August 2006 | Archive by Month | | Page 5

August 2006

  • Spyware war may be a losing battle, experts say

    Black Hat: Spyware is a top concern among security professionals, but experts say there may be no technology that can stop its spread. Instead, the spyware battle may need to be waged on a differen...

  • RSS, Atom feeds ripe for attack

    Black Hat: A researcher demonstrates how RSS and Atom feeds can spread the payload of a zero-day attack. His advice? Subscribe to feeds with care.

  • Combating phishing scams

    In this Information Security Threats Ask the Expert Q&A, Ed Skoudis reviews what to do if you've been phished and identifies the phishing coalitions that can help combat this email threat

  • Creating a security awareness program

    In this Information Security Threats Ask the Expert Q&A, Ed Skoudis explains how creating a security awareness program can help thwart the insider threat.

  • Security Bytes: CA fixes eTrust Antivirus flaws

    Meanwhile: Online thieves steal $700,000 from personal accounts, researchers expose e-passport vulnerability; and arrests are made in the VA security breach case.

  • How to prevent VoIP phishing

    Don't fall prey to a VoIP phishing scam. In this Information Security Threats Ask the Expert Q&A, Ed Skoudis explains why end-to-end encrypted VoIP phones cannot prevent VoIP scams and how to prote...

  • VA desktop PC stolen, 36,000 could be at risk

    Update: The incident marks the second time in less than three months that a VA device with sensitive information has been compromised. One expert blames the systematic problem of too much internal ...

  • XP SP2 pushed back

    A network management expert and Windows MVP outlines highlights from the coming release of Microsoft's much-anticipated Windows XP Service Pack 2.

  • Ajax threats worry researchers

    Black Hat: While it makes smooth Web applications like Google Maps possible, the rush to adopt Ajax may fuel haphazard development and a feeding frenzy among hackers.

  • Akonix A-Series offers complex, best-of-breed IM security

    Product review: Information Security magazine's Sandra Kay Miller says The Akonix A-Series instant messaging security appliances works well but needs better documentation.

  • Vendors reject preferential knowledge sharing

    While Cisco continues to investigate a potential PIX firewall flaw, it and other vendors say sharing security information quickly and indiscriminately is always the best policy.

  • Thwarting IM management challenges

    Product review: Information Security magazine's Sandra Kay Miller says Symantec's IM Manager 8.0 has limited public network features, but offers excellent reporting.

  • Countering attackers with NAC, IPS

    Product review: Information Security magazine's Wayne Rash says ForeScout Technologies' flexible CounterACT appliance combines NAC with IPS and is worth the investment.

  • Security event management, no strings attached

    Product review: Information Security magazine's Joel Snyder says Check Point's vendor-agnostic Eventia Analyzer 2.0/Eventia Reporter is worth consideration despite limited BI options.

  • What's a Hot Pick?

  • Old attack vectors are back in style

    Black Hat: Like hip-huggers and tweed, once-popular attack methods like ciphertext manipulation are finding new life as hackers look to cut through well-worn Web applications.

  • Twelve Microsoft fixes coming on Patch Tuesday

    Microsoft Tuesday will release a dozen new security bulletins for its Windows and Office products, likely including fixes for several outstanding PowerPoint flaws.

  • Security Bytes: Cisco coping with more Black Hat revelations

    Speakers at Black Hat USA 2006 have revealed a Cisco CallManager Express flaw and a proof-of-concept exploit. Also: Patches for GroupWise and yet another Firefox update.

  • RFID security issues are cause for corporate concern

    Although small in nature, RFID tags could be used to attack databases and corrupt critical information. It's a growing concern as corporate RFID use skyrockets, yet experts say there are reasonable...

  • Avoiding the scourge of DNS amplification attacks

    DNS amplification attacks can generate enough bogus traffic to blow almost anyone off the Internet. Learn how these packet flood attacks work and how to defend your organization.