December 2005

  • Quiz: Storage security

    Regulations like SOX and the recently approved Personal Data Privacy and Security Act are bringing the importance of data protection to light. Loss of data – be it inadvertent or surreptitiou...

  • Storage security quiz answers

  • Handling vulnerability assessment activities

    Our security management expert discusses the importance of having a security team that handles vulnerability assessments within in your organization and outlines functions and tasks each division s...

  • Flaws reported in Trend Micro ServerProtect

    Storage and security managers should be wary of vulnerabilities in the AV product that could enable a denial-of-service and malicious code execution. Workarounds are available.

  • For Microsoft, security and trust prove elusive

    Following the recent beta release of its OneCare Live security offering, Microsoft seems poised to dip its toe into the lucrative enterprise security and software services market. Despite its long ...

  • Roundup: 2005's 'curious malicious code'

    These viruses, worms and Trojans sometimes escaped our notice. But it didn't get past one antivirus vendor, who rounded up some of the year's stranger offerings from the underground.

  • Keep attackers from phishing in your waters

    Learn why phishing attacks continue to rise and three steps you can take to mitigate this risk.

  • How to prevent poor e-mail practices

    In this Ask the Expert Q&A, our application security expert examines why organizations should implement and enforce an enterprise-wide e-mail encryption security policy.

  • Security Bytes: Exploit code targets older versions of Firefox

    In other news, a flaw is found in Opera and the Cyber Security Industry Alliance tells the federal government to show more leadership on security.

  • Secure Sphere 2.0

    In this review, Information Security magazine contributor Peter Giannacopoulos evaluates the strengths and weaknesses of Imperva's SecureSphere 2.0.

  • ISA Server security don'ts

    Use this checklist of configuration don'ts to learn what to avoid when securing ISA Server.

  • How to overcome Web services security obstacles

    Richard Mackey explains how to build secure Web service applications and the difference between Web service protocols and standards.

  • Service-level agreement advantages and disadvantages

    Learn about the advantages and disadvantages of service-level agreements.

  • Secure remote access: SSH Tectia Manager

    In this review, Information Security magazine's senior technology editor examines the strengths and weaknesses of SSH's Tectia Manager.

  • How to prevent phishing scams and protect customers

    In this tip, Web security guru, Nalneesh Gaur examines how hackers are using phishing scams to exploit financial sectors of the industry, why you should care and what you can do to prevent these at...

  • Titan Rain shows need for better training

    SANS says the Chinese-based attacks demonstrate the growing sophistication of hackers, and the need for IT admins who can articulate the dangers to execs.

  • Microsoft issues critical fix for IE

    In addition to the long-awaited browser fix, the software giant also addressed an "important" Windows kernel flaw involving how certain procedure calls are processed.

  • How to build a user registration form

    Learn how to build a secure user registration form and some general Web-based system guidelines to guide you through the process.

  • How FTPS differs from TLS

    Take an indepth look at FTP over SSL, how it works and how it differs from TLS and other protocols

  • How buffer-overflow vulnerabilities occur

    Learn about buffer-overflow vulnerabilities; how they occur, types of buffer-overflow attacks, and how hackers exploit them to gain access to secure and sensitive files.