Information Security Policies Procedures and Guidelines

  • September 20, 2007 20 Sep'07

    IT admins run into trouble with Microsoft Office 2003 SP3

    IT shops may be eager to download Microsoft Office 2003 Service Pack 3 (SP3), which includes many of the security enhancements found in the 2007 release, but don't expect a smooth deployment ...

  • September 17, 2007 17 Sep'07

    Sourcefire unveils adaptive IPS

    Sourcefire, maker and seller of the wildly popular Snort IDS tool, has just unveiled 3D System version 4.7, which it bills as the industry’s "first-ever" adaptive IPS. While traditional IPS vendors ...

  • September 17, 2007 17 Sep'07

    McAfee launches Security Innovation Alliance

    There's some news today that'll be of interest to McAfee users: The company has just launched a new program for tech companies that want to integrate with McAfee ePolicy Orchestrator. The McAfee ...

  • September 12, 2007 12 Sep'07

    Verizon gets new CISO

    Only a month after its major acquisition of Cybertrust, Verizon is experiencing a change of leadership in its top security post. Verizon CISO Jim Trainor announced his intention to retire at the ...

  • September 11, 2007 11 Sep'07

    Virtually secure

    I have to admit to being surprised by the size of the VMWorld show out here in San Francisco. I knew there was a lot of interest in virtualization these days, but there's upwards of 10,000 ...

  • September 07, 2007 07 Sep'07

    Cryptography and the double yellow line

    While perusing the security blogosphere this week I came across a pretty amusing entry in the Worse than Failure blog from Alex Papadimoulis, principal member of Inedo, LLC, an Ohio-based company ...

  • September 04, 2007 04 Sep'07

    All the IT in China

    The Financial Times has an interesting story today claiming that attackers affiliated with the Chines army have compromised some unknown number of machines at the Pentagon recently. The story is a ...

  • August 29, 2007 29 Aug'07

    FBI’s DCS-3000 wiretap system exposed to the light of day

    The FBI has delivered a treasure trove of documents on its DCS-3000 electronic surveillance system, which paint a fairly distressing picture of the system itself and the ways in which it is used. ...

  • August 28, 2007 28 Aug'07

    How to run arbitrary code on a VMware guest OS

    The folks at VMware have been in the news quite a bit of late, thanks to their big IPO and their discreet acquisition of Determina a couple of weeks ago. Now, the company's core virtualization ...

  • August 24, 2007 24 Aug'07

    The day(s) the Skype universe stood still

    Up to this point I've resisted writing about last week's Skype outage, simply because I found it hard to see clear security implications. I could see no solid evidence that the outage was caused by ...

  • August 17, 2007 17 Aug'07

    TJX and the power of plunging profits

    TJX was back in the news this week, reporting that its bottom line took a second-quarter beating because of the massive security breach that exposed more than 45 million customers to identity ...

  • August 14, 2007 14 Aug'07

    Former CA chief Kumar headed to jail today

    After several years of legal wrangling, civil suits, asset sales and negotiations, Sanjay Kumar, the former CEO of CA, finally will report to jail on Tuesday to begin serving a 12-year sentence for ...

  • August 14, 2007 14 Aug'07

    Changes afoot at Kaspersky Lab

    With a lot of security vendors being acquired and merged into the operations of larger IT infrastructure companies these days, Kaspersky Lab appears to be making plans for a slightly different ...

  • August 10, 2007 10 Aug'07

    Defcon organizers mishandled outing of NBC reporter

    There's been a lot of back and forth in the blogosphere this past week about the outing of a Dateline NBC reporter at Defcon, and some of the more interesting reaction has been among various ...

  • August 02, 2007 02 Aug'07

    Rutkowska releases code for New Blue Pill rootkit

    Joanna Rutkowska has released the source code for a new version of her Blue Pill hypervisor rootkit. The updated software was written mostly by her collaborator Alexander Tereshkin and New Blue ...