January 2007

  • PING with Josh Seeger

    Josh Seeger, CIO of Tribune Broadcasting, a unit of the Tribune Company, talks exclusively about lessons learned when faced with the complex task of meeting the Payment Card Industry Data Security...

  • Using IAM, password and provisioning management tools for compliance

    Provisioning and password management tools can ease complexity, reduce help desk calls and save money. But they also have an added benefit: they can help with your compliance woes.

  • Quiz: Using IAM tools to improve compliance

    A five-question multiple-choice quiz to test your understanding of the content presented by expert Tom Bowers in this lesson of SearchSecurity.com's Identity and Access Management Security School.

  • Group gives government low marks on data protection

    The Cyber Security Industry Alliance, a lobbying group of security vendors, gives the federal government and congress a D-grade for securing sensitive information.

  • Microsoft disputes Word zero-day report

    Symantec is warning of a new zero-day vulnerability in Microsoft Word. But Microsoft doesn't believe the flaw is new.

  • Symantec exploitation video hits YouTube

    Symantec posted a clip on the popular video-sharing site showing researchers using a newly discovered flaw in Microsoft Word to drop an executable on a vulnerable machine.

  • Symantec unveils 'universal ID system'

    Symantec said the goal is to create a universally accepted identity system across all Web sites -- from online financial institutions to retailers -- for millions of consumers.

  • Using role management in provisioning and compliance

    Role management provides the necessary framework for enterprises to efficiently govern access to sensitive data based on workers' jobs. However, many organizations fail to rescind unnecessary acces...

  • More from SearchSecurity.com -- January 2007

    Highlights from Information Security magazine's January 2007 issue

  • Windows Vista voice command tricked

    An attacker found a way to play audio commands at a user's machine, tricking the voice command capability in Vista into running arbitrary code.

  • Entrust to sell cheaper hardware tokens

    Security vendor Entrust Inc. will enter the hardware token market selling a $5 one-time password device. Experts say the move could reduce prices across the industry.

  • Member Benefits

    Activate your FREE membership today and receive customized white papers, webcasts, technical tips, expert advice and more - to be delivered right to your inbox. Join today!

  • TJX faces lawsuit over data breach

    A class action lawsuit against TJX accuses the retailer of negligence for not doing enough to secure customer data and for keeping quiet about the breach for a month.

  • Symantec acquiring Altiris for $830 million

    Symantec says it will bolster its endpoint security position with the acquisition of IT management software firm Altiris.

  • Is Sender ID an effective email authentication tool?

    Sender ID, used by five million domains, can significantly counter spammers and phishers, but is it the best antispam technology? In this expert Q&A, Michael Cobb reveals the pros and cons of the e...

  • Do XPath injection attacks require the same response as SQL injections?

    XPath injection attacks are slightly different (and more dangerous) than SQL injections. In this SearchSecurity.com Q&A, application expert Michael Cobb reveals the preventative steps that can prot...

  • IBM tool makes online purchases anonymous

    A new tool makes online purchases anonymous by using artificial identity information. Experts say enterprises need to adopt the technology before it can become a viable option.

  • Malware: The ever-evolving threat

    The first tip in our series, "How to assess and mitigate information security threats, excerpted from Chapter 3: The Life Cycle of Internet Access Protection Systems of the book The Shortcut Guide...

  • Information theft and cryptographic attacks

    The third tip in our series, "How to assess and mitigate information security threats," excerpted from Chapter 3: The Life Cycle of Internet Access Protection Systems of the book The Shortcut Guide...

  • Threats to physical security

    This is tip No. 6 in our series, "How to assess and mitigate information security threats," excerpted from Chapter 3: The Life Cycle of Internet Access Protection Systems of the book "The Shortcut ...