March 2006 | Archive by Month | | Page 3

March 2006

  • Jelly Belly sweetens remote access

    Candy-maker Jelly Belly's network was so secure even top executives couldn't get in through the VPN. The company solved the sticky situation with innovative new appliances.

  • Opinion: Ignoring data breaches means ignoring risk management

    Corporate data breaches, leaks and losses have become commonplace, despite the recent onslaught of privacy compliance mandates and disclosure laws. While the consequences may not seem severe, corpo...

  • Checklist: Ten dos and don'ts for secure coding

    Download this checklist of dos and don'ts for developing secure code.

  • Adobe fixes critical Macromedia flaws

    Flash, Shockwave and other multimedia products could leave systems vulnerable to attack via a malicious Shockwave Flash object file. The vendor recommends users update immediately.

  • Pair of Microsoft patches fixes seven flaws

    The software giant addresses six critical security holes in Microsoft Office and an "important" vulnerability in Windows. Attackers could exploit them to hijack workstations and run malicious code.

  • New freeware takes some mystery out of rogue files

    Endpoint security provider Bit9 today unveils a free search engine that tells users a file's origin, thus helping reduce unwanted software on desktops, laptops and servers.

  • brain fingerprinting

    Brain fingerprinting is a controversial technique that is advocated as a way to identify a terrorist or other dangerous person by measuring the "brainprint" of that person when shown a particular b...

  • Security Blog Log: A DRM threat to lives and infrastructure?

    A security luminary bristles at copyright groups' efforts to block exemptions to DRM programs; Citibank suffers a compromise; and experts offer tips to thwart ID thieves.

  • Military mindset no longer applicable in our line of work

    The business world should stop looking to the defense community for direction on information security.

  • Federal budget for 2007 to boost cybersecurity

    The president's budget proposal would boost spending to key cybersecurity programs, but some say firms working to improve national infrastructure security need to get their fair share.

  • Microsoft to patch flaws in Windows, Office

    The software giant said the Office update on tap for Tuesday will be "critical," while the Windows fix will be rated "important."

  • Ten dos and don'ts for secure coding

    Security practitioners should understand how developers introduce security vulnerabilities into applications and work to support the developers in improving code quality and security. Encouragement...

  • Scientists band together for TRUST-worthy research

    A group of the nation's top computer scientists and colleges are teaming up to find better ways to protect computing systems from cyberattacks.

  • Best practices for pen testing Web applications

    Performing a Web application penetration test can gauge how well your Web application can withstand an attack. In this tip, platform security expert Michael Cobb provides best practices for perform...

  • Security pros aren't stained by BlackBerry tiff

    A BlackBerry blackout would have been tough for on-the-go e-mail addicts, but it was never a security concern, if a survey of IT professionals is any indication.

  • Attacks driven by love of money

    Symantec's latest threat report shows digital desperadoes are exploiting Web application flaws and using "modular" malcode to launch lucrative attacks.

  • Security Bytes: Mac patch falls short of expectations

    In other news, one hacker gains root access to a Mac while another shows how to compromise Microsoft Fingerprint Reader.

  • Know your wireless encryption options

    Understanding wireless encryption is essential to deploying a secure wireless network. Contributor Tony Bradley breaks down the different encryption methods and explains why some are better than ot...

  • How SSOs differ from login and passwords

    Learn how SSO systems and login and passwords differ, and which systems are more likely to be exploited and why in this Ask the Expert Q&A.

  • State-based attacks: Session management

    In this excerpt from Chapter 4 of "How to Break Web Software: Functional and Security Testing of Web Applications and Web Services," authors Mike Andrews and James A. Whittaker identify session man...