|
Solution Search:
Could information be flowing into or out of your organisation without you knowing? It is the nightmare that haunts any security professional today.
And yet, there are plenty of techniques around that enable data to bypass the most watchful security set... More... Apr 14, 2008
IBM today launched the latest version of its Tivoli Identity Manager integrating the various acquisitions it made in recent years around identity and access management and streamlining a popular lightweight version of its identity management... More... Dec 12, 2007
Apple Inc. released QuickTime 7.3 Monday to fix at least seven security flaws in the popular media player, days after security vendor Bit9 Inc. named QuickTime 7.2 the second-most-vulnerable application of 2007. Cupertino, Calif.-based Apple said in its... More... Nov 5, 2007
Focus: Risk/policy management
The Elemental Security Platform (ESP) is a powerful tool for monitoring and enforcing... More... Mar 9, 2007
When compliance auditors dig deep, a company's technology infrastructure, processes and policies need to stand up to intense scrutiny.
Companies are looking to technology to prove that they are compliant with Sarbanes-Oxley (SOX), Europe's Basel II, HIPAA... More... Aug 1, 2006
Google Inc. has plugged a dangerous flaw in its desktop search tool that could have exposed users' personal files to an attacker.
Google Desktop is used to index documents, email, instant messaging transcripts and archived Web pages. Once items are... More... Feb 21, 2007
The sophisticated business-to-business interactions occurring at a service level with service-oriented architectures pose a major challenge to security.
You don't go SOA to be more secure; you go SOA for the sake of efficiency and integration... More... Feb 5, 2007
The Massachusetts Institute of Technology (MIT) has fixed several critical Kerberos 5 flaws attackers could exploit to cause a denial of service, bypass security restrictions and hijack targeted machines.
Apr 4, 2007
Imagine the scene. It's a cold day in London but inside Terminal 5 at Heathrow Airport, the temperature is rising fast. People are beginning to sweat in their winter clothes, and the check-in staff is wilting under the heat. Suddenly, the fire extinguishers go...
More...
Sep 19, 2008
Watchfire is adding new capabilities and automated wizards to its flagship vulnerability scanning software, AppScan in the first update to product since the company was acquired by IBM in June. Mike Weider, chief technology officer of Watchfire... More... Nov 13, 2007
Oracle JInitiator contains a critical flaw that could be exploited by an attacker to execute arbitrary code and compromise a vulnerable system. The tool is used by developers to run Oracle Developer Server applications directly within Internet... More... Aug 29, 2007
Updated Friday, Aug. 18 to include SecureWorks' admission that the MacBook used in the demonstration was equipeed with a third-party device driver. LAS VEGAS -- Security experts have spent the last couple years warning laptop users to take care when... More... Aug 2, 2006
In February, SearchSecurity.com surveyed 307 IT professionals from a variety of industries regarding their intrusion defense programs. Here is a look at some of the questions we asked and the answers they gave. Don't forget to check out the rest of our... More... Apr 25, 2006
SAN FRANCISCO -- Adoption of radio frequency identification (RFID) technology could stall if lawmakers overreact to security and privacy concerns by legislating the technology, according to a group of experts who discussed the issue Tuesday at RSA...
More...
Feb 7, 2007
Apple Inc., long ignored by most hackers and security researchers, is getting a chance to find out what it feels like to walk a mile in Microsoft Corp.'s shoes, thanks to its popular iPhone. First, a New Jersey teenager published detailed instructions for... More... Sep 26, 2007
Sourcefire Inc. is making plans to go public, seven months after Check Point Software Technologies Ltd. dropped plans to acquire it. In a statement emailed to SearchSecurity.com late Wednesday, Sourcefire announced it had filed a registration... More... Oct 26, 2006
The steady stream of data breaches that started with ChoicePoint Inc. in February 2005 has left more than 88 million Americans at risk for identity fraud, according to a list tallied by the Privacy Rights Clearinghouse (PRC). The latest incidents, which... More... Jun 21, 2006
By January 2007, anyone who banks online should be better protected against fraud and identity theft. That's because, by the end of this year, all financial institutions – brokerages, banks, credit unions – must add an extra layer of security for... More... Oct 25, 2006
A JavaScript worm is spreading via a security hole in Yahoo Mail, and end-users can become victims simply by viewing their email messages. In an emailed advisory, Cupertino, Calif.-based AV giant Symantec Corp. said JS.Yamanner spreads through Yahoo email... More... Jun 13, 2006
The monthly patch cycle Microsoft adopted in October 2003 is still the best way to address a majority of the software giant's security holes, IT pros say. However, with zero-day flaws on the rise, they believe the company should be willing to break the cycle... More... May 11, 2006
Oracle released its quarterly critical patch update (CPU) Tuesday, fixing 101 flaws across the company's product line. Attackers could exploit 45 of them from remote locations without a username or password.
"The most severe issues are SQL injection and... More... Oct 17, 2006
State lawmakers in Massachusetts are considering a bill that would shift the financial burden associated with data breaches from banks to retailers.
If passed the law would be the first of its kind to make retailers and other companies pay for the... More... Feb 23, 2007
After a month of investigation, officials at TJX Companies Inc. said Wednesday that the massive data breach the company disclosed in January is even worse than they originally thought.
Until now, the company believed that attackers had access to its... More... Feb 21, 2007
A hacker exploited a University of California, Los Angeles database containing the personal information of former students, faculty and staff, according to a statement issued by the university Tuesday. About 800,000 potential victims were notified.
... More... Dec 12, 2006
Symantec Corp. and McAfee Inc., two of the leading vendors in the security software market, have addressed vulnerabilities attackers could exploit in their products to cause a denial of service or run malicious code. Symantec Altiris Deployment... More... Oct 31, 2007
|
|