June 2009

• June 09, 2009 09 Jun'09

  Microsoft patches WebDAV security vulnerability in bevy of updates

  Zero-day flaws in Microsoft Internet Information Services (IIS) Web server and Internet Explorer were among 31 vulnerabilities repaired Tuesday.  Continue Reading

• June 09, 2009 09 Jun'09

  Best practices for a privileged access policy to secure user accounts

  Enterprises need to secure accounts belonging to actual users by reviewing and monitoring their privileged access.  Continue Reading

• June 09, 2009 09 Jun'09

  How to create secure Windows FTP automation

  Securing Windows FTP automation can be easier than you think, according to network security expert Mike Chapple. Consider using Microsoft's free FTP utility.  Continue Reading

• June 09, 2009 09 Jun'09

  Adobe issues first quarterly patch release fixing 13 flaws

  Adobe's first quarterly security patch release includes fixes for critical vulnerabilities in Adobe Reader and Adobe Acrobat.  Continue Reading

• June 08, 2009 08 Jun'09

  V.i Labs integrates Google maps to track software piracy

  Google maps integration looks cool, but in this tough global economy are software vendors going to spend the money needed to pursue offenders? V.i. Laboratories, Inc., is adding Google maps to its ...  Continue Reading

• June 08, 2009 08 Jun'09

  3FN.net ISP shutdown interrupts spam campaigns

  The shutdown of 3FN.net disrupted the Cutwail Botnet and may have reduced global spam volumes by 15%. But spam levels are expected to increase to pre-shutdown levels, experts say.  Continue Reading

• June 05, 2009 05 Jun'09

  Are Web application penetration tests still important?

  Web application penetration tests continue to be an important part of the secure software development lifecycle process in order to reduce the number and severity of security-related design and coding errors.  Continue Reading

• June 04, 2009 04 Jun'09

  Mature SIMs do more than log aggregation and correlation

  They've come a long way from the early days of log aggregation and correlation; enterprises now glean value from SIMs for compliance, visualization, and even overall business intelligence.  Continue Reading

• June 04, 2009 04 Jun'09

  Lack of cloud computing definition adds confusion, risk

  Vendors loosely using the term cloud computing are causing confusion for users in the market for buying and securing these services.  Continue Reading

• June 04, 2009 04 Jun'09

  Three cloud computing risks to consider

  Cloud computing carries risks that enterprises need to weigh before they forge ahead.  Continue Reading

• June 04, 2009 04 Jun'09

  New partnerships, creative thinking help security bust recession

  The economy is forcing organizations to be more resourceful and bury the hatchet. And that's a good thing.  Continue Reading

• June 04, 2009 04 Jun'09

  Mac OS memory flaws pose challenges for enterprise endpoint protection

  Recent research suggests that poor memory protections in the Mac OS make it much less secure than previously believed. Dee-Ann LeBlanc details how the Mac OS can be exploited and whether new defenses are needed to protect Mac endpoints on enterprise...  Continue Reading

• June 04, 2009 04 Jun'09

  How to write a risk methodology that blends business, security needs

  One security professional describes a homegrown risk methodology currently being used by a large university and a private corporation.  Continue Reading

• June 04, 2009 04 Jun'09

  Special Report: How to find jobs in information security

  Infosec professionals are not unilaterally immune to corporate layoffs and cost-cutting measures. Learn how to surivive and thrive in information security regardless of tough times.  Continue Reading

• June 04, 2009 04 Jun'09

  FTC shutters rogue ISP for hosting malicious content, botnets

  Executives at Triple Fiber Network are suspected of recruiting bot herders and hosting botnet command and control servers.  Continue Reading

• June 04, 2009 04 Jun'09

  Microsoft plans 10 security updates, fixing IE, Word, Excel vulnerabilities

  The software giant plans to issue six critical bulletins repairing flaws in Internet Explorer, Word, Excel and Office.  Continue Reading

• June 04, 2009 04 Jun'09

  DHS fills National Cybersecurity Center post

  Former Microsoft executive Philip Reitinger will lead the DHS' cybersecurity operations, filling a post vacated by Rod Beckstrom.  Continue Reading

• June 04, 2009 04 Jun'09

  Risk management must include physical-logical security convergence

  If your organization is serious about managing risk and total asset protection, then physical-logical convergence is a necessary step.  Continue Reading

• June 03, 2009 03 Jun'09

  Video guide: PCI DSS and the 12 Requirements

  Ed Moyle and Diana Kelley review each requirement one-by-one, outlining common questions and pitfalls that often arise in their work as QSAs.  Continue Reading

• June 03, 2009 03 Jun'09

  The top 5 network security practices

  Looking to brush up your network security practices? Check out these top five recommendations from expert Mike Chapple.  Continue Reading