February 2007

  • VA searches for missing external hard drive

    The FBI is investigating the possible theft of a U.S. Department of Veterans Affairs hard drive containing personal data on nearly 50,000 veterans.

  • Symantec chief: Consumer confidence in data protection is key to online growth

    In his keynote at RSA Conference 2007, Symantec CEO John W. Thompson said Big Yellow is ready for the shifting dynamics in the information security market, and implied that Microsoft's growing pres...

  • Rootkit dangers at an 'all-time high'

    Industry experts at RSA Conference 2007 say not only have rootkits become the weapon of choice for malicious hackers, but they've also emerged as useful tools for legitimate businesses trying to ex...

  • The Daily Dose: Chris Wysopal blogs from RSA Conference 2007

    In his exclusive daily column from RSA Conference 2007, security pro Chris Wysopal comments on vulnerability disclosure, and says emerging Web application technologies present many new attack vecto...

  • Gates to outline Microsoft's new strategy for secure computing

    Bill Gates is back at RSA. At this year's conference, Gates plans to speak about the evolution of authentication, network policies and data protection, signaling a change in his vision of a "Digita...

  • Cyberwar: A threat to business

    In the dark crevices of the virtual world, malicious individuals and groups are at the ready, waiting for the perfect opportunity to target U.S. businesses where and when they least expect it. In t...

  • Gates touts secure access anywhere

    Microsoft's chairman tells RSA Conference 2007 attendees that a combination of authentication and access management strategies is what it takes to protect corporate data, but information security p...

  • Developing an application security mind-set

    Baking security into applications can be a difficult process, but experts believe developing an application security mind-set can help create more secure software systems.

  • Vendor alliance wants PCI certification program

    Debuting this week at RSA, the Payment Card Industry Security Vendor Alliance will provide guidance to the industry and hopes to ultimately get a PCI certification program off the ground.

  • Vista exploitable, researcher says

    Marc Maiffret, CTO and chief hacking officer of eEye Digital Security, said he has found a way to elevate system privileges by exploiting a flaw in Windows Vista.

  • Keynoters speak volumes

    Times have changed, and RSA Conference keynote speakers no longer need cryptography and security backgrounds. This year's headliners include several rock stars of the IT industry, along with some n...

  • Microsoft has high hopes for Vista security

    Ben Fathi is the vice president of the Security Technology Unit at Microsoft and is responsible for the overall security of Microsoft's products as well as the development process known as the Secu...

  • RSA Conference 2007: Special news coverage

    Check out news, interviews, product announcements, podcasts and more live from the RSA Conference 2007 in San Francisco.

  • A new awareness for SIMs

    Experts say the use of security information and event management systems can not only give organizations overall visibility into their network security and improve their incident response, but also...

  • Pitfalls aplenty going SOA

    Service-oriented architectures may improve the standardization and efficiency of your business -- often at the expense of security. Michael S. Mimoso investigates the security features that vendors...

  • VeriSign touts benefits of Extended Validation SSL Certificates

    VeriSign and other certificate authorities (CAs) have been at the forefront of Extended Validation SSL Certificates (formerly known as high-assurance certificates), which standardize the vetting pr...

  • NAC gains traction

    Until recently, the network access control market had been all style and little substance, but at last vendors large and small are proving that NAC may be worth the investment.

  • CISOs mastering 'softer' skills

    This article examines why CISOs can no longer rely on technology skills alone and what businesses are looking for when recruiting their next information security leader.

  • Web apps remain a trouble spot

    Cross-site scripting and code injection have become even bigger development issues than buffer overflows. George Hulme reports the new threats to your Web applications.

  • New zero-day attack targets Microsoft Excel

    Microsoft says maliciously crafted Excel files may permit the execution of arbitrary code. Other Microsoft Office applications may be at risk.