May 2006

  • Oracle refuses to learn its lesson, experts say

    Oracle critics say the database giant sits on known flaws for too long, leaving its applications open to attack. Is it time for infosec pros to extract Oracle products?

  • SnortSnarf

    SnortSnarf is a program that was designed for use with Snort, a security program used mainly with Linux networks. SnortSnarf converts the data from Snort into Web pages. It was written in Perl by J...

  • Security Blog Log: Are certifications silly?

    One blogger thinks so. Also this week: Apple is criticized over a TV ad suggesting it has no viruses and the Oracle CSO's blog lies dormant.

  • Integrated security rolls into switch market

    Following the launch of a new network switch that combines policy-based security technology with standard switching, experts say combo gear that thwarts and contains security threats at the network...

  • Where hard drives go to die, or do they?

    A number of enterprises are using asset disposal firms to ensure sensitive corporate data is destroyed, but the process is hardly foolproof. In fact, a convicted felon could have his hands on your ...

  • Intrusion Defense Final Exam Answers

  • Critical security patches coming for Windows, Exchange

    Microsoft's advance Patch Tuesday bulletin forecasts three security updates, but doesn't mention fixes for the latest Internet Explorer flaws.

  • Privacy Breach Impact Calculator

    How much would a customer privacy breach impact your business? This calculator by information security and privacy expert Rebecca Herold, CISSP, CISM, provides an example of some of the items an or...

  • Digital doomsday can be avoided with preparation

    The U.S. Cyber Consequences Unit says enterprises must take specific measures to shore up their defenses, otherwise they could be vulnerable to attackers who not only steal data, but also manipulat...

  • QRadar 5.0 offers robust SIM

    Hot Pick: SIMs are maturing to a level where they are practical and effective, and Q1 Labs has moved to the forefront with its innovative QRadar 5.0.

  • Military students get lesson in cyberwarfare

    Students from the nation's most recognized military academies recently took part in a contest that not only tested their network defense skills, but also gave them a taste of real-world information...

  • TippingPoint X505 hits the sweet spot

    Product review: This appliance combines IPS, firewall and VPN technologies, and supports around 500 concurrent users.

  • Nmap 4.01 improves upon past releases

    Product review: Nmap 4.01's core port-scanning engine is mature, robust and capable of scanning both IPv4 and IPv6 hosts, independent of whether or not they are protected by firewalls.

  • What is the best antivirus software to use when running Linux?

    In this Ask the Expert Q&A, Threat and mitigation expert Ed Skoudis reveals what he believes to be the best antivirus products on the market today for Linux users.

  • ping of death

    On the Internet, ping of death is a denial of service (DoS) attack caused by an attacker deliberately sending an IP packet larger than the 65,536 bytes allowed by the IP protocol.

  • How to protect your company against cybercrime

    Thanks to the Internet's inherent anonymity, widespread reach and disjointed law enforcement status, cybercriminals have a lot to gain -- and enterprises have a lot to lose. In this tip, SearchSecu...

  • How to protect the network from DoS attacks

    In this Ask the Expert Q&A, our security threat expert, Ed Skoudis, discusses how a new type of DoS attack operates and what you can do to protect your network.

  • Security Bytes: Phishing scheme targets American Express customers

    Meanwhile: Personal data on 66,000 newspaper subscribers is leaked online, and a Trojan horse hijacks data and demands ransom.

  • XML Web services tutorial: How to improve security in Web services

    Securing XML is an essential element in keeping Web services secure. This SearchSecurity.com Learning Guide is a compilation of resources that review different types of XML security standards and a...

  • Wacky Web misuses highlight internal risks

    One vendor says selling corporate assets on eBay, spying on coworkers and running illegal gambling rings are just a few examples of the crazy stunts employees will try when given unchecked use of t...