April 2007 | Archive by Month | SearchSecurity.com

April 2007

  • Can a certificate authority be trusted?

    It's important to verifiy a root certificate's legitimacy, but with hundreds of issued certificates, the task can be overwhelming. In this expert Q&A, Ed Skoudis reveals what research needs to be d...

  • More from SearchSecurity.com -- April 2007

    In the April 2007 edition, Information Security recognizes the best security technology with its Readers' Choice awards.

  • Symantec fixes flaw in multiple products

    In other vulnerability news, a critical flaw is found in Adobe Photoshop and Cisco fixes flaws affecting a number of its products.

  • Can keyloggers monitor mouse clicks and keyboard entries?

    Keyloggers may be a security manager's best friend, especially if he or she wants to monitor an employee's keyboard entries. Keyloggers can't do it all, though, says application expert Michael Cobb.

  • New image spam sneaks into inboxes

    Researchers at Secure Computing Corp. have discovered a new form of image spam that is sneaking into corporate systems and clogging inboxes.

  • Will disabling thumb drives affect keyboard and mouse functions?

    Shutting down USB drives altogether may be a wise decision for your enterprise, but what does that mean for systems that rely exclusively on USB for the keyboard and mouse? Security threat expert E...

  • Is it possible to prevent email forwarding?

    For professionals who send sensitive information through email, it may be useful to prevent message forwarding. Not so fast, says Ed Skoudis. SearchSecurity.com's information security threat expert...

  • Websense to acquire SurfControl

    Websense says its planned $400 million acquisition of SurfControl will allow it to better compete in the global security market.

  • Should USB token data be copied to a hidden directory called 'IEDW?'

    If the data from your USB token is being copied into a hidden directory called "IEDW," be extra cautious. Whether spyware is the root of the problem or not, security threat expert Ed Skoudis explai...

  • Mac hack puts Apple faithful on the defense

    This week in Security Blog Log: A much-hyped QuickTime exploit threatens Mac OS X and Windows browsers, but the Apple faithful feel the greatest sting.

  • Private sector should learn from government insecurity

    The State Department hearings drew attention to the serious security problems that plague government networks. Federal security improvements will help push private sector progress.

  • How vulnerable are network printers?

    Security personnel often don't give network printers much attention; after all, they are "only printers." In this SearchSecurity.com Q&A, Ed Skoudis explains why such devices are, in fact, a juicy...

  • President's ID theft task force gets mixed review

    The White House ID theft task force's recommendations are being called a step in the right direction. But one group says they fail to address insecurity at government agencies.

  • Laptop theft affects 160,000 Neiman Marcus employees

    A laptop, stolen from a consultant, contained sensitive data of about 160,000 current and former Neiman Marcus employees.

  • Compliance drives security configuration management

    IT operations is turning to software that monitors security configurations across the enterprise to meet a number of regulations.

  • What is an Nmap Maimon scan?

    Systems are often designed to hide out on a network. In this SearchSecurity.com Q&A, network security expert Mike Chapple explains how Nmap Maimon scans can get a response out of them.

  • Building application firewall rule bases

    Security professionals have worked hard in recent years to tighten up their security controls, but they often neglected one area: the application layer. In this tip, Mike Chapple explains how a car...

  • Mac hack tied to Apple QuickTime flaw

    A researcher won a Mac hacking contest by exploiting a hole in Apple QuickTime. The flaw is also a threat to those who use Firefox, Safari and Windows.

  • How secure is the Chip and PIN card system?

    In this SearchSecurity.com Q&A, identity management and access control expert Joel Dubin discusses the Chip and PIN card system and examines whether or not it would be productive in the United States.

  • Choosing the right public key algorithm: RSA vs. Diffie-Hellman

    In this SearchSecurity.com expert response, Joel Dubin explores two different public key encryption algorithms and discusses how to make the right choice for your information security needs.