June 2006

  • When access management becomes rocket science

    Security can be a hard sell beyond the IT realm, even for security pros at NASA. But nothing motivates people like regulatory pressure and a fear of being the next data breach headline.

  • Steal this Computer Book 4.0: Prevent Google hacking

    Learn how to prevent Google hacking in this excerpt from Chapter 8: Stalking the Computer of "Steal this Computer Book 4.0," by Wallace Wang.

  • Microsoft's new security chief: 'We've come a long way'

    Microsoft's newest top cop plans on getting his hands dirty. Ben Fathi, recently named chief of Microsoft's Security Technology Unit, said he is ready to jump into design and development to push forward...

  • Information Security Quizzes

    Test your knowledge of everything security, from network security to regulatory compliance, with our collection of quizzes.

  • New threats target Microsoft apps

    Microsoft warns customers to apply a RASMAN patch to protect against new exploit code. Meanwhile, Symantec warns of code targeting Windows Live Messenger.

  • Nmap: More port scanning techniques

    In this fifth tip in our Nmap manual, SearchSecurity.com expert Michael Cobb looks at some of the Nmap port scanning techniques that exploit certain idiosyncrasies of specific platforms or protocol...

  • Microsoft and the peril of predatory pricing

    This week in Security Blog Log, a Sunbelt Software executive worries about Microsoft's security pricing practices while others focus on the Excel zero-day threat.

  • Malware authors eyeing Web-based applications

    The recent attacks against Yahoo and Google are only the beginning, experts say, as malware authors seek out vulnerable Web applications that are often hard to secure.

  • Subpar signatures embolden call for antivirus SLAs

    With antivirus signature quality becoming an increasingly troublesome problem for businesses, the industry says SLAs are needed to hold vendors accountable when things go wrong.

  • Security Bytes: University data breaches lead to IT suspensions

    In other news, Panda spots a fast-spreading worm; Gartner reports growth in the antivirus market; and IBM fixes a WebSphere flaw.

  • How to configure a server to prevent unauthorized network access

    Learn from other security practitioners as they share ways to configure a network so unauthorized users cannot access files, folders and other sensitive information.

  • SOX Scorecard 2

    This 20-question scorecard, aligned with the sections of the COBIT standard, is designed to help an organization gauge its ability to meet COBIT control objectives that are important in complying w...

  • SOX Security School Final Exam

    Are you ready for your next SOX audit? Take this Final Exam to see how much you've learned about SOX compliance and whether you need to revisit SOX Security School.

  • Information security podcasts: 2006 archive

    Listen to past editions of our information security podcasts.

  • Implementing Database Security and Auditing: Trojans

    An excerpt from Chapter 9 of "Implementing Database Security and Auditing," by Ron Ben Natan.

  • New Bagle variants on the prowl

    The prolific worm arrives as a .zip attachment that's encrypted with a password. It spreads using randomly chosen names programmed into its code.

  • Data theft affects 88 million-plus Americans

    A steady stream of security breaches has put more than 88 million Americans at risk for identity fraud since February 2005. Visa and Equifax customers are the latest victims.

  • PIX firewall configuration from scratch

    Learn how to configure passwords, IP addresses, network address translation (NAT) and basic firewall rules in this tip.

  • Nmap: How to scan ports and services

    Nmap is the ideal tool for performing a simple network inventory or vulnerability assessment. This article offers tips on how to use a Nmap

  • How to improve Web access controls

    Wish your enterprise provided more granular Web access to specific users? Learn how to do so by augmenting proxy servers or firewall with a Web filtering appliance, in this identity management and ...