For more information about the site, see the Site Index

• Mozilla fixes cross-site-scripting flaws
• Microsoft updates code analysis tool, SQL injection XSS library
• Cisco: Cybercriminals more savvy than ever in 2008
• Microsoft zero-day attacks target all versions of IE
• Cybercrime leaves cybercops in the virtual dust
• Microsoft acknowledges Internet Explorer zero-day attacks
• Flash, PDF are growing malware targets
• Data masking hides information from testers
• Microsoft fixes critical flaws in Office, IE
• Inside MSRC: Microsoft issues guidance on critical flaws
• RIM updates BlackBerry Desktop Software to fix ActiveX flaw
• PCI needs to address virtualization, experts say
• Spam declines, Web-based attacks rise, says MessageLabs
• IT security risks dismissed by boards, survey finds
• Solidcore CEO to focus security on virtualization
• Dangerous Java flaws could expose sensitive data
• Microsoft to patch critical Windows, Excel flaws
• Microsoft to embed data classification, strengthen ties with DLP
• Microsoft flaw reveals inefficient security model
• Ixia network security tool exposes problems
• Former Symantec CEO Eubanks praises Thompson
• Microsoft learns of successful RPC worm infections
• Firewall management tools aid configuration, compliance
• Web app attacks grow, but developers may fight back
• Free security tool helps track down bots
• Antimalware effectiveness put to the test
• Facebook wins spam lawsuit
• Symantec values market for stolen data at $276 million
• Apple iPhone 2.2 update includes critical security patches
• Phishing, malware laden USB sticks stoke holiday attacks
• Incubator to fund, support cybersecurity startups
• Death of a risk assessor
• Cybersecurity expert sees PCI DSS problems ahead for retailers
• Hacked dental school server compromises 300,000
• Trend Micro joins growing email encryption market
• For Symantec CEO, a legacy of growth
• New worm attacks Windows smartphones
• McColo shutdown won't stop spam, malware, warn security experts
• Critical Firefox, Safari flaws addressed
• Code Green enters consolidated DLP Market
• Web-borne malware targets unexpected industries
• Express Scripts offers reward in hacker extortion case
• VoIP tools, attacks could increase threat
• Marshal and 8e6 Technologies merge
• Microsoft patches critical XML Core Services flaw
• Critical SAP flaw leaves systems vulnerable to attack
• Inside MSRC: Microsoft addresses XML Core Services flaw, RPC flaw
• Critical infrastructure security grim, study finds
• Seagate hardware-based disk encryption could gain traction
• Attackers target critical Adobe PDF flaw
• Virtual network tool gives firm view into virtualized environment
• Microsoft to patch critical Windows flaw
• New malware exploits Microsoft RPC flaw
• Programmer charged for sniffer used in TJX breach
• Adobe issues warning for Reader, Acrobat flaws
• Phishing, identity theft keeps law enforcement, researchers occupied
• Microsoft sees OS flaws drop, application breaches rise
• Security survey finds increase in security standards adoption
• Adobe issues patch for critical PageMaker flaws
• Metaforic crosses swords with software pirates
• Security Squad: Security pros face troubles
• Security spending driven by mergers, Web 2.0 and compliance
• Sophos sees increase in malicious email attachments
• Cisco warns of security appliance flaws
• Microsoft to release urgent security patch
• Microsoft releases Windows patch to stop worm attack
• IBM issues updates to fix serious DB2 flaws
• Penetration tester explains secrets to accessing corporate systems
• Alcatel-Lucent's 3G laptop security card goes international
• IT security pros focus on internal threats during tough economy
• IRS faulted for lax security controls, dangerous data risks
• New Sun product illustrates identity management trend
• McAfee adds NAC module, appliance for unified policy enforcement
• Malicious program poses as Windows Security Center
• Adobe addresses clickjacking in latest Flash Player
• Spam network halted by U.S., New Zealand officials
• Oracle patches dangerous WebLogic flaw, critical database holes
• Security policy being bypassed by employees, survey finds
• Inside MSRC: Microsoft issues advice for critical server flaws
• Microsoft patches Active Directory, Internet Explorer flaws
• IT security pros face challenge during economic crisis
• Eleven patches due from Microsoft
• Clickjacking details released after attack proof-of-concept emerges
• Symantec to acquire MessageLabs for SaaS model
• Symantec melds DLP, archiving into information risk management
• Billy Hoffman on AJAX security and browser attacks
• Data risks take shine off Google Chrome
• Consensus Controls project aims to set benchmarks for compliance
• IBM pushes farther into security with new strategy, products
• Verizon breach study identifies industry specific threats
• New attacks reveal fundamental problems with TCP
• Sun launches open source OpenSSO for identity management
• IT security not valued at many firms, study finds
• Data loss study points out employee missteps
• Oracle DBAs cite lack of security measures
• Kaminsky: DNS issue still major threat
• IBM announcements mark two years of ISS marriage
• New certification targets software security
• Cisco releases router patches to plug critical flaws
• Browser attack technique poses serious threat



• More