January 2009

• January 30, 2009 30 Jan'09

  Security Bytes

  This blog covers topics across the spectrum of security, privacy and compliance, as well as the people and issues driving enterprise infosec today.  Continue Reading

• January 29, 2009 29 Jan'09

  Security skills pay increases despite economic downturn

  Despite the dour economy, new skills pay data suggests security managers are benefiting as CIOs look to retrench to survive the tough times ahead.  Continue Reading

• January 29, 2009 29 Jan'09

  Sensitive data insecure abroad, McAfee report finds

  Sensitive customer information and intellectual property is at high risk, especially in developing nations, according to a new survey.  Continue Reading

• January 29, 2009 29 Jan'09

  Employee information security awareness training for new IAM systems

  When an enterprise gets new IAM systems, training employees on how to interact with the technology is one of the most important aspects of deployment. Learn how to implement employee information security awareness training for new IAM systems and ...  Continue Reading

• January 29, 2009 29 Jan'09

  VA could pay veterans $20 million for security breach

  Under terms of a proposed settlement, the VA admits no wrongdoing in the theft of a stolen laptop containing the personal information of millions of veterans.  Continue Reading

• January 28, 2009 28 Jan'09

  Symantec CEO Thompson could be next commerce chief

  Symantec CEO John Thompson, who is slated to step down from the position in March, is reportedly the top choice for Secretary of Commerce.  Continue Reading

• January 28, 2009 28 Jan'09

  First lawsuit filed in Heartland data security breach

  A class action lawsuit was filed against Heartland claiming that the payment processor issued belated and inaccurate statements when it announced a security breach of its systems.  Continue Reading

• January 28, 2009 28 Jan'09

  Microsoft Conficker worm hits peak, but payload awaits

  Security researchers are fascinated by the spreading Conficker/Downadup worm, but are unsure what kind of damage it will do to corporate networks.  Continue Reading

• January 28, 2009 28 Jan'09

  Security book chapter: Applied Security Visualization

  In this section of Chapter 5: Visual Security Analysis (.pdf), author Raffael Marty discovers the forensic analysis of log data for discovering attacks and reporting incidents.  Continue Reading

• January 28, 2009 28 Jan'09

  How to prevent SSH brute force attacks

  Brute force attacks on the Secure Shell (SSH) service have been used more frequently to compromise accounts and passwords. Expert John Strand explains how to defend against these brute-force threats.  Continue Reading

• January 28, 2009 28 Jan'09

  Will Google Chrome enhance overall browser security?

  Expert John Strand reviews Google Chrome's browser security features and what the new tool will mean for enterprise IT teams.  Continue Reading

• January 28, 2009 28 Jan'09

  How can 419 scam emails and backscatter spam be stopped?

  A 419 scam is just one example of backscatter spam. John Strand explains which long-term solutions can help combat these particular kinds of unwanted messages.  Continue Reading

• January 28, 2009 28 Jan'09

  How to preserve an IT security budget from data breach fines

  After a data breach, it's important to re-build security quickly and well, but when breach fines are exacted from a security team, it can cripple improvement efforts. Learn how to preserve an IT security budget to meet IT security goals.  Continue Reading

• January 27, 2009 27 Jan'09

  How to use Nmap to scan a network

  Peter Giannoulis takes a look at everybody's favorite, freely available port scanner and OS identifier: Nmap.  Continue Reading

• January 27, 2009 27 Jan'09

  Screencast: How to scan with Nmap

  Peter Giannoulis takes a look at everybody's favorite, freely available port scanner and OS identifier: Nmap.  Continue Reading

• January 27, 2009 27 Jan'09

  Archer Technologies buys IT GRC competitor Brabeion Software

  Archer's acquisition of Brabeion indicates convergence in the IT GRC market. Compliance and trend to risk management bode well for GRC companies' in wake of economic meltdown.  Continue Reading

• January 27, 2009 27 Jan'09

  Websense acquires Web 2.0 antispam platform Defensio

  Web, DLP and email security vendor Websense improves ThreatSeeker Network intelligence with Defensio social media protection service.  Continue Reading

• January 27, 2009 27 Jan'09

  Educators see secure coding training challenges, improvements

  University-level secure coding training is improving, but hurdles remain, professors say.  Continue Reading

• January 27, 2009 27 Jan'09

  How to secure a website containing badware (banner82)

  In an expert Q&A, John Strand reviews how SQL injection attacks can lead to banner82 attacks and a "badware" label for your website.  Continue Reading

• January 27, 2009 27 Jan'09

  Barracuda Networks expands backup service with acquisition

  The acquisition of Yosemite Technologies adds support for Microsoft Exchange, SQL-Server and Windows state backup.  Continue Reading