December 2005 | Archive by Month | | Page 3

December 2005

  • Titan Rain shows need for better training

    SANS says the Chinese-based attacks demonstrate the growing sophistication of hackers, and the need for IT admins who can articulate the dangers to execs.

  • Microsoft issues critical fix for IE

    In addition to the long-awaited browser fix, the software giant also addressed an "important" Windows kernel flaw involving how certain procedure calls are processed.

  • How to prevent phishing scams and protect customers

    In this tip, Web security guru, Nalneesh Gaur examines how hackers are using phishing scams to exploit financial sectors of the industry, why you should care and what you can do to prevent these at...

  • Service-level agreement advantages and disadvantages

    Learn about the advantages and disadvantages of service-level agreements.

  • How to overcome Web services security obstacles

    Richard Mackey explains how to build secure Web service applications and the difference between Web service protocols and standards.

  • How to build a user registration form

    Learn how to build a secure user registration form and some general Web-based system guidelines to guide you through the process.

  • How FTPS differs from TLS

    Take an indepth look at FTP over SSL, how it works and how it differs from TLS and other protocols

  • How buffer-overflow vulnerabilities occur

    Learn about buffer-overflow vulnerabilities; how they occur, types of buffer-overflow attacks, and how hackers exploit them to gain access to secure and sensitive files.

  • IP cloaking becoming a business necessity

    Just by browsing your competitor's Web site, you might be giving away your company's most guarded secrets. Experts offer advice for countering the subterfuge and keeping secrets safe.

  • CSOs say patch management tide is turning

    Security pros at this year's Infosecurity show say IT shops are getting better at patch management. But new threats are emerging, including flaws that never die.

  • Handling permissions in Active Directory

    In this Ask the Expert Q&A, our platform security expert discusses how Active Directory permissions are controlled specified access control lists and what tools are available to users who seek to v...

  • Security School Course Catalog

    A catalog of our free online security courses led by information security experts on popular security topics.

  • Security pros gain ground in the board room

    Executives are paying more attention to their IT security managers and taking more responsibility for online threats against their companies, according to a new study.

  • Two Windows patches coming, IE fix uncertain

    It remains to be seen whether the software giant on Dec. 13 will address an outstanding Internet Explorer issue that is currently the target of a malicious Trojan.

  • How RSA keys differ from DH/DSS keys

    In this Ask the Expert Q&A, Michael Cobb, our application security expert explains how RSA and DH/DSS differ, examines the strengths and weaknesses of each, and, explains how to use the compressi...

  • How to break into security

    How do you break into security if you're fresh out of school or making a career change within IT? Learn how network admins and security newbies can acquire entry-level experience.

  • Best practices for managing secure Web server configurations

    In this tip, Michael Cobb, our Web security guru takes an in-depth look at ways to manage securing configurations of multiple Web servers. He explains the process from frequency to documentation an...

  • Best practices for password protection

    Learn what a keyring is -- how it works in conjuction with passphrases to keep sensitive and personal messages secure. Also learn what practices help keep passwords protected from hackers and crack...

  • Cybersecurity policy takes cooperation, trust, experts say

    At the Infosecurity confab, experts explain why sharing information -- even when it's embarrassing -- is vital to securing not only corporations, but also the national infrastructure.

  • Fighting adware with… adware

    McAfee says it wasn't aware promotional pop-ups were part of an aggressive adware campaign, as a competitor discovered. But it's vowed to find the company responsible.