April 2007 | Archive by Month | SearchSecurity.com | Page 4

April 2007

  • Despite new Windows flaws, ANI still preoccupies

    This week in Security Blog Log: IT professionals continue to worry about the ANI flaw even though there are new Windows flaws to worry about.

  • Malware outbreak 'largest in almost a year'

    Security firm Postini and the SANS Internet Storm Center said they are tracking a significant malware outbreak. Postini calls it the biggest email attack in almost a year.

  • Inside MSRC: Windows Vista security update explained

    Microsoft's Christopher Budd details the first Windows Vista security updates.

  • Scaling back Web browser security expectations

    Some say the state of Web browser security is in peril because browsers often fail to act as a first line of defense against malware. Does that mean there's a browser architecture crisis? Web secur...

  • Microsoft investigates new Office zero-day flaws

    On the same day Microsoft released five security updates for Windows and Content Management Server, McAfee reported possible new zero-day flaws in Office.

  • The changing threat of email attacks

    In this Messaging Security School lesson, expert Mike Rothman details the state of next-generation email threats, explores reputation systems and uncovers threats AV can't catch.

  • Apple fixes flaws in AirPort Extreme Base Station

    Attackers could exploit a pair of flaws in Apple's AirPort Extreme Base Station to bypass security restrictions and access sensitive data. Apple has released a fix.

  • Oracle to patch 37 flaws

    Database giant Oracle Corp. offered a preview of its April Critical Patch Update (CPU). Fixes are planned for 37 flaws across its product line.

  • Microsoft releases four critical patch updates

    The security patches Microsoft released Tuesday include four critical fixes for Windows and Content Management Server. One expert described two of the flaws as very wormable.

  • Symantec fixes 'high-risk' flaw in Enterprise Security Manager

    Attackers could hijack machines from remote locations by exploiting a flaw in Symantec Enterprise Security Manager (ESM). Kaspersky Lab users also have a flaw to deal with.

  • How can hackers bypass proxy servers?

    Hackers are bypassing proxy servers all the time and doing so for a variety of reasons. In this SearchSecurity.com expert Q&A, Ed Skoudis points out the holes in your protective filtering tools.

  • Why can't antimalware tools scan inside virtual machines?

    You'd think that it would be easy for an antimalware tool to see what's going on inside a virtual workstation. Unfortunately, it's not. In this expert Q&A, Ed Skoudis explains the difficulty of sca...

  • WEP crack demonstrates need for WPA2

    A new paper highlighting the weakness of Wired Equivalent Privacy (WEP) is a call to all users to switch to the more secure Wi-Fi Protected Access 2 (WPA2).

  • Can service providers prevent DDoS attacks?

    The results of a DDoS attack can be crippling, but what are service providers doing about the threat? In this SearchSecurity.com Q&A, Ed Skoudis explains how innovative ISPs are raising the bar -- ...

  • Will the botnet threat continue?

    Is the botnet threat here to stay? In this SearchSecurity.com Q&A, information security threat expert Ed Skoudis explains how these money-making machines will become a greater threat in 2007.

  • How can attackers exploit RSS software flaws?

    RSS syndication feeds are a convenient way to get your news, blogs or other favorite content, but these popular tools are often left exposed. In this SearchSecurity.com Q&A, Ed Skoudis explains how...

  • Spam campaign uses Storm-like attack technique

    Spammers used an attack technique much like last January's "Storm" assault to dupe people into downloading malware over the weekend. This time, they used fake WWIII headlines.

  • Vista SP1: To be or not to be?

    This week in Security Blog Log: The owner of The Hotfix.net blog sparks controversy by posting what he claims are 100 fixes slated for Windows Vista Service Pack 1 (SP1).

  • Polymorphic viruses call for new antimalware defenses

    Attackers are always looking for innovative ways to dodge antivirus software, and many of the bad guys are now creating polymorphic code to do just that. But it's not just the malware writers who a...

  • Firm takes steps to address email management security risks

    Frank Chambers, director of security management at Constellation Energy explains how his firm manages email risk.