March 2007 | Archive by Month | | Page 4

March 2007

  • Go Daddy investigates source of attack

    Domain name registrar-Web site host Go Daddy suffered a sustained distributed denial-of-service attack Sunday. The source and motive of the assault is still under investigation.

  • TJX data breach faces FTC probe

    The Federal Trade Commission (FTC) confirmed it is investigating events surrounding the data breach at TJX Companies Inc. TJX says it is cooperating with investigators.

  • What tools can remove rookits or prevent their installation?

    Once installed, rootkits can stealthily monitor your traffic and keystrokes. In this Q&A, information security threats expert Ed Skoudis offers four ways to keep the malware off ...

  • How well does virtualization technology defend against malware?

    Virtualization products can protect your host operating system from malware, but the their detection methods aren't foolproof. In this expert Q&A, information security threats expert Ed Skoudis exp...

  • What are polymorphic viruses?

    Polymorphic viruses are built to dodge signature-based detection technologies. In this expert Q&A, Ed Skoudis examines the morphing malware and reveals which defenses are keeping up with the threat.

  • Windows Vista vulnerable to long-time attack method

    A researcher explains that a well-known attack carried out through StickyKeys, can be exploited in Windows Vista.

  • US-CERT warns of Windows-Office flaw

    Also: GnuPG flaw could compromise signed messages, Mozilla warns of a new Firefox glitch; Apple fixes multiple QuickTime flaws; and WordPress upgrade fixes 'dangerous' flaw.

  • DST switchover causing some problems

    The earlier start to daylight-saving time (DST) went smoothly for some IT administrators, while others spent Sunday troubleshooting problems.

  • Review: Elemental Security Platform gets a B+

    Elemental Security Platform is a powerful tool for monitoring and enforcing system compliance, and provides effective asset management and asset-centric access controls.

  • Review: DigitalPersona offers solid biometric authentication

    Enterprises looking for a biometric single sign-on solution will like what DigitalPersona Pro offers. It's easy to use and can function with single- and two-factor authentication.

  • Review: eGuardPost a B+ overall

    eGuardPost is a well-designed and highly capable product that meets an important need. It has strong security and great forensics capabilities.

  • Review: Sun Java System Identity Manager 7.0 'impressive'

    Hot Pick: Sun Java System Identity Manager 7.0 excels with agentless connectors, scalability and amazing auditing.

  • DST security concerns pervade bloggers

    This week in Security Blog Log: IT professionals are spending a lot of time on security issues related to this Sunday's start to daylight-saving time (DST).

  • Symantec acquires automated risk assessment firm

    Symantec has acquired Reston, Va.-based 4FrontSecurity, a maker of automated risk analysis and security management tools. An expert says it's the latest sign that the security risk assessment marke...

  • Schmidt: Cybersecurity a private affair

    Howard Schmidt's career in defense, law enforcement and corporate security spans nearly 40 years and includes a stint as vice president, CISO and chief security strategist for online auction giant ...

  • Microsoft cancels Patch Tuesday as DST looms

    IT administrators who are struggling to apply all their daylight-saving time (DST) patches will get a break from Microsoft next week, as no new security fixes will be released.

  • Dynamic code obfuscation: New threat requires innovative defenses

    Dynamic code obfuscation used to be a taxing effort, but now even the most junior-level malicious hackers have learned how to effectively hide their code. In this tip, Michael Cobb examines how dyn...

  • Wireshark: Taking a bite out of packet analysis

    If you need to sniff out problem packets, you don't have to spend thousands of dollars on network data analysis. Scott sidel recommends a free tool that's right under your nose: Wireshark.

  • Savvy hackers take the hardware approach

    Sophisticated hackers are finding ways to break into systems by exploiting security flaws in a computer's device drivers, physical memory and PCI cards. As Executive Editor Denni...

  • GnuPG flaw could compromise signed messages

    A flaw in the GNU Privacy Guard cryptographic system allows an attacker to insert text into a GnuPG-signed message or completely replace the original text.