March 2007

  • Phishing risk seen in new IE 7 flaw

    Microsoft said it is investigating a flaw in Internet Explorer 7 (IE 7) attackers could exploit to launch phishing expeditions.

  • Google boosts privacy, but storage glut continues

    Google is right in making its server log data anonymous after 18-24 months. But the mammoth amount of data being collected is still a major concern.

  • What are the benefits of a tunnelless VPN?

    In this SearchSecurity.com Q&A, network security expert Mike Chapple reviews two common tunnelless VPNs: Secure Sockets Layer (SSL) and Group Encrypted Transport (GET).

  • DOS flaw affects BlackBerry devices

    Attackers could exploit a flaw in BlackBerry Device Software versions 4.2 and earlier to cause a denial of service, but a service pack upgrade will correct the problem.

  • Image spam tricks spam filters, clogs networks

    IT pros are adding multi-layered spam filters to deal with the incursion, but some say it's still a losing battle.

  • Do information leak prevention products protect critical data?

    Can one product really protect your enterprise from an information leak? In this expert Q&A, Mike Chapple examines the content protection market and warns users to keep realistic expectations.

  • Podcast: Security360 - SOA, Web Services Security

    ZapThink analyst Jason Bloomberg offers an overview of the security issues unique to SOA environments, while executives from SAP and Oracle discuss how they address SOA security in their software.

  • What are the risks of social networking sites?

    Social networking sites allow someone to post information that thousands of other users can read. But that's not at all. In this Q&A, information security threats expert Ed Skoudis reveals how site...

  • Online game exploits threaten IT security

    Gary McGraw, chief technology officer of Dulles, Va.-based security firm Cigital Inc., is a security luminary with several books to his credit, including "Software Security: Building Security In," ...

  • Apple patches dozens of dangerous Mac flaws

    The software vendor issued an update to address 45 flaws, including several kernel issues, disk image handling problems and AppleTalk networking troubles.

  • OpenBSD open to remote kernel vulnerability

    A flaw in several versions of the popular operating system could give attackers complete control over vulnerable machines. A patch has been released.

  • Security information management finally arrives, thanks to enhanced features

    Integrating all varieties of security information onto one dashboard is a compelling idea, but SIM products have often missed the mark. That, however, may be changing. In this tip, Mike Rothman rev...

  • What tools can remove rookits or prevent their installation?

    Once installed, rootkits can stealthily monitor your traffic and keystrokes. In this SearchSecurity.com Q&A, information security threats expert Ed Skoudis offers four ways to keep the malware off ...

  • What are common kinds of mobile spyware?

    When it comes to mobile spyware, there are almost too many types. Luckily, in this expert Q&A, Ed Skoudis narrows down the field and reveals how to defend against browser exploits, file droppers an...

  • Go Daddy investigates source of attack

    Domain name registrar-Web site host Go Daddy suffered a sustained distributed denial-of-service attack Sunday. The source and motive of the assault is still under investigation.

  • TJX data breach faces FTC probe

    The Federal Trade Commission (FTC) confirmed it is investigating events surrounding the data breach at TJX Companies Inc. TJX says it is cooperating with investigators.

  • NAC and endpoint security: The hard questions

    Joel Snyder covers challenging endpoint security questions and explains how NAC technology can address them.

  • How well does virtualization technology defend against malware?

    Virtualization products can protect your host operating system from malware, but the their detection methods aren't foolproof. In this expert Q&A, information security threats expert Ed Skoudis exp...

  • What are polymorphic viruses?

    Polymorphic viruses are built to dodge signature-based detection technologies. In this expert Q&A, Ed Skoudis examines the morphing malware and reveals which defenses are keeping up with the threat.

  • DST switchover causing some problems

    The earlier start to daylight-saving time (DST) went smoothly for some IT administrators, while others spent Sunday troubleshooting problems.