security. July 31, 3:00 a.m. PDT Reap the rewards of hardware recycling In late 2000, Union Bank of California concluded that it was time to refresh its desktop PCs every four years, based on findings from a PC Total Cost of Ownership Study. This meant that 200 PCs would have to be retired every month. Unfortunately, there was no strategy in place for the task, or even a designated person or department to manage the systems. July 12, 3:00 a.m. PDT Veracode debuts system to test binary code Veracode launched its Software Security Ratings Service on June 25, introducing its new system for use in testing the safety of applications development among enterprise customers and third-party software makers. June 25, 1:25 p.m. PDT HP-SPI deal underscores apps security integration Hewlett Packard's acquisition of Web applications security specialist SPI Dynamics on June 19 illustrates a growing demand among enterprise customers to have vulnerability-scanning tools integrated into their software development platforms. June 19, 12:07 p.m. PDT Homeland Security to detail IT attacks Officials from the U.S. Department of Homeland Security will hold a hearing on Capitol Hill on June 20 to discuss the findings of an investigation into the agency's own problems in battling electronic attacks and IT systems intrusions. June 15, 11:26 a.m. PDT 2007 InfoWorld CTO 25: Satinath Sarkar When Satinath Sarkar, CTO of Orion Technology talked to his friends 10 years ago about his specialty -- geographic information systems, or GIS -- he was met with quizzical looks. June 7, 3:00 a.m. PDT App developers finally securing code On Aug. 14, IT security training and research authority SANS Institute will convene its inaugural set of exams for software developers seeking to attain its new secure coding certifications. The rise of such initiatives -- and increasing adoption of source code vulnerability scanning tools among internal software development teams -- are finally making a difference in overall applications security, some end users and industry experts contend. June 6, 4:14 a.m. PDT Microsoft unveils integrated security Microsoft shared details of its long-term security product strategy as part of its ongoing TechEd 2007 training conference on June 4, lifting the lid on plans to deliver an integrated suite of its software by mid-2009. June 4, 7:24 a.m. PDT Spammers' use of AI only just begun Though security industry experts were openly referring to the death of spam several years ago, the arrival of image-based attacks has resulted in a stunning renaissance in the volumes of unwanted e-mail reaching end-users' inboxes. May 31, 5:03 p.m. PDT Companies open wallets for secure data An annual VanDyke Software-sponsored survey of IT network and systems administrators finds that businesses have increased their spending on secure data communications technologies and also have undertaken significant work to improve their internal processes to benefit security. May 22, 11:42 a.m. PDT Microsoft, TCG get closer on NAC The Trusted Computing Group (TCG) is tying its authentication software standard to Microsoft's proprietary network access protection platform -- a move that leaders in the network access control (NAC) segment tout as a major step toward getting products made by different vendors to work together. May 21, 8:20 a.m. PDT Deepwater churns around unencrypted data The most sensitive and highly classified data communicated over the nation's internal computer networks remains at risk for exposure, according to key witnesses in the government's investigation into the United States Coast Guard's Deepwater procurement program. May 17, 11:33 a.m. PDT IBM pitches risk management strategy IBM unveiled a new IT governance and risk management strategy on May 15 that it will market to enterprise customers as a means to weave together security and compliance projects to ease planning and help drive down related expenses. May 15, 12:42 p.m. PDT Social Security, spyware bills go to House vote The House Energy and Commerce Committee unanimously approved a pair of bills on May 10 that aim to bolster consumers' protection against misuse of their social security numbers and computer-borne spyware. May 11, 11:23 a.m. PDT Building trust in downloads no simple feat The Truste group's goal of creating an online ecosystem through which software makers are held accountable for the functions of their programs and end users are given the power to keep unwanted applications off their devices won't be achieved easily, according to security researchers and participants in the nonprofit's Trusted Downloads project. May 10, 5:04 p.m. PDT Infrastructure security powers up He may not have known it at the time, but Lonnie Charles Denison helped prove the need for tighter security at many infrastructure businesses when he launched a multifaceted attack against California Independent System Operator, a quasi-governmental agency responsible for management of the state's power grid. May 9, 4:17 a.m. PDT Document shell code attacks loom large Targeted attacks that utilize vulnerabilities in popular document file formats and execute via hard-to-find shell code are becoming an increasingly popular menace, according to researchers at IBM's Internet Security Systems division. May 2, 12:37 p.m. PDT Groups raise concerns about cybersecurity standards Legislation that would authorize the U.S. Department of Homeland Security to create emergency preparedness standards for private industry takes the wrong approach toward cybersecurity, some experts said Tuesday. April 24, 12:22 p.m. PDT Lawmakers call for e-voting paper trails U.S. lawmakers on Wednesday called for electronic voting machines to include paper trail backups, while a government auditor said better security measures for the machines are needed. April 18, 2:55 p.m. PDT CDT preps new authentication and ID policies The CDT (Center for Democracy and Technology) offered a sneak peak at a new list of guidelines it will present to the FTC next week that are meant to help businesses and consumers balance issues of online privacy and authentication. April 18, 1:48 p.m. PDT P2P worms get their turn Massive networks of infected computers controlled by attackers worldwide will serve as a powerful engine for the new breed of so-called P2P worm that is currently echoing across cyberspace. April 16, 11:17 a.m. PDT Bottom line impact of data breaches unclear Despite the fact that unwanted exposure of consumer data has become a hot-button issue in the media and among legislators nationwide, experts admit that it remains unclear just how much damage the events will cause to the finances and reputations of companies that experience major incidents. April 13, 3:01 p.m. PDT ISA pushes for security incentives over regulation The U.S. government should explore new incentives for companies to invest in cybersecurity instead of focusing on regulation, a cybersecurity trade group said. April 11, 12:44 p.m. PDT McAfee: Cyber-crime will continue to pay The latest research report from McAfee's Avert Labs paints a frightening picture for enterprise IT administrators and end-users, predicting continued maturation of cyber-crime and the technological means being used to carry out external attacks. April 10, 9:00 p.m. PDT Finding security in Windows Mobile monoculture Without a doubt, the most influential factor driving the current state of IT security is the ubiquitous presence of Microsoft's dominant Windows operating system on a vast majority of the world's PCs. April 6, 4:52 p.m. PDT Debate lingers over federal data-handling laws Even as the federal government appears poised to create new consumer data protection laws in 2007, businesses and privacy advocates in the United States remain at odds over the parameters of such legislation and its potential impact. April 3, 6:59 p.m. PDT ShmooCon hacker event gets under way The third annual ShmooCon convention kicked off in Washington, D.C., on March 23 and will run throughout the weekend with a series of lectures and presentations covering a wide range of enterprise security issues. March 23, 2:12 p.m. PST More IT war stories Off the Record, the real-world slice of life that graces the last page of InfoWorld, is one of our most popular columns. I know this from reader surveys and from all the e-mail I receive about it. As reader Roland Sickenberger put it recently, “It’s my favorite part of the magazine, kind of like a ‘Dilbert come to life’ thing.” March 5, 3:00 a.m. PST Tolerating online fraud Whenever I see someone turning the other cheek to a problem, I smile and think of the greatest golden retriever I’ve ever known, a family dog named Kayo who was a very strong swimmer. March 1, 3:00 a.m. PST Groups call for e-voting paper trail legislation A coalition of voting rights groups on Monday called on the U.S. Congress to pass legislation that would require electronic voting machines to have printers attached as a way to audit the touch-screen results. February 12, 1:53 p.m. PST Women in technology: A call to action A quick scan of almost any IT department -- from the trenches to the corner office -- confirms it: Women who embrace technology as a lifelong career remain a rare breed. To be sure, opportunity for women in technology has advanced in the past few decades, as have education initiatives aimed at leveling the playing field, but for every woman rising to prominence or embarking on a profession in IT, there seems to be another opting out of her career in technology. January 29, 3:03 a.m. PST Back to school: Getting girls into IT Despite the success of various education initiatives in the past several years, there’s little doubt that the shortage of women in technology begins on the playground. As such, many industry leaders and experts believe the long-term solution to the gender imbalance in IT lies in women technologists going back to school -- way back, to high schools and even elementary schools to mentor young girls, who too often give up on math and science at an early age. January 29, 3:02 a.m. PST Activism provides competitive advantage for IT Encountering another woman working in technology was a rare event for me when I started out in IT many years ago. In the years since, women have made significant strides, sometimes against great odds, proving their mettle as both tech execs and engineers. January 29, 3:01 a.m. PST Gender crisis in IT You don’t need a degree in statistics to recognize that IT is a men’s club. Just walk the floor of any tech conference or, in all likelihood, your own office — XY chromosomes everywhere you look. January 29, 3:00 a.m. PST Wi-Fi body to simplify security The group that certifies Wi-Fi products aims to make more wireless LANs secure by taking some of the work out of locking them down. January 8, 4:43 a.m. PST Technology of the Gods January is named after Janus, the two-faced Roman deity of beginnings and endings, who reportedly was able to look both forward and back. So for our Jan. 1 issue, we pay homage to the mythological immortal with our seventh annual Technology of the Year Awards, an analysis of where IT has been and where it’s going in 2007. January 1, 3:00 a.m. PST Review of reviews It’s coming up on closing time for 2006. All around us, everyone is going into holiday mode. Not to be curmudgeonly contrarians, InfoWorld will be following suit, taking a one-week break before returning on Jan. 1 with our first print issue of the year. (It’s really only a semi-hiatus; InfoWorld.com will continue to perk over the holidays with a slightly reduced slate of stories.) December 18, 3:00 a.m. PST Oracle launches identity governance project Oracle on Wednesday announced a new project to tackle one of the thorniest problems facing enterprises: the proliferation of sensitive identity information across enterprise networks. November 29, 9:54 a.m. PST New spec targets mobile phone security Efforts to establish security standards for mobile devices were boosted Tuesday with the release of the Mobile Trusted Module (MTM) specification. September 12, 6:52 a.m. PDT How to develop an enterprise encryption strategy Here’s a sobering prediction: One-third of all adults in the United States will have their personal identity information compromised or lost this year by a company that electronically stores the data, according to figures supported by the Privacy Rights Clearinghouse. Whether or not that number is perfectly accurate, the list of publicly known data breaches is staggering nonetheless. September 1, 3:00 a.m. PDT 'Baby steps' best approach to virtualization The best way for corporations to embrace virtualization is by adopting the technology gradually, taking "baby steps" until the concept is well understood internally, according to a systems engineer at a leading U.S. insurance company. June 6, 1:48 p.m. PDT Slow progress for 802.11n standards The IEEE 802.11n standard has been three years in the making, and from the looks of it, it has at least another year to go. That’s a shame because it offers a lot of benefits, including higher throughput than the current Wi-Fi standard -- about 120Mbps in the real world -- and 50 percent longer range. Plus, because it uses multiple antennas that can stitch together a fractured signal, it eliminates a lot of spots where there might be drop-offs indoors. June 6, 3:00 a.m. PDT Verisign to buy SSL vendor for $125M VeriSign said Wednesday it will purchase Secure Sockets Layer (SSL) certificate provider GeoTrust Inc. for about $125 million in cash, a deal that will give it access to GeoTrust's extensive reseller channel. May 17, 4:43 p.m. PDT Tech startups to watch Startups are back! or at least, startup fever is back. Scan the latest numbers from PricewaterhouseCoopers and you won’t find any hockey sticks -- the level of investment in enterprise-related technology startups has actually remained fairly flat, hovering between $1.5 and $2.3 billion per quarter from 2003 through 2005. May 15, 3:00 a.m. PDT MySQL CEO seeks partnerships with IBM, Microsoft The companies MySQL would most like to have a relationship with are IBM and Microsoft, says Marten Mickos, chief executive officer of the open-source database company. April 20, 2:12 p.m. PDT The hidden challenges of federated identity For years, companies have kept stores of identity information about employees, customers, and partners. These databases and directories are critical components of a company’s identity infrastructure. But as businesses push to create new products and increase productivity, they have discovered that they often must cooperate to provide the services their customers and employees demand. March 24, 3:00 a.m. PST Scaling a federated identity infrastructure Different kinds of organizations approach the problem of scaling a federated identity implementation in different ways. When you’re federating with one or two partners, hammering out the legal arrangements and assigning risk and liability is done one partner at a time. Even if technology standards provide universal system interoperability, the lawyers are likely to approach each agreement as a one-off task. Let’s call this model “peer-to-peer federation.” March 24, 3:00 a.m. PST User-centric identity brings federation close to home Federation doesn’t have to be a behind-the-scenes interaction between big companies. Lately, an idea called “user-centric identity” has gained traction. It revolves around a few core principles, most notably the idea that users should be allowed to choose which identity credentials to present in response to an authentication or attribute request. March 24, 3:00 a.m. PST Update: ISO rejects China's WAPI wireless security protocol The International Organization for Standardization (ISO) last week rejected a security protocol that was backed by some Chinese representatives as an amendment to the group's wireless LAN standard. March 13, 4:47 p.m. PST It takes an extraprise to secure your business Back in May, I wrote a column about our country's lack of an overall plan to protect critical infrastructure in case of attack -- telecommunications and fiber in particular. Consider this Part 2. February 21, 3:00 a.m. PST For banks, security compliance goes only MSSP-deep In the financial industry, third parties often guard the vault. For example, MSSPs (managed security services providers), such as the company I work for, deliver vital resources and expertise to many small to midsize banks. These services include firewalls and intrusion management, secure electronic document delivery, and oversight by trained security professionals. Many banks also rely on MSSPs to comply with regulatory mandates. February 14, 3:00 a.m. PST State CIOs need more IT security support from DHS The U.S. Department of Homeland Security (DHS) must improve its support for U.S. state and local governments so they can better protect their IT infrastructures from attackers, two organizations of top IT officials said Wednesday. January 25, 2:57 p.m. PST Top technologies of the year Welcome to our first issue of the year. For those of you who took a break, re-entry into the heady universe of work may be a bit discombobulating. Fortunately, last Saturday, the world’s ever-considerate timekeepers saw fit to give us an extra sliver of time -- a leap second-- to prep for the new year. And now, with the pop of the cork (or was that the buzz of a pager?), we’re ready to herald 2006, a potential banner year for the enterprise. January 2, 3:00 a.m. PST End-to-end identity management suites still coming together The identity management market is one that we watch closely. And while it has yet to fully explode into the mainstream, 2005 saw it steadily gaining momentum. Identity is so compelling because it's far more than just a security technology. Authentication, fine-grained access control, and SSO (single sign-on) are all advantageous, but they only represent the tip of the iceberg of what an identity suite can accomplish. January 2, 3:00 a.m. PST Document management systems go to court Two proposed amendments to the federal Rules of Civil Procedure, if passed by Congress, will have a major impact on corporations and their IT departments. One expert I spoke with called the situation a legal Chernobyl. December 27, 3:00 a.m. PST Tech reviews for the holidays Even IT takes a holiday now and then. Same goes for the InfoWorld staff, which chills out by taking a one-week break following the publication of this, our 51st and final issue of the year. December 19, 3:00 a.m. PST Update: Microsoft Windows earns Common Criteria certification Several of Microsoft's Windows platform products have achieved a Common Criteria certification of 4+, a rating that bolsters their profile among government and other vertical-market customers that have high-security needs for IT products, a company spokesman said Wednesday. December 15, 4:04 a.m. PST 2005 survey spots trends in software development Software developers are often important augurs of IT technologies’ direction and rate of adoption. Managers who responded to trends among developers would have been the first to detect the growth of Linux and the open source movement, the emergence of Java as a significant platform for server-based computing, and the arrival of integration technologies such as XML and Web services. November 30, 12:30 p.m. PST Product Previews Alcatel flips the switch on 10Gb Ethernet Alcatel next month will throw its hat into the 10-Gigabit Ethernet ring with the debut of its OmniSwitch 9000 line. The enterprise datacenter-targeted 10Gb Ethernet switches address the need for better QoS, scalability, security, and VoIP support. The OmniSwitch 9700 has a 10-slot chassis, and the 9800 has an 18-slot chassis; components on both are hot swappable and fully redundant. The switches have built-in support for IPv4, IPv6, multicasting, and server clustering and high-availability features. OmniSwitch 9000 chassis prices range from $3,995 to $23,995; a 24-port 10/100/1000Gb Ethernet blade is $7,995; a two-port 10Gb Ethernet blade (without optics) is $10,495. OmniSwitch 9000 Alcatel November 21, 3:00 a.m. PST Microsoft says it won't support SAML 2.0 Microsoft will stick by the set of protocols it has picked for identity federation, a concept that includes single sign-on (SSO) for several different Web portals and secure transfers of data between partnered businesses. November 17, 4:00 a.m. PST Data breach bills unlikely to pass before 2006 After a series of data breaches earlier this year, members of the U.S. Congress raged about the irresponsibility of breached companies and introduced a flurry of bills requiring companies to notify affected customers when data is lost. November 11, 11:45 a.m. PST Liberty Alliance releases legal, privacy guidelines The Liberty Alliance Project, an industry consortium working on standards for federated identity systems, released a set of guidelines Tuesday that aims to help organizations deal with some of the legal and privacy issues that arise from such federated identity projects. October 11, 5:41 a.m. PDT Identity management in action Think you’re ready to deploy IDM (identity management) in your organization? John Aisien, vice president of marketing at IDM vendor Thor Technologies, won’t kid you about the realities. October 7, 3:00 a.m. PDT Seven technology battlegrounds Some people enjoy a good fight; others would prefer to look the other way. One thing is certain, though: If you have a stake in that fight, you’ll watch the outcome closely. September 5, 4:00 a.m. PDT NAC vs. NAP It all started with the Blaster worm in August 2003. That disastrous epidemic proved once and for all that boundary gateway protection alone is a failed security strategy. Since then, beginning with broader adoption of host-based personal firewalls, vendors have been cooking up host-based schemes to harden the “soft, chewy” center of the network. The most interesting battle over how end-point defense should proceed is between Cisco’s NAC (Network Admission Control) and Microsoft’s NAP (Network Access Protection). September 5, 4:00 a.m. PDT IT's seven dirty words Remember the George Carlin routine “The Seven Words You Can’t Say on Television”? (No, I’m not going to print them here; if you’re really curious, Google ’em.) I got to thinking the other day that IT has its own set of dirty words. Try saying any one of these in polite IT company, and someone will hand you a bar of soap to wash your mouth out. My filthy seven: August 15, 5:00 a.m. PDT The summer of PKI love The annual PKI Deployment Summit at Dartmouth College is becoming a summer tradition. Universities differ from other large enterprises in ways that make them bellwethers for IT's future. University user populations are transient, platform monocultures cannot be imposed, and collaboration across institutional borders is mission-critical. These are excellent circumstances in which to evolve methods of identity management that will also meet the requirements of corporations as they increasingly outsource, connect with customers through the Web, and engage with partners in federations of Web services. August 10, 10:30 a.m. PDT Open source identity A complete identity management solution comprises a number of components. As such, it would be difficult for any single open source project to offer a plug-and-play identity management system. There are, however, a number of projects that offer components of such a system, particularly in the area of federation and SSO (single sign-on). August 8, 5:00 a.m. PDT Putting a stop to counterfeit products Although a bottle of bogus Viagra might prove to be a big disappointment, a counterfeit bottle of a heart medication such as Lipitor could be deadly. On the National Association of Boards of Pharmacy’s list of drugs most susceptible to adulteration and/or counterfeiting, Viagra is No. 23 and Lipitor is No. 10. In 2003 more than 200,000 bottles of phony Lipitor were found on the shelves of major drugstore chains. June 7, 5:00 a.m. PDT The consultant's view Steve Manzuik is an independent IT security consultant. March 28, 6:00 a.m. PST The CTO's perspective Kevin Bernstein is CTO of platinum capital group. March 28, 6:00 a.m. PST How to hire an IT security consultant Outsourcing IT security is all the rage these days. It’s cheaper and more efficient, the prevailing theory goes, to farm out functions not directly related to your organization’s core competencies. If you make nickel-plated widgets, for example, your staff must be expert in manufacturing, nickel-plating, and selling widgets, not in keeping 14-year-olds out of your network. March 28, 6:00 a.m. PST Beware the cool-factor danger zone Ever have one of these conversations? March 18, 3:00 p.m. PST Secure architectures Thanks to complex perimeters, sophisticated application-level threats, and regulations that hold CEOs and CIOs accountable for company data, security must now be regarded as more than a bunch of technologies tacked onto the network. “Companies are realizing they must approach security at the enterprise level,” says Rich Caralli, senior member of the technical staff at the CERT Coordination Center’s survivable enterprise management group. “Rather than chasing the latest threat, they’re working on identifying and securing directly the core business processes and information assets essential to the company mission.” March 11, 3:00 p.m. PST Start-ups offer blog and e-mail monitoring I’m just back from the annual Demo conference, this year held in Scottsdale, Ariz. If you’re not familiar with this 15-year-old event, the audience is usually a mixture of venture capitalists, the investment arms of high-tech companies, and the media. Every six minutes, representatives from a different company — mostly startups — appear on stage offering a new product or product idea that they hope will capture the notice of those in attendance. More than any one particular product, though, I typically find that the kind of products shown is a leading indicator of what business buyers are looking for. February 25, 3:00 p.m. PST 9-11 commissioner calls for end to ISACs SAN FRANCISCO - The U.S. government’s policy of relying on voluntary, industry-led information sharing and analysis centers, or ISACs, is not working and should be discontinued or reformed, according to Jamie Gorelick, a member of the 9-11 Commission. February 18, 4:11 p.m. PST Toward an end-point security standard VPNs, whether IPSec- or SSL-based, allow remote PCs access to the network. Sometimes these computers are under corporate management, but many times they are not. They are home-office PCs, business partner systems, or public Internet terminals. Any might lack up-to-date anti-virus signatures; indeed, they already may be full of malware. February 4, 3:00 p.m. PST IT tackles phishing This article has been modified from its original version. Certain quoted material has been removed because its veracity could not be confirmed. January 21, 3:00 p.m. PST Reeling in the phishers Phishers beware. IT is watching you watching them. The FBI is out to get you jailed, too. January 21, 3:00 p.m. PST Phishing ploys reflect savvy technical skills This article has been modified from its original version. Certain quoted material has been removed because its veracity could not be confirmed. January 21, 3:00 p.m. PST DOD cyber sleuths swap secrets in Florida The U.S. Department of Defense (DOD) is making changes to streamline its response to online threats across the various branches of the military, and deal with a steady stream of new online woes, from hacking attempts to child pornography and threats posed by powerful portable storage devices such as iPods, according to senior DOD officials. January 12, 2:10 p.m. PST Microsoft, Panasonic to work on DRM compatibility LAS VEGAS - Matsushita Electric Industrial (Panasonic) and Microsoft are working together to realize digital rights management (DRM) system interoperability between Windows Media and SD (Secure Digital) memory card, Panasonic said Wednesday at the International Consumer Electronics Show (CES). January 5, 4:29 p.m. PST On the road to prevention Even though it happened late in the year, 2004 will probably be remembered as the year that Microsoft’s Internet Explorer slipped. Mozilla’s Firefox browser finally reached release status in early November, and by early December had made a noticeable dent in IE’s market share. The main driver for Firefox’s success is not necessarily its innovative features, but rather the lack of easily exploitable security holes. It seems that the serious flaws in Microsoft’s browser finally led many users to decide it’s time for a change. December 30, 3:00 p.m. PST Consumers reportedly dissatisfied with online security The results of a survey conducted by Gartner and shared with IDG News Service show that online consumers are growing frustrated with the lack of security provided by banks and online retailers, and feel that passwords are no longer sufficient to secure their online transactions. December 6, 1:16 p.m. PST Panel: Gov't can't mandate security WASHINGTON - Now is not the time for the U.S. government to mandate cybersecurity standards to private industry, despite significant threats and a lack of understanding by many company executives. So concluded a panel of government officials that met to discuss the issue in September. November 15, 12:38 p.m. PST Study: Information security field to grow steadily WASHINGTON - The number of cybersecurity professionals is projected to grow at an annual compound rate of nearly 14 percent from now until 2008, according to a study released this week during the Computer Security Institute (CSI) trade show in Washington, D.C. November 9, 1:26 p.m. PST In search of security event standards Integrating SEM (security event management) technology with existing security and system management infrastructure can be a hair-raising experience. Security point products such as IDSes, anti-virus gateways, and vulnerability scanners tend to use proprietary formats for reporting, recording network events, and issuing alerts. And the standard formats that do exist -- such as SNMP and syslog files -- are limited in what they can convey. October 29, 3:00 p.m. PDT Big picture security There was a time when cutting-edge network security meant a firewall on your perimeter and anti-virus software on the desktop. No longer. With the advent of polymorphic Internet worms, application-layer attacks, Trojan horses, adware, spyware, and wireless hacks, the network security picture is more complicated than ever. October 29, 3:00 p.m. PDT > Security > Standards |
|
|
||||||||||||||||||
