March 2007 | Archive by Month | SearchSecurity.com | Page 5

March 2007

  • Wireshark: Taking a bite out of packet analysis

    If you need to sniff out problem packets, you don't have to spend thousands of dollars on network data analysis. Scott sidel recommends a free tool that's right under your nose: Wireshark.

  • Dynamic code obfuscation: New threat requires innovative defenses

    Dynamic code obfuscation used to be a taxing effort, but now even the most junior-level malicious hackers have learned how to effectively hide their code. In this tip, Michael Cobb examines how dyn...

  • Microsoft cancels Patch Tuesday as DST looms

    IT administrators who are struggling to apply all their daylight-saving time (DST) patches will get a break from Microsoft next week, as no new security fixes will be released.

  • Savvy hackers take the hardware approach

    Sophisticated hackers are finding ways to break into systems by exploiting security flaws in a computer's device drivers, physical memory and PCI cards. As SearchSecurity.com Executive Editor Denni...

  • GnuPG flaw could compromise signed messages

    A flaw in the GNU Privacy Guard cryptographic system allows an attacker to insert text into a GnuPG-signed message or completely replace the original text.

  • Database security undermined by protocol loopholes, lax defenses

    A database security vendor says database client-server protocols are being targeted by attackers. An analyst says enterprises are adding defenses.

  • Gartner: IT departments lack finances to protect data

    A new Gartner report says 15 million consumers were victimized by identity theft over 12 months, because companies keep making mistakes like those made by TJX.

  • McAfee names new CEO

    Dave DeWalt has been named the new president and CEO of McAfee Inc., which has been licking its wounds in the wake of a stock option scandal and other problems.

  • Apple fixes multiple QuickTime flaws

    Attackers could exploit multiple flaws in Apple QuickTime to run malicious code and take control of targeted machines, but a security update is available.

  • Mozilla warns of a new Firefox flaw

    Attackers could exploit the latest Firefox flaws to bypass security restrictions and hijack targeted machines. The latest version of the browser corrects the problem.

  • Expert: NAC not a network security cure-all

    According to an expert at Black Hat DC, NAC success demands careful planning and a good understanding of the company network; otherwise, implementations can quickly go awry.

  • WordPress upgrade fixes 'dangerous' flaw

    Developers of the open source blogging platform WordPress say users should upgrade to version 2.1.2 immediately to address a "dangerous" security hole that was recently attacked.

  • drive-by pharming

    Drive-by pharming is a vulnerability exploitation method in which the attacker takes advantage of an inadequately unprotected broadband router to gain access to user data... (Continued)

  • Black Hat RFID controversy has bloggers up in arms

    This week in Security Blog Log: Infosec pros slam HID Corp., the firm that tried to quash a Black Hat presentation on flaws in its RFID technology, calling HID the latest champion of security throu...

  • Citrix update repairs security flaw

    Also in this week's Bug Briefs: Symantec fixes Mail Security flaw, Cisco fixes Catalyst-IOS glitch; McAfee addresses a Mac OS X antivirus flaw; and Mozilla plugs Firefox holes.

  • Public wireless networks present a raft of dangers

    A company's end-users don't always have the luxury of a protected network, as many often leave the comfort of their guarded corporate environment and access the Internet from coffee shops, hotels, ...

  • Ping: Mark Odiorne

    Mark Odiorne

  • Product review: e-DMZ Security's eGuardPost

    This product review examines e-DMZ eGuardPost's capabilities that allow security managers to apply granular access controls to remote connections. The appliance also comes bundled with Security's P...

  • Security product and tools news and releases: Trend Micro, Citrix

    Get the latest news and releases on security tools and products for intrusion detection and protection, email and USB security. Get info on price, setup and installation.

  • DigitalPersona Workstation Pro and Server for Biometric Authentication

    This review evaluates DigitalPersona Pro, a single sign-on (SSO) software suite that allows an enterprise to replace passwords with biometric fingerprint readers or provide dual-factor authentication.