January 2007 | Archive by Month | SearchSecurity.com | Page 3

January 2007

  • Data breach at TJX could affect millions

    Retailer TJX Companies said a hacker gained access to its systems exposing the credit card data of millions of customers.

  • What are application logic attacks?

    In 2005, application logic flaws allowed alert, Web-savvy gamblers the chance to win a lot of money. In this SearchSecurity.com tip, application security expert Michael Cobb examines these types of...

  • TJX breach: There's no excuse to skip data encryption

    Companies complain that database encryption products are too expensive and difficult to manage, but customer loss and breach notification costs outweigh encryption expenses.

  • Companies take IM threats seriously

    IT managers are finding security tools to shield internal systems from IM attack by keeping malware and phishers out, while letting trusted clients and friends in.

  • Mapping the path toward information security program maturity

    Amid tight information security budgets, it can be hard to recommend the best ways to invest new dollars or focus new resources. In this tip, Ed Moyle explains why creating a security program matur...

  • Fortify Software to acquire Secure Software

    The acquisition of Secure Software will allow Fortify to expand into the requirements and design phases of the software development lifecycle, the company said.

  • Oracle releases 51 security fixes

    The flaws are across Oracle's product line and attackers could exploit them remotely to compromise vulnerable systems.

  • Will two different operating systems cause administrative problems?

    Using two different operating systems can often boost a company's security, but there are practical limitations to the enterprise practice. In this expert Q&A, Michael Cobb reveals how separate pla...

  • SonicWALL's SSL VPN appliance is a winner

    Product review: SonicWALL SSL-VPN 4000 is an affordable and capable appliance for mid-sized enterprises.

  • PatchLink offers solid flaw management

    Product review: PatchLink Update 6.3 is a solid solution to the enterprise patch management problem and demonstrates its true power in a Windows environment.

  • Apere's IMAG 500 a tough sell

    Product review: Apere says many of the issues we encountered are addressed in its next release, but mid-enterprise businesses may not have the tolerance for this product.

  • WatchGuard offers 'excellent' UTM product

    Product review: Despite minor flaws, the Firebox X series is an excellent UTM deal, with its low entry price, terrific firewall and routing capabilities.

  • How can rootkit hypervisors affect operating system security?

    What can rookit hypervisors do to your operating system? "Whatever their creators want!" says application security expert Michael Cobb. In this SearchSecurity.com Q&A, Cobb explains how rootkit hyp...

  • Who patches better: Microsoft or Mozilla?

    Window Snyder was a senior security strategist at Microsoft before leaving in 2005 to become a founder and CTO of Matasano Security LLC. Last September she became Mozilla Corp.'s security chief and...

  • Core Security offers powerful testing tool

    Product review: Core Impact 6.0 is an amazing tool to validate your security posture. We highly recommend it to security engineers to verify the vulnerability of their networks.

  • CA fixes multiple flaws in back-up product

    Also in Bug Briefs: Cisco patches an IOS flaw, HP fixes OpenView glitches; Adobe fixes critical vulnerabilities; and more Mac OS X flaws are disclosed.

  • trusted computing

    Trusted computing is a broad term that refers to technologies and proposals for resolving computer security problems through hardware enhancements and associated software modifications... (Continued)

  • View Point

  • Virtual Threats

    Virtual machines save you money in the data center, but can you ignore their security implications any longer?

  • Recent Releases: Security product briefs, January 2007

    Read about the security products that launched in January 2007.