For more information about the site, see the Site Index

• Websense, Reconnex top Forrester ranking of DLP vendors
• Perimeter eSecurity acquisition shapes managed security services
• PCI council to launch assessor quality assurance program
• Small email security vendors thrive in saturated market
• Data breaches caused by employee errors, process failures
• Apple updates QuickTime to plug dangerous flaw
• Microsoft patches Bluetooth, Internet Explorer flaws
• Inside MSRC: Bluetooth, Internet Explorer issues explained
• Data breach laws have no effect on prevention, researchers say
• University gets security funding for data transfer research
• Tumbleweed merger seen as a negative for email security customers
• Gary McGraw on secure software development
• Managed security services to climb as IT costs rise
• Microsoft to repair critical Windows, Internet Explorer flaws
• Web threats, compromised websites skyrocket
• Virtualization tool assesses VMware security configurations
• Walter Reed admits breach of patient information
• CISOs adapt as compliance requires strategic thinking
• Like MLB scouts, IT security pros are turning to metrics
• Google shares struggle to manage security complexities
• Microsoft warns Apple Safari users of new vulnerability
• Stolen data ending up in Google cache, say researchers
• Adobe Flash Player flaw previously patched, Symantec says
• HP aims at IBM with application vulnerability scanning as service
• Apple patches dangerous Mac flaws
• Adobe zero day flaw being actively exploited in wild
• Secure messaging complications result in limited protection
• Societe Generale bolsters internal controls, discovers second insider
• Embedding security has drawbacks says TippingPoint chief architect
• When will attackers go mobile?
• New wave of SQL injection attacks alarm researchers
• Companies still monitoring email manually, survey finds
• NSS Labs to focus research on PCI technologies
• Microsoft Jet Database Engine update could be issue for admins
• Kaminsky on DNS rebinding attacks, hacking techniques
• Trio indicted in restaurant data security breach
• Inside MSRC: Microsoft explains Word, Publisher flaws
• Microsoft update patches critical flaws affecting Word, Publisher
• PCI portal aims compliance guidance at smaller merchants
• Microsoft to issue critical fixes for Windows XP, Windows Server 2003
• Virtualization security gains traction while IT budgets shrink
• Virtualization vendors not in the security business, says Citrix CTO
• Media file malware outbreak plagues file-sharing services
• Yahoo, McAfee to warn users of dangerous websites
• Hacker server contains thousands of sensitive business, healthcare files
• Security pros focused on internal threat, training
• Verizon issues PCI self-assessment, support docs
• Forrester: NAC ready for wider deployments
• PCI group addresses assessor issues, vendor challenges
• SQL injection attack infects hundreds of thousands of websites
• HP customers vulnerable to software update tool flaw
• Botnet disruption raises ethical concerns among researchers
• Credit card thieves target small merchants, flawed POS systems, study finds
• IBM makes push into virtualization security with Phantom
• New SQL injection technique threatens Oracle databases
• PCI forces companies to seek log management help
• Hannaford to add encryption, bolster systems in wake of breach
• Trojan downloaders, droppers skyrocket, Microsoft says
• PCI Council issues clarification on Web application security
• New phishing, Zeus Trojan technique spreads crimeware
• New hacking technique exploits common NULL programming error
• Microsoft investigates new Windows zero-day flaw
• Researchers uncover tool used to infect websites, spread malware
• Researchers warily watch for Microsoft GDI exploits
• Oracle fixes 41 flaws in April CPU
• Video: Telecom carriers bolster security services
• Microsoft eyes less obtrusive security
• RSA attendees see data classification, rights management projects stumble
• Next version of PCI DSS due in September
• Inside MSRC: Microsoft gives guidance on security updates
• Microsoft's Mundie: Let's talk privacy
• RSA's Coviello: Security professionals must spark innovation
• Thompson calls for marriage of data and security management
• Hitachi acquires M-Tech Systems for identity management
• At RSA, feds seek help to close widening cybersecurity gaps
• Cisco, EMC to partner on data protection, PCI
• Google tries to nurture culture of security
• Kraken botnet balloons to dangerous levels
• RSA Conference begins as companies tighten security budgets
• Microsoft plans security fixes for Windows, IE, Office
• Kerberos: Authentication with some drawbacks
• Video: Changes ahead for MIT Kerberos Consortium
• Kerberos security evolves for B2B, mobile tech
• Hannaford breach illustrates dangerous compliance mentality
• Tough questions on PCI DSS: Private networks, self-assessment and segmentation
• Hannaford breach highlights messaging system struggles
• New Storm attack exploits April Fool's Day
• Hannaford breach details indicate inside job
• TJX faces data audits for 20 years under FTC settlement
• Free support doesn't lead to new love for Vista SP1
• IBM's Watchfire halts network research, focuses on Web apps
• New virtual switch integrates with multiple security vendors
• Windows Server 2008 security not as advertised, says researcher
• Altor Networks addresses virtual complexities
• Microsoft warns of actively exploited Word flaw
• Will Lockdown customers be left in the lurch?
• Microsoft acquires rootkit detection vendor
• Application hardening tools help repel software pirates
• The pros and cons of data breach insurance
• Misconfiguration issues could have contributed to Hannaford breach



• More