December 2005 | Archive by Month | | Page 2

December 2005

  • Security Bytes: Flaws plague Symantec, McAfee

    Meanwhile: An IM worm exploits the holidays, Cisco offers workarounds for vulnerabilities in IOS and Oracle is using Forify's technology to boost security.

  • Lost and found: DHL returns missing data tape

    Two million ABN AMRO Mortgage customers breathe a sigh of relief after a backup tape had been reported missing. Still, customers are urged to check their credit activity.

  • Symantec shuts down discussion groups

    One user has started a new, independent forum in response, saying IT professionals need a place to find support for problems related to the AV giant's products.

  • Guidance turns investigative tools on itself

    The forensics software firm says it was compromised by hackers in November. It's just one in a growing list of companies admitting to recent attacks or lax security.

  • Proxy server functions

    In this Ask the Expert Q&A, our platform security expert details how proxy servers work and determines whether they protect personal and sensitive information safe from hacker exploits.

  • Why form fields aren't a good place to hide sensitive information

    Web security guru Michael Cobb, takes an in-depth look at the dangers of HIDDEN form fields, how attackers use them to gain unauthorized entry or hijack sessions, and most importantly, how to secur...

  • E-greetings, screensavers bring more tears than cheers

    Vendors that track spyware are noticing more of it stuffed into holiday greeting cards, screensavers and customized gift tags for virtual Christmas trees. Learn how to avoid these and other downloa...

  • Security Bytes: McAfee sees growing mobile threat in 2006

    In other news, IBM addresses Java flaws; patches don't get along with IE 7; and hackers force game maker to shut down.

  • Introduction to COBIT for SOX compliance

    The Sarbanes-Oxley Act does not detail compliance requirements for IT, so many enterprises and auditors have adopted the standard COBIT, introduced here.

  • Freeware detects insecure wireless networks

    Learn how NetStumbler, a free utility, helps network admins determine if a wireless network is insecure or just lacking in signal strength.

  • Changing user IDs and passwords

    Learn why organizations should limit the number of username changes in this identity and access management ATE Q&A.

  • Java programming resources

    Find Java-specific resources here.

  • Security updates fix Macromedia flaws

    Attackers could exploit vulnerabilities to bypass security controls, gain administrative privileges and cause a denial-of-service. But fixes are available.

  • Trio of trouble: Malcode targets Windows, IM users

    AV firms warn IT shops to guard against Dasher, Bagle and Banbra. Dasher targets a Windows flaw patched in October, while Banbra spreads through IM.

  • Step-by-step guide: Cracking network passwords

    Mitigate the risks posed by weak passwords by attempting to find your weaknesses before a malicious hacker does. Contributor Kevin Beaver provides a step-by-step guide on how to crack your own netw...

  • Patch testing on a budget

    While it is best to test patches prior to production, testing environments can be costly. This tip explains how to reduce these costs.

  • physical security

    Physical security is the protection of personnel, hardware, programs, networks, and data from physical circumstances and events that could cause serious losses or damage to an enterprise, agency, o...

  • For Microsoft, security and trust prove elusive

    Following the recent beta release of its OneCare Live security offering, Microsoft seems poised to dip its toe into the lucrative enterprise security and software services market. Despite its long ...

  • Flaws reported in Trend Micro ServerProtect

    Storage and security managers should be wary of vulnerabilities in the AV product that could enable a denial-of-service and malicious code execution. Workarounds are available.

  • Handling vulnerability assessment activities

    Our security management expert discusses the importance of having a security team that handles vulnerability assessments within in your organization and outlines functions and tasks each division s...