March 2007

  • Windows Vista vulnerable to long-time attack method

    A researcher explains that a well-known attack carried out through StickyKeys, can be exploited in Windows Vista.

  • DST switchover causing some problems

    The earlier start to daylight-saving time (DST) went smoothly for some IT administrators, while others spent Sunday troubleshooting problems.

  • Schedule: 2007 Security Events

    Schedule: 2007 Security Events

  • Review: Elemental Security Platform gets a B+

    Elemental Security Platform is a powerful tool for monitoring and enforcing system compliance, and provides effective asset management and asset-centric access controls.

  • DST security concerns pervade bloggers

    This week in Security Blog Log: IT professionals are spending a lot of time on security issues related to this Sunday's start to daylight-saving time (DST).

  • Review: eGuardPost a B+ overall

    eGuardPost is a well-designed and highly capable product that meets an important need. It has strong security and great forensics capabilities.

  • Review: Sun Java System Identity Manager 7.0 'impressive'

    Hot Pick: Sun Java System Identity Manager 7.0 excels with agentless connectors, scalability and amazing auditing.

  • Review: DigitalPersona offers solid biometric authentication

    Enterprises looking for a biometric single sign-on solution will like what DigitalPersona Pro offers. It's easy to use and can function with single- and two-factor authentication.

  • Wireshark: Taking a bite out of packet analysis

    If you need to sniff out problem packets, you don't have to spend thousands of dollars on network data analysis. Scott sidel recommends a free tool that's right under your nose: Wireshark.

  • Dynamic code obfuscation: New threat requires innovative defenses

    Dynamic code obfuscation used to be a taxing effort, but now even the most junior-level malicious hackers have learned how to effectively hide their code. In this tip, Michael Cobb examines how dyn...

  • Microsoft cancels Patch Tuesday as DST looms

    IT administrators who are struggling to apply all their daylight-saving time (DST) patches will get a break from Microsoft next week, as no new security fixes will be released.

  • Schmidt: Cybersecurity a private affair

    Howard Schmidt's career in defense, law enforcement and corporate security spans nearly 40 years and includes a stint as vice president, CISO and chief security strategist for online auction giant ...

  • Symantec acquires automated risk assessment firm

    Symantec has acquired Reston, Va.-based 4FrontSecurity, a maker of automated risk analysis and security management tools. An expert says it's the latest sign that the security risk assessment marke...

  • GnuPG flaw could compromise signed messages

    A flaw in the GNU Privacy Guard cryptographic system allows an attacker to insert text into a GnuPG-signed message or completely replace the original text.

  • Savvy hackers take the hardware approach

    Sophisticated hackers are finding ways to break into systems by exploiting security flaws in a computer's device drivers, physical memory and PCI cards. As SearchSecurity.com Executive Editor Denni...

  • Secure Sockets Layer (SSL)

    SSL (Secure Sockets Layer) is a commonly-used protocol for managing the security of a message transmission on the Internet; it uses a program layer located between the Internet's HTTP and TCP prog...

  • Gartner: IT departments lack finances to protect data

    A new Gartner report says 15 million consumers were victimized by identity theft over 12 months, because companies keep making mistakes like those made by TJX.

  • McAfee names new CEO

    Dave DeWalt has been named the new president and CEO of McAfee Inc., which has been licking its wounds in the wake of a stock option scandal and other problems.

  • Mozilla warns of a new Firefox flaw

    Attackers could exploit the latest Firefox flaws to bypass security restrictions and hijack targeted machines. The latest version of the browser corrects the problem.

  • Apple fixes multiple QuickTime flaws

    Attackers could exploit multiple flaws in Apple QuickTime to run malicious code and take control of targeted machines, but a security update is available.