Security Bytes

April 2007

  • Failing a security review isn’t always fatal at Microsoft

    David Schneier - R.I.S.C. Associates 18 Apr 2007
  • Microsoft's Trustworthy Computing initiative has been dissected and analyzed six ways from Sunday in the last few years, and the company's decision to stop shipment of Windows Server 2003 for ...

  • New worm exploiting Windows DNS flaw

    David Schneier - R.I.S.C. Associates 17 Apr 2007
  • There is a new worm circulating that attempts to exploit the recently identified vulnerability in Microsoft's DNS Server Service. The worm is a variant of Rinbot and scans for machines listening on ...

  • Sourcefire’s growing pains

    Michael Mimoso - TechTarget 16 Apr 2007
  • OK, allow me some journalistic license here when I say that if you squint a little bit sitting across from Marty Roesch that he could pass for Ray Romano. If you’re not buying that, then you have ...

  • Mobile phones carry ‘real’ virus? Nope

    Eric Parizo - Senior Analyst 13 Apr 2007
  • Even though it sounds like a plot summary to an upcoming Sarah Michelle Gellar film, Reuters is reporting that mobile phone service providers in Pakistan are getting tons of calls from panicked ...

  • PCI DSS is all about covering your tail

    Robert Westervelt - TechTarget 13 Apr 2007
  • Among the merchants, security auditors, credit card issuers and card transaction servicing firms in attendance at the PCI Data Security Standards Conference in New York City on Wednesday was a ...

  • SANS tracking possible new worm

    David Schneier - R.I.S.C. Associates 12 Apr 2007
  • The folks at The SANS Internet Storm Center say they're seeing indications of a new worm making the rounds Thursday. The ISC handlers have gotten a slew of emails with varying subject lines ...

  • McAfee Sage journal warns of growing mobile attacks

    Leigha Cardwell - TechTarget 12 Apr 2007
  • The latest edition of McAfee's semi-annual Sage security journal is out with a warning we've been hearing a lot lately: The bad guys are making a killing off online exploits, and mobile phones are ...

  • We are the browsers

    Eric Parizo - Senior Analyst 12 Apr 2007
  • In a technical tip that's debuting today on, Michael Cobb writes that it may be time to start scaling back our Web browser security expectations, and he's absolutely right. But ...

  • New tool can estimate potential cost of a data breach

    Leigha Cardwell - TechTarget 12 Apr 2007
  • IT security pros often lament that it can be difficult getting the top brass to understand the need for certain security investments. Holding up headlines about the TJX data breach and warning that ...

  • Security update for Opera browser

    Leigha Cardwell - TechTarget 12 Apr 2007
  • Opera Software has updated its popular Web browser to fix a flaw attackers could exploit to blow past security checks and run malicious code on targeted machines. "A security issue in the Adobe ...

  • Bot-on-bot crime

    Michael Mimoso - TechTarget 11 Apr 2007
  • Not everyone in the underground is concentrating on targeted attacks. Jose Nazario stopped by today; he’s Arbor Networks’ resident botnet guru and he shared a cool anecdote about some bot-on-bot ...

  • Why gaming attacks are an IT problem

    Leigha Cardwell - TechTarget 11 Apr 2007
  • If you think an attack against online gaming programs is only a problem for those who play them, think again. More than ever, the bad guys are finding ways to parlay gaming exploits into a real ...

  • Web application security by the numbers

    David Schneier - R.I.S.C. Associates 11 Apr 2007
  • The security industry, like most of the IT world at large, is awash in statistics. Some reports are straightforward and easy to interpret, while others leave a lot to the imagination. The Web ...

  • April Patch Tuesday fixes are out

    David Schneier - R.I.S.C. Associates 10 Apr 2007
  • The Microsoft Patch Tuesday fixes are out and this appears to be one of those months when administrators will need to reschedule some other projects in order to make sure these patches are ...

  • Security Bytes is live!

    David Schneier - R.I.S.C. Associates 10 Apr 2007
  • Welcome to Security Bytes, the new editorial blog written by the editors of and Information Security magazine. This is the first of what will be at least once daily posts from us ...