May 2006 | Archive by Month | | Page 2

May 2006

  • IIS security: Configure Web server permissions for better access control

    Updating user access controls as business portfolios expand can help protect confidential data. Learn how to secure user access controls and keep your greatest asset under lock and key by configuri...

  • Security Bytes: Skype dodges attackers

    Meanwhile: A worm hijacks IE and spreads via Yahoo IM, Ohio University reorganizes IT department after data theft; and Symantec accuses Microsoft of misusing technology.

  • How to install and configure Nmap for Windows

    In this second installment of our Nmap Technical Manual, SearchSecurity expert Michael Cobb offers pointers on how to install and configure Nmap for Windows.

  • Zero-day threat targets Microsoft Word

    Update: Symantec says a targeted exploit uses Microsoft Word to open a backdoor in users' systems. It recommends blocking .doc files at the network perimeter. Microsoft is working on a fix.

  • Blue Security's demise evokes mixed emotions

    In this week's Security Blog Log, there's no shortage of opinions on Blue Security's decision to fold after its antispam crusade put its customers at risk.

  • Security Bytes: AV giants team up against eBay pirates

    In other news, a new poll shows Cisco and Microsoft reaping the benefits of security spending and Sun addresses a Java flaw.

  • Novell patches eDirectory buffer overflow vulnerability

    Novell has addressed a flaw in the iMonitor component of its eDirectory LDAP directory service that could be exploited to cause a denial of service.

  • Treating email as potential evidence

    There is a growing need to archive email data, and today there are several ways to do it. Experts suggest it's time to consider what methods work best for the enterprise.

  • Merger madness: What to do when your infosec vendor gets acquired

    When your favorite security vendor merges or is acquired, the only thing you can expect for certain is change. This article outlines the pros and cons of vendor mergers and acquisitions, and how cu...

  • Opinion: What is a security professional, anyway?

    The problem with information security certifications isn't that they're being offered to those without experience, writes Pete Herzog. The real issue is that security pros are often measured by the...

  • Opinion: Readers respond to 'student' CISSPs

    Here are a select few of the many reader responses we received quite last week following Sean Walberg's column on colleges offering CISSP and SSCP certification classes as part of their undergradua...

  • How to manage user permissions

    Managing multiple user permissions can be a daunting task. Learn best practices for managing these permissions including servicing account passwords, granting local admin access, permissions for fi...

  • For students with 'learnability,' a future in IT via India

    Add the Indian IT powerhouse Infosys to the list of companies recruiting at American colleges this year. The fast-growing company sees a diverse workforce as its future. Some American students see ...

  • (ISC)2: 'Nothing has changed' on CISSP requirements

    In this Q&A, (ISC)2 board member Howard Schmidt -- a former Microsoft CSO, eBay CISO and White House cybersecurity advisor -- explains why the Authorized Academic Center program was started and why...

  • Antispam crusade backfires; Blue Security shuts down

    The move comes on the heels of a massive counterattack spammers launched against the company, knocking millions of Web sites offline in the process.

  • Are smart cards tamper-proof?

    While choosing to use smart cards to authenticate users may seem like the smart move, know that they are not tamper-proof. Discover what industry standards are available to protect your organizatio...

  • Should employees have local admin rights?

    While it may save you time, granting users local administrator rights also puts your organization at risk. Discover why this practice is considered a risk and learn alternate access control methods...

  • Skype: Its dangers and how to protect against them

    Skype may be free for end users but it could be costing your enterprise its security. This tip outlines the free VoIP solution's security risks and offers tips for keeping Skype off of the network.

  • The pros and cons of PKI and two-factor authentication methods

    There are myriad authentication methods to choose from today; learn the pros and cons of two such methods, Public Key Infrastructures and two-factor authentication systems, and how each system help...

  • Experts: Exchange patch OK, despite glitches

    A fast-moving worm exploit could follow Microsoft's recent Exchange patch. Despite causing issues for mobile devices, security experts urge organizations to install the fix.