May 2007

  • phishing

    Phishing is an e-mail fraud method in which the perpetrator sends out legitimate-looking email in an attempt to gather personal and financial information from recipients.31 May 2007

  • digital signature (electronic signature)

    A digital signature (not to be confused with a digital certificate) is an electronic rather than a written signature that can be used by someone to authenticate the identity of the sender of a mess...31 May 2007

  • Top spammer indicted on email fraud, identity theft

    The arrest may reduce the volume of spam in the short-term, say experts and analysts, but the real spam threat comes from criminal gangs based in Asia and Russia.31 May 2007

  • Sclavos's VeriSign departure leaves many questions unanswered

    Some industry observers say disagreements fueled his resignation, but others say Sclavos's abrupt departure revolved around his role in VeriSign's options accounting practices.31 May 2007

  • Two men plead guilty in supermarket data security breach

    Two Los Angeles area men plead guilty to using devices to bilk debit and credit card data from Stop & Shop supermarkets in Massachusetts and Rhode Island.31 May 2007

  • What should be done with a RAID-5 array's failed drives?

    Even one failed drive in a RAID-5 array can present an enterprise with serious data protection concerns. In this SearchSecurity.com Q&A, expert Michael Cobb explains which policies can protect and ...31 May 2007

  • Springing leaks: Getting smart about data loss prevention

    Companies are showing increased interest in data loss prevention (DLP) products, but they won't work well unless the business needs are understood and well defined.31 May 2007

  • Should fuzzing be part of the secure software development process?

    Fuzzing, a common software-testing method, should not be your only vulnerability assessment technique. In this SearchSecurity.com Q&A, Michael Cobb reviews how passing a fuzz test does not always m...31 May 2007

  • Mozilla fixes potential DoS flaws in firefox

    Firefox versions 2.0.0.4 and 1.5.0.12 fix flaws attackers could exploit to do a variety of damage. Mozilla says this is the final update for Firefox 1.5.31 May 2007

  • What are the drawbacks to application firewalls?

    Application-layer firewalls examine ingoing and outgoing traffic more carefully than traditional packet-filtering firewalls, so why are some holding back on deployment? In this SearchSecurity.com Q...31 May 2007

  • Check Point promises more VoIP security, fewer slowdowns

    Check Point's enhanced Open Performance Architecture is designed for deeper security of technologies like VoIP without the network performance problems that often come with it.31 May 2007

  • The man behind the Month of Search Engine Bugs speaks

    Ukrainian security researcher Eugene Dokukin, more widely known by his online name MustLive, is about to launch a new "Month-of" flaw disclosure project focusing on search engine bugs, at a time wh...30 May 2007

  • How secure are document scanners and other 'scan to email' appliances?

    Copiers and document scanners have always posed challenges for information security teams. In this SearchSecurity.com Q&A, Michael Cobb reveals how the right policies can control the use (and abuse...30 May 2007

  • Apple tackles a new QuickTime flaw

    For the second time in a month, Apple has been forced to fix a QuickTime flaw attackers could exploit to access sensitive system data and run malicious code.30 May 2007

  • Google dives into security market

    Search engine giant Google has acquired security startup GreenBorder Technologies, making it a bigger player in the wider information security market.30 May 2007

  • plaintext

    In cryptography, plaintext is ordinary readable text before being encrypted into ciphertext or after being decrypted.29 May 2007

  • Sender Policy Framework (SPF)

    Sender Policy Framework (SPF) is an anti-spam approach in which the Internet domain of an e-mail sender can be authenticated for that sender, thereby discouraging spam mailers, who routinely disgui...29 May 2007

  • steganography

    Steganography (pronounced STEHG-uh-NAH-gruhf-ee, from Greek steganos, or "covered," and graphie, or "writing") is the hiding of a secret message within an ordinary message and the extraction of it ...29 May 2007

  • Public-Key Cryptography Standards (PKCS)

    The Public-Key Cryptography Standards (PKCS) are a set of intervendor standard protocols for making possible secure information exchange on the Internet using a public key infrastructure (PKI).29 May 2007

  • security policy

    In business, a security policy is a document that states in writing how a company plans to protect the company's physical and information technology (IT) assets.29 May 2007