Security Management Strategies for the CIO-
Microsoft warns Apple Safari users of new vulnerability
In a warning issued to customers late Friday, Microsoft urged Safari users to change the browser's default download location.31 May 2008
-
Stolen data ending up in Google cache, say researchers
Unprotected hacker drop sites are being crawled by search engines. Passwords, Social Security numbers and sensitive business information can be uncovered with a simple search.30 May 2008
-
Can a hacker actually post malicious scripts to any server using a drop-down list?
By viewing a page's HTML source code and writing malicious scripts to a drop-down list, hackers may be able to re-post the malicous page to the server. In this security threats expert response, lea...30 May 2008
-
The New School of Information Security
In this chapter excerpt from "The New School of Information Security," authors Adam Shostack and Andrew Stewart explain why the use and abuse of security language calls for a fresh and innovative w...29 May 2008
-
HP aims at IBM with application vulnerability scanning as service
HP offers application scanning as a service to meet IBM's Watchfire AppScan OnDemand software. Interest is being driven by the growing use of Web applications.29 May 2008
-
Apple patches dangerous Mac flaws
Apple issued updates to correct SSL certificate handling in Safari, video handling bugs and several graphics handling flaws that could be exploited remotely.29 May 2008
-
Adobe Flash Player flaw previously patched, Symantec says
Security researchers said the threat is minimal, because attacks in the wild are targeting previous versions of Adobe's media player.29 May 2008
-
What are the pros and cons of zero-knowledge penetration tests?
A penetration tester with no previous knowledge of the site being tested may be able to give some insight unavailable to other forms of penetration testing, but there are pros and cons. Expert Mich...29 May 2008
-
Adobe zero day flaw being actively exploited in wild
Researchers discovered more than 200,000 Web pages set up to exploit a zero day in Adobe Flash Player.28 May 2008
-
To what exactly would a request for biometric data from an insurance provider pertain?
Biometric data serves only to verify identity. Identity and expert management expert Joel Dubin explains what an insurance company might want with biometric data.28 May 2008
-
Countdown: Top five ways to sell NOC/SOC integration
NOC/SOC integration offers enterprises a number of benefits, but time and trouble of making the conversion is enough to make executives wary. In this podcast, learn key insights about the business ...28 May 2008
-
Screencast: An introduction to the Open Source Security Testing Methodology Manual (OSSTMM)
Watch Peter Giannoulis as he introduces the Open Source Security Testing Methodology Manual (OSSTMM)and demonstrates how it can be used to defend machines from a brute-force dictionary attack.27 May 2008
-
Societe Generale bolsters internal controls, discovers second insider
Trader Jerome Kerviel conducted more than $7 billion in fraudulent trades with the help of an assistant, according to an investigation conducted by banking giant Societe Generale27 May 2008
-
During a breach, how much information should be given out?
A security manager's nightmare: There's been a data breach, and it's time to pick up the pieces. But to recover as quickly as possible, who needs to know what about the data breach, and when? Secur...27 May 2008
-
Security breach management: Planning and preparation
All organizations face the risk of an information security breach. While it can be a gut-wrenching ordeal, learning how to manage a breach can make it much easier to contain the damage. In this tip...27 May 2008
-
Secure messaging complications result in limited protection
The market is hindered by multiple standards and deployment options, analyst says.27 May 2008
-
What's the best way to get started mapping business processes to security frameworks?
Consolidating effort by mapping security controls to business frameworks is a great way to save time. But how implementable is it?23 May 2008
-
Embedding security has drawbacks says TippingPoint chief architect
Brian Smith, a founder and chief architect of TippingPoint discusses the evolution of his new architecture and explains why embedding security in switches and routers has drawbacks.23 May 2008
-
When will attackers go mobile?
Mobile malware has not been the great threat that many independent security experts have predicted, but they still predict the threat will come.22 May 2008
-
The 'security standards dilemma': Network segmentation and PCI Compliance
The Hannford Bros. data security breach led many to believe that even PCI-compliant organizations did not properly segment their networks -- or that PCI does not adequately address the importance o...21 May 2008
-
News
-
Latest Headlines
-
Featured
-
Information Security Magazine
The information security pro’s resource for keeping corporate data, applications and devices secure
Download Now!
-
-
-
Premium
Editorial-
E-Books
-
E-Zines
-
E-Handbooks
-
- Multimedia
-
Security
Topics-
Topics
- Enterprise Data Protection
- Application and Platform Security
- Enterprise Identity and Access Management
- Government IT Security Management
- Information Security Threats
- Information Security Careers, Training and Certifications
- Security Audit, Compliance and Standards
- Security for the Channel
- Enterprise Network Security
- Information Security Management
-
Hot Topics
-
-
Tutorials
-
Advice & Tutorials
-
Technology Dictionary
-
-
Expert
Advice-
Tips
-
Answers
-
Ask a Question
-
-
White
Papers-
Research Library
-
Product Demos
-
Resource Centers
-
- Blogs
-
Certification
Central