Security Management Strategies for the CIO-
Microsoft cites software security progress despite sluggish ASLR support
Microsoft's 2010 SDL progress report praised the software security program's steady progress, but points out room for further improvements.30 Mar 2011
-
Security School Course Catalog from SearchSecurity.com
A catalog of our free online security courses led by information security experts on popular security topics.30 Mar 2011
-
Hackers find McAfee.com website vulnerabilities
More than a dozen errors at McAfee.com and its software download site could lead to cross-site scripting or other attacks, according to a group of hackers that discovered the flaws.29 Mar 2011
-
Massachusetts levies data breach fines against restaurant group
Massachusetts Attorney General Martha Coakley announced a $110,000 settlement against the owner of several Boston area bars for failing to secure its patrons' personal information.29 Mar 2011
-
Secure browsing: Free plug-in lessens social networking security risks
Looking for ways to improve employees' browsing security? Learn about the free SecureBrowsing plug-in from M86 Security that can lessen social networking security risks.28 Mar 2011
-
Hackers use blind SQL injection attack to crack Oracle-Sun, MySQL.com
Attack enabled hackers to gain access to various databases containing account credentials associated with the website.28 Mar 2011
-
Cybercriminals target corporate IP, McAfee survey finds
Organizations are failing to protect corporate trade secrets, despite cybercriminals finding a corporations' proprietary information growing in value.28 Mar 2011
-
McAfee strikes first deal under Intel for database monitoring software
The security giant is expanding into the database security market, announcing its intention to acquire Sentrigo. The terms of the deal were not released.23 Mar 2011
-
Comodo warns of serious SSL certificate breach
A breach at a registration authority caused Comodo to issue nine fraudulent certificates, enabling an attacker to impersonate some major websites and servers.23 Mar 2011
-
How to defend against pivot attacks in the enterprise
Nick Lewis explains what a pivot attack is and tells how to go about defending your organization against this threat.22 Mar 2011
-
spear phishing
Spear phishing is an e-mail spoofing fraud attempt that targets a specific organization, seeking unauthorized access to confidential data. As with the e-mail messages used in regular phishing expe...22 Mar 2011
-
Understanding SCAP NIST guidance and using SCAP tools to automate security
The Security Content Automation Protocol (SCAP) is intended to help automate vulnerability management, but is it really effective? Learn how NIST guidance can help you navigate an SCAP implementation.22 Mar 2011
-
PCI DSS 2011: Key themes to watch
Thanks to the debut of PCI DSS 2.0, interest in PCI compliance is likely at an all-time high. Senior Site Editor Eric B. Parizo discusses why in his look at key PCI DSS 2011 issues.22 Mar 2011
-
PCI DSS questions answered: Solutions to tough PCI problems
Experts Diana Kelley and Ed Moyle answer your PCI DSS questions and give advice on how to solve your enterprise's toughest PCI problems.22 Mar 2011
-
Common Weakness Enumeration (CWE)
Common Weakness Enumeration (CWE) is a universal online dictionary of weaknesses that have been found in computer software... (Continued)21 Mar 2011
-
Mobile payments prompt response from PCI DSS Council
Technologies that enable credit card payments via mobile phones have prompted the PCI Council to start a mobile task force.21 Mar 2011
-
RSA SecurID breach fallout should be limited, experts say
Experts say the risk of an attack that exploits stolen proprietary data on RSA's SecurID products is low, but it can't be completely dismissed until attack details are revealed.18 Mar 2011
-
How DAM can help detect and trace attacks
In this lesson, explore effective deployment techniques and configurations to best detect and trace attacks, explain different use cases, and ensure the data your tool collects is accurate and does...18 Mar 2011
-
BlackBerry urges users to disable Javascript, halt browser in wake of flaws
A dangerous vulnerability affecting the BlackBerry browser can be used to gain access to sensitive data or steal the phone's contact list and image database.17 Mar 2011
-
RSA breached in APT attack; SecureID info stolen
Company warns customers that SecurID product data was stolen in sophisticated attack.17 Mar 2011
-
News
-
Latest Headlines
-
Featured
-
Information Security Magazine
The information security pro’s resource for keeping corporate data, applications and devices secure
Download Now!
-
-
-
Premium
Editorial-
E-Books
-
E-Zines
-
E-Handbooks
-
- Multimedia
-
Security
Topics-
Topics
- Enterprise Data Protection
- Application and Platform Security
- Enterprise Identity and Access Management
- Government IT Security Management
- Information Security Threats
- Information Security Careers, Training and Certifications
- Security Audit, Compliance and Standards
- Security for the Channel
- Enterprise Network Security
- Information Security Management
-
Hot Topics
-
-
Tutorials
-
Advice & Tutorials
-
Technology Dictionary
-
-
Expert
Advice-
Tips
-
Answers
-
Ask a Question
-
-
White
Papers-
Research Library
-
Product Demos
-
Resource Centers
-
- Blogs
-
Certification
Central