Security Bytes

April 2007

  • Security360 podcast: Endpoint encryption

    Robert Westervelt - TechTarget 30 Apr 2007
  •'s Security360 podcast offers fresh perspectives -- from vendors, experts and infosec pros -- on a variety of complex information security issues. In this episode, we look at ...

  • Microsoft explains how it missed ANI

    Leigha Cardwell - TechTarget 30 Apr 2007
  • Here's something you don't see from Microsoft often -- a detailed assessment of how it missed a big security hole. In this case the topic is the much-attacked ANI flaw and how it was allowed into ...

  • WOOT, there it is

    David Schneier - R.I.S.C. Associates 27 Apr 2007
  • We all know the security conference schedule is already overcrowded, but there's always room for another good one. The folks at USENIX this summer will be putting on a new workshop called ...

  • McAfee making financial strides

    Leigha Cardwell - TechTarget 27 Apr 2007
  • McAfee has had its share of setbacks in the last couple years. There was a stock options scandal that forced a major shake-up among the top brass, and a lawsuit in which rival vendor DeepNines ...

  • Get ready for a NanoScan

    Eric Parizo - Senior Analyst 26 Apr 2007
  • One of my favorite sayings is, "You can't beat free!" It's not always true of course, but as the industry has learned from the many useful open source tools available today, free is often good ...

  • Should PCI DSS rules be eased?

    Robert Westervelt - TechTarget 26 Apr 2007
  • First Data CISO, Phil Mellinger told a group attending a recent PCI DSS conference that the PCI DSS standards should be eased to allow more businesses to meet the standards. The rules would rise ...

  • DHS’ Garcia wants more cooperation on software security

    David Schneier - R.I.S.C. Associates 25 Apr 2007
  • I'm out in Las Vegas this week at CA World and on Tuesday I ran into Ron Moritz. CA's chief security strategist and the former CTO at Symantec. Moritz is one of those people who is not often in the ...

  • Lights out for Firefox 1.5

    Leigha Cardwell - TechTarget 25 Apr 2007
  • Firefox 2.0 has been out since last fall, but Mozilla has continued to support those still using version 1.5 with regular security updates. That will stop next month, Mozilla announced Tuesday. In ...

  • Security configuration management vendors branch out

    Robert Westervelt - TechTarget 24 Apr 2007
  • The security configuration management market appears to be in flux in the last year or so. Vendors in this market provide tools to enforce compliance policies against check security configurations. ...

  • Are more federal laws the answer to ID theft?

    Leigha Cardwell - TechTarget 24 Apr 2007
  • With a growing number of states enacting laws to deal with identity theft, a White House task force has come out with a plan to protect people at the federal level. In a press release issued Monday ...

  • Microsoft moves to the security Forefront

    Leigha Cardwell - TechTarget 24 Apr 2007
  • In the last couple of years, vendors like Symantec and McAfee have been increasingly spooked by Microsoft’s foray into the IT security business. The Forefront product line is perhaps one of the ...

  • PCI paralysis

    Marcia Savage - Editor 23 Apr 2007
  • A recent survey of 80 North American businesses about the Payment Card Industry Data Security Standard by RSA had an interesting finding. While nearly all -- 90 percent -- think the standard's ...

  • Reports of a Safari zero-day

    Leigha Cardwell - TechTarget 23 Apr 2007
  • The Mac faithful are certainly not used to this. The SANS Internet Storm Center is reporting a possible zero-day exploit involving Apple's Safari Web browser. You read that right -- a zero-day ...

  • Security Newsmakers: Howard Schmidt

    Robert Westervelt - TechTarget 20 Apr 2007
  • As part of our Security Newsmakers podcast series, Senior News Writer Bill Brenner recently interviewed Howard Schmidt about his latest book "Patrolling Cyberspace: Lessons Learned from a Lifetime ...

  • Windows DNS RPC patch still in the works

    David Schneier - R.I.S.C. Associates 19 Apr 2007
  • As US-CERT and others continue to monitor the attacks against the Windows DNS RPC flaw, the folks at the Microsoft Security Response Center say they still don't have any better idea when a patch ...