December 2005 | Archive by Month | | Page 4

December 2005

  • CSOs say patch management tide is turning

    Security pros at this year's Infosecurity show say IT shops are getting better at patch management. But new threats are emerging, including flaws that never die.

  • IP cloaking becoming a business necessity

    Just by browsing your competitor's Web site, you might be giving away your company's most guarded secrets. Experts offer advice for countering the subterfuge and keeping secrets safe.

  • Security Software Downloads


  • Handling permissions in Active Directory

    In this Ask the Expert Q&A, our platform security expert discusses how Active Directory permissions are controlled specified access control lists and what tools are available to users who seek to v...

  • Security School Course Catalog

    A catalog of our free online security courses led by information security experts on popular security topics.

  • Security pros gain ground in the board room

    Executives are paying more attention to their IT security managers and taking more responsibility for online threats against their companies, according to a new study.

  • How to break into security

    How do you break into security if you're fresh out of school or making a career change within IT? Learn how network admins and security newbies can acquire entry-level experience.

  • How RSA keys differ from DH/DSS keys

    In this Ask the Expert Q&A, Michael Cobb, our application security expert explains how RSA and DH/DSS differ, examines the strengths and weaknesses of each, and, explains how to use the compressi...

  • Sober strike set for January

    VeriSign's iDefense group has spotted what could be a new Sober variant set to strike early next year. While the warning may thwart the attack, it's clear that mass-mailer worms aren't going away q...

  • Two Windows patches coming, IE fix uncertain

    It remains to be seen whether the software giant on Dec. 13 will address an outstanding Internet Explorer issue that is currently the target of a malicious Trojan.

  • Best practices for managing secure Web server configurations

    In this tip, Michael Cobb, our Web security guru takes an in-depth look at ways to manage securing configurations of multiple Web servers. He explains the process from frequency to documentation an...

  • Best practices for password protection

    Learn what a keyring is -- how it works in conjuction with passphrases to keep sensitive and personal messages secure. Also learn what practices help keep passwords protected from hackers and crack...

  • Cybersecurity policy takes cooperation, trust, experts say

    At the Infosecurity confab, experts explain why sharing information -- even when it's embarrassing -- is vital to securing not only corporations, but also the national infrastructure.

  • Fighting adware with… adware

    McAfee says it wasn't aware promotional pop-ups were part of an aggressive adware campaign, as a competitor discovered. But it's vowed to find the company responsible.

  • New bots, worm threaten AIM network

    Security firms say a fresh wave of bots lures users into downloading malicious content. Plus a new worm variant is on the loose, cloaked as a greeting card.

  • How to prevent application attacks and reduce network vulnerabilities

    In this Ask the Expert Q&A, our application security guru discusses how hackers exploit network vulnerabilities to attack your applications and what you can do to mitigate this risk.

  • Step-by-Step Guide: How to create a VPN for your wireless network

    With wireless networks proliferating its critical that you understand what it takes to build a VPN for a wireless gateway. Brien Posey outlines a Windows-based procedure in this step-by-step guide.

  • The pros and cons of migrating to Firefox

    Making the switch from Internet Explorer to Firefox isn't a security cure-all. Here are some factors to consider before you change Web browsers.

  • Security Bytes: Cisco warns of IOS, OpenSSL flaws

    In other news, a shoe retailer settles a data disclosure dispute with the FTC and a hacker figures out how to use an IE flaw to target Google Desktop.

  • Review: New Hailstorm a viable in-house pen test option

    Cenzic's latest version weaves nicely with QA and development teams to test commercial and custom applications for vulnerabilities.