Information Security Policies Procedures and Guidelines

  • August 02, 2007 02 Aug'07

    Rutkowska releases code for New Blue Pill rootkit

    Joanna Rutkowska has released the source code for a new version of her Blue Pill hypervisor rootkit. The updated software was written mostly by her collaborator Alexander Tereshkin and New Blue ...

  • August 02, 2007 02 Aug'07

    Social networking or social engineering?

    Do you MySpace? You know your kids do--and chances are that a good percentage of the twenty-somethings at your company do too. And that’s a potential problem that not enough security managers are ...

  • August 02, 2007 02 Aug'07

    Granick on the move

    Noted cyberlaw attorney Jennifer Granick announced today at Black Hat that she's leaving her post at Stanford University and is headed for a position with the Electronic Frontier Foundation (EFF). ...

  • August 01, 2007 01 Aug'07

    The ballad of Richard Clarke, Part 2

    Two months ago, I sat at a breakfast during the Gartner IT Security Summit in Washington D.C., listening as former White House cybersecurity czar Richard Clarke described a bleak future in which ...

  • August 01, 2007 01 Aug'07

    Core Security’s Caceres joining Matasano Security

    Max Caceres, a key member of Core Security's product team for 10 years, is joining Matasano Security as the director of research and development. Caceres, along with Ivan Arce, Core's CTO, has been ...

  • August 01, 2007 01 Aug'07

    Security exec Moritz leaving CA

    Ron Moritz will depart after five years as CA's chief security strategist. It's the latest in a string of issues that have called the company's strategy into question.

  • July 31, 2007 31 Jul'07

    Benevolent keyloggers: Stroke of genius or hitting the wrong key?

    Keystroke loggers are nothing new. Often surreptitiously installed on a user's PC, keyloggers record keyboard actions and log them, or subsequently upload the data to a third party. It was more ...

  • July 26, 2007 26 Jul'07

    Security certifications gaining value - good times are here

    Companies are beginning to seek out more security talent in niche areas according to the latest job skill and certification research from Foote Partners LLC. Security certification premiums ...

  • July 25, 2007 25 Jul'07

    Messy URL protocol-handling drama finally winding down

    It appears that the big communal witch hunt over the URL protocol-handling bug has resulted in both Microsoft and Mozilla admitting some level of culpability. Originally, each vendor pointed the ...

  • July 23, 2007 23 Jul'07

    Privacy is the new battleground for search providers

    Microsoft is trying to upgrade its image in the privacy community a bit and on Monday the company, along with, called on other search providers to come to the table for a discussion on how ...

  • July 19, 2007 19 Jul'07

    Microsoft’s Toulouse to trek

    Stephen Toulouse is on his way out of the Microsoft Security Response Center for the less-stressful pixelated pastures of the company's entertainment unit, and that's bad news for customers. ...

  • July 13, 2007 13 Jul'07

    Oracle database security bloopers

    Our colleagues over at’s Eye on Oracle blog have been writing about some common or not-so-common security bloopers experienced by Oracle database administrators. Site Editor Tim ...

  • July 12, 2007 12 Jul'07

    Security updates galore from Cisco, McAfee and Apple

    Cisco, McAfee and Apple have added to the array of security patches Microsoft and Adobe released this week. Here's a roundup: Apple has fixed eight QuickTime flaws attackers could exploit to make ...

  • July 11, 2007 11 Jul'07

    EMC, Cisco and Microsoft form security alliance

    One of the more interesting press releases to catch my attention this morning is from Cisco, EMC and Microsoft. The IT giants have formed an alliance promising "the most comprehensive, ...

  • July 10, 2007 10 Jul'07

    A zero-day for Internet Explorer or Firefox?

    Typically, Microsoft-based zero-day flaws are disclosed the day after Patch Tuesday. This month, however, claims are circulating about a new one on the very day of Microsoft's July patch release. ...