November 2005 | Archive by Month | | Page 3

November 2005

  • Multiple new Sober variants spy on passwords

    AV firms say the latest Sober worms drop malicious files onto the computers to fetch access codes.

  • Developing an incident response plan

    In this Ask the Expert Q&A, Shon Harris provides resources you can use to devise an effective incident response plan.

  • MD5 vs. RC4

    In this Ask the Expert Q&A our application security expert compares the MD5 encryption algorithm against its competitor RC4 and examines the security features of each.

  • SUS, WSUS, SMS and beyond

    This tip outlines the differences between SUS, WSUS and SMS, and offers advice on when to invest in a third-party patching tool.

  • Educate users about security awareness

    User education is one of the hardest security layers for administrators to implement. This article by contributor Tony Bradley provides the top ten things users should know about information security.

  • Delivering daily security tips to users

    Educating users on security is a big part of overall security. This little-known Quote of the Day protocol can help dispense advice using a login script without overwhelming the user. Networking ex...

  • Patching gets faster, but threats shifting focus

    New research shows organizations are applying security fixes faster than ever, thanks in large part to patch prioritization. But it may be time to prepare for a new wave of threats.

  • Sony rootkit uninstaller causes bigger threat

    Princeton researchers say a security hole that appears when users try to remove Sony's copy protection software presents an even greater risk than the original rootkit.

  • Hackers installing keyloggers at a record rate

    iDefense researchers have found that keylogger infections are up 65% over the year before, putting the private data of tens of millions of users at risk.

  • SOX Compliance for the Security Practitioner

    This collection of resources offers security managers in-depth information to help keep their organization compliant with the Sarbanes-Oxley (SOX) Act. Learn how security practitioners are handling...

  • IDS: Still head of the class in security education

    Despite its "old school" image, a technologist at the CSI Computer Security Conference says intrusion detection offers quite an education in network security.

  • Websense Enterprise 5.5

    Learn why Information Security magazine believes this product is ideal for organizations who need an robust Internet filtering solution.

  • What is required to deploy Web server application in MS Application Center

    In this Ask the Expert Q&A, our application security expert examines whether or not it's possible to exclude X.509 certificates and private keys if you use MS Application Center to deploy a Web ser...

  • IPsec-related flaw could yield new round of attacks

    Attackers could exploit a vulnerability in a security protocol widely used in VPNs to cause a denial of service or buffer overflows, or to launch malicious code.

  • Security School, the Web's top informational resource for today's enterprise IT professional, delivers free online training for the CISSP® certification. Benefit from a series of 10 training...

  • The CISO's newest duty: bailiff

    At the CSI 32nd annual Computer Security Conference, CISOs say compliance is becoming more burdensome as they must often ensure executives stay out of trouble.

  • Security Bytes: FTC cracks down on alleged spyware distributors

    Patches fix serious RealPlayer flaws, IM malcode launches phishing attacks; Microsoft warns of Macromedia Flash flaw; Liberty Alliance pushes stronger authentication; FEMA data security is in quest...

  • Data shows spyware becoming 'global pandemic'

    The worldwide spyware threat is only growing, according to a new study, and the most serious hazards -- Trojans and keystroke loggers -- represent a grave threat to unsuspecting corporations.

  • Trojans target Sony DRM and Windows

    Security researchers track two new Trojan horses. One exploits the Sony DRM program. The other could possibly take aim at the Windows flaw Microsoft patched this week.

  • Commentary: Why companies still struggle with compliance

    A security analyst with a major rental car company has some theories on why companies aren't meeting government mandates for data security.