Security Management Strategies for the CIO-
Apple patches multiple iPhone flaws
Apple's firmware update Thursday addressed a series of flaws in the iPhone while delivering a little payback to those with unlocked iPhones.28 Sep 2007
-
What are the risks of logging into a botnet control channel?
By sniffing traffic as an infected machine logs into a botnet, it may possible to see an attacker's commands. Using that information to interact with the botnet, however, is dangerous, says informa...27 Sep 2007
-
Are iPhone security risks different than those of other mobile devices?
The security risks of an iPhone are comparable to other wireless devices, but the iPhone does bring some special issues that are a cause for concern.27 Sep 2007
-
Will allowing virtual machines increase risk exposure?
Implementing enterprise virtual machines can lead to invisible pockets of software in a work environment. In this expert Q&A, Ed Skoudis explains what kind of bargain you can strike with VM users.27 Sep 2007
-
Researcher says AIM still vulnerable, AOL insists it's fixed
Contrary to previous reports, AOL Instant Messenger is still open to attack, a researcher claims. But AOL says it addressed the researcher's finds with a more permanent fix.27 Sep 2007
-
Serious Google Gmail flaw exposes sensitive user data
A cross-site scripting vulnerability in Gmail allows attackers to silently forward emails and view sensitive data.27 Sep 2007
-
Microsoft Windows background update blocks 80 patches
A Windows expert says the repair feature of Windows XP has been knocked off balance by a silent update Microsoft pushed out in July and August.27 Sep 2007
-
iPhone shellcode hits the Web
Metasploit creator HD Moore has published shellcode for Apple's iPhone, turning the device into a pocket-sized attack platform.26 Sep 2007
-
Does single sign-on (SSO) improve security?
In this expert response, security pro Joel Dubin discusses the impact that enterprise single sign-on (SSO) can have on a security program.26 Sep 2007
-
Serious security flaw in AOL Instant Messenger
Researchers at Core Security say attackers could run malware on targeted computers by exploiting a flaw in the widely-used AOL Instant Messenger (AIM) application.26 Sep 2007
-
Ask.com toolbar contains 'Highly critical' flaw
Attackers could exploit a serious security flaw in Ask.com's popular Internet Explorer toolbar to execute malicious code on targeted computers, researchers warn.26 Sep 2007
-
Identity-enabled network devices promise extra layer of authentication
Why only authenticate users when organizations can authenticate devices as well? As Joel Dubin writes, the technology exists for enterprises to add a extra layer of security to their networks, but ...25 Sep 2007
-
TJX should have had stronger Wi-Fi encryption, say Canadian officials
TJX Cos. should have moved faster to upgrade its Wi-Fi security from WEP encryption to WPA encryption, say Canadian officials.25 Sep 2007
-
IBM patches security flaws in Tivoli Storage Manager
Attackers could exploit two security flaws in IBM Tivoli Storage Manager to access sensitive data, but the computing giant has released security updates.25 Sep 2007
-
Canadian officials to release TJX report, settlement nears
Canadian data privacy officials plan to release a report outlining the TJX data security breach just days after TJX reached a tentative settlement with victims.25 Sep 2007
-
Dissecting compliance workflow processes
Building and maintaining a compliance workflow process sounds daunting, but it's not all that different from other enterprise business processes. Special guest Compliance School instructor Tom Bowe...24 Sep 2007
-
Security questions irritate VMware, but critics see holes
VMware needs to develop a sound security strategy and use its Determina acquisition to bolster its defenses24 Sep 2007
-
What are the pros and cons of using keystroke dynamic-based authentication systems?
In this SearchSecurity.com Q&A, security pro Joel Dubin discusses the positive and negative aspects of using keystroke dynamic-based authentication systems.21 Sep 2007
-
What mistakes are made when implementing enterprise IAM systems?
In this SearchSecurity.com Q&A, security expert Joel Dubin unveils the biggest mistakes made by corporations during identity and access management system implementation, and offers advice on how to...21 Sep 2007
-
VirusTotal: On-demand antivirus service scans malicious files
When several AV scanners are installed on the same system, they are notorious for stepping all over each other. Fortunately, the resources of more than 30 antivirus scanner engines are just a Web-...21 Sep 2007
-
News
-
Latest Headlines
-
Featured
-
Information Security Magazine
The information security pro’s resource for keeping corporate data, applications and devices secure
Download Now!
-
-
-
Premium
Editorial-
E-Books
-
E-Zines
-
E-Handbooks
-
- Multimedia
-
Security
Topics-
Topics
- Enterprise Data Protection
- Application and Platform Security
- Enterprise Identity and Access Management
- Government IT Security Management
- Information Security Threats
- Information Security Careers, Training and Certifications
- Security Audit, Compliance and Standards
- Security for the Channel
- Enterprise Network Security
- Information Security Management
-
Hot Topics
-
-
Tutorials
-
Advice & Tutorials
-
Technology Dictionary
-
-
Expert
Advice-
Tips
-
Answers
-
Ask a Question
-
-
White
Papers-
Research Library
-
Product Demos
-
Resource Centers
-
- Blogs
-
Certification
Central