For more information about the site, see the Site Index

• Next wave of security will be defined by metrics, analysts say
• Microsoft tools won't be quick fix for SQL injection attacks
• Microsoft identifies tools to address SQL injection attacks
• Researchers defend study on patch distribution insecurities
• Symantec launches Endpoint Management Suite
• Could managed security services cause data woes?
• Fortinet acquires database vulnerability scanner from IPLocks
• Sophos finds patching issues through endpoint NAC tool
• PCI compliance extends to car washes, quick lubes
• Panel: IT governance, risk and compliance program helps reduce expenses
• Websense, Reconnex top Forrester ranking of DLP vendors
• Perimeter eSecurity acquisition shapes managed security services
• Small email security vendors thrive in saturated market
• PCI council to launch assessor quality assurance program
• Data breaches caused by employee errors, process failures
• Microsoft patches Bluetooth, Internet Explorer flaws
• Apple updates QuickTime to plug dangerous flaw
• Inside MSRC: Bluetooth, Internet Explorer issues explained
• Data breach laws have no effect on prevention, researchers say
• Gary McGraw on secure software development
• Tumbleweed merger seen as a negative for email security customers
• University gets security funding for data transfer research
• Managed security services to climb as IT costs rise
• Web threats, compromised websites skyrocket
• Virtualization tool assesses VMware security configurations
• Microsoft to repair critical Windows, Internet Explorer flaws
• Walter Reed admits breach of patient information
• CISOs adapt as compliance requires strategic thinking
• Like MLB scouts, IT security pros are turning to metrics
• Google shares struggle to manage security complexities
• Microsoft warns Apple Safari users of new vulnerability
• Stolen data ending up in Google cache, say researchers
• Adobe Flash Player flaw previously patched, Symantec says
• HP aims at IBM with application vulnerability scanning as service
• Apple patches dangerous Mac flaws
• Adobe zero day flaw being actively exploited in wild
• Societe Generale bolsters internal controls, discovers second insider
• Secure messaging complications result in limited protection
• Embedding security has drawbacks says TippingPoint chief architect
• When will attackers go mobile?
• New wave of SQL injection attacks alarm researchers
• Companies still monitoring email manually, survey finds
• NSS Labs to focus research on PCI technologies
• Microsoft Jet Database Engine update could be issue for admins
• Kaminsky on DNS rebinding attacks, hacking techniques
• Trio indicted in restaurant data security breach
• Inside MSRC: Microsoft explains Word, Publisher flaws
• Microsoft update patches critical flaws affecting Word, Publisher
• PCI portal aims compliance guidance at smaller merchants
• Virtualization security gains traction while IT budgets shrink
• Microsoft to issue critical fixes for Windows XP, Windows Server 2003
• Virtualization vendors not in the security business, says Citrix CTO
• Media file malware outbreak plagues file-sharing services
• Hacker server contains thousands of sensitive business, healthcare files
• Yahoo, McAfee to warn users of dangerous websites
• Security pros focused on internal threat, training
• Verizon issues PCI self-assessment, support docs
• Forrester: NAC ready for wider deployments
• PCI group addresses assessor issues, vendor challenges
• SQL injection attack infects hundreds of thousands of websites
• Botnet disruption raises ethical concerns among researchers
• HP customers vulnerable to software update tool flaw
• Credit card thieves target small merchants, flawed POS systems, study finds
• IBM makes push into virtualization security with Phantom
• PCI forces companies to seek log management help
• Hannaford to add encryption, bolster systems in wake of breach
• New SQL injection technique threatens Oracle databases
• Trojan downloaders, droppers skyrocket, Microsoft says
• New phishing, Zeus Trojan technique spreads crimeware
• PCI Council issues clarification on Web application security
• New hacking technique exploits common NULL programming error
• Microsoft investigates new Windows zero-day flaw
• Researchers uncover tool used to infect websites, spread malware
• Oracle fixes 41 flaws in April CPU
• Researchers warily watch for Microsoft GDI exploits
• Video: Telecom carriers bolster security services
• Microsoft eyes less obtrusive security
• RSA attendees see data classification, rights management projects stumble
• Next version of PCI DSS due in September
• Inside MSRC: Microsoft gives guidance on security updates
• At RSA, feds seek help to close widening cybersecurity gaps
• Cisco, EMC to partner on data protection, PCI
• Hitachi acquires M-Tech Systems for identity management
• Thompson calls for marriage of data and security management
• RSA's Coviello: Security professionals must spark innovation
• Microsoft's Mundie: Let's talk privacy
• Google tries to nurture culture of security
• RSA Conference begins as companies tighten security budgets
• Kraken botnet balloons to dangerous levels
• Microsoft plans security fixes for Windows, IE, Office
• Kerberos: Authentication with some drawbacks
• Video: Changes ahead for MIT Kerberos Consortium
• Hannaford breach illustrates dangerous compliance mentality
• Kerberos security evolves for B2B, mobile tech
• New Storm attack exploits April Fool's Day
• Tough questions on PCI DSS: Private networks, self-assessment and segmentation
• Hannaford breach highlights messaging system struggles
• TJX faces data audits for 20 years under FTC settlement
• Hannaford breach details indicate inside job
• Free support doesn't lead to new love for Vista SP1



• More