Security Bytes

June 2007

  • 3Com plans to spin off TippingPoint via IPO

    David Schneier - R.I.S.C. Associates 29 Jun 2007
  • 3Com is planning an IPO for its TippingPoint security unit some time in the near--or not-so-near--future. The networking company announced the plan Thursday via a short press release that is light ...

  • Web watchers warn of new Storm attack

    Leigha Cardwell - TechTarget 29 Jun 2007
  • The prolific Storm malware is on the attack again, according to the folks at the SANS Internet Storm Center (ISC). ISC handler Lorna Hutcheson wrote on the storm center Web site that the latest ...

  • Thoughts on the iPhone security hype

    Leigha Cardwell - TechTarget 29 Jun 2007
  • Much has been made about the release of Apple's iPhone, including a lot of speculation on the security risks of using one. There's so much blogosphere noise on the subject that I've decided to ...

  • Microsoft’s Howard posts analysis of DNS RPC flaw

    David Schneier - R.I.S.C. Associates 28 Jun 2007
  • The Windows server RPC vulnerability that caused so much consternation this spring was so easily exploitable because the vulnerable RPC interface was accessible anonymously, according to an ...

  • Podcast: PCI DSS auditing and ethics

    Leigha Cardwell - TechTarget 28 Jun 2007
  • News Editor Rob Westervelt sat down with Burton Group analyst Diana Kelley at this week's Burton Group Catalyst Conference to talk about PCI DSS. Particularly noteworthy here is ...

  • Rutkowska’s Blue Pill rootkit to be put to the test at Black Hat

    David Schneier - R.I.S.C. Associates 28 Jun 2007
  • There's no security conference that's more fun to cover than Black Hat, and, judging by the roster of speakers, this year's Las Vegas edition looks to be no exception. The session that's drawing ...

  • Morning security flaw report for June 28

    Leigha Cardwell - TechTarget 28 Jun 2007
  • Here are some of the latest vulnerability alerts, based on my Internet travels this morning: Check Point flaws The French Security Incident Response Team (FrSIRT) has issued two advisories about ...

  • Why can’t Hollywood hack?

    David Schneier - R.I.S.C. Associates 27 Jun 2007
  • Despite the fact that most Hollywood movies are the products of computers these days, no one in La La Land seems to have the first clue what computers can and can't do. Or more accurately, what ...

  • Security Wire Weekly podcast for June 27

    Leigha Cardwell - TechTarget 27 Jun 2007
  • This week, Cisco executives explain how they’ll use the newly acquired talent and technology from IronPort to improve security for their customers. And as part of our ongoing Vista deployment ...

  • So many flaws, so little time

    Leigha Cardwell - TechTarget 27 Jun 2007
  • A number of vendors and other entities have addressed significant security flaws in their programs in the last few days. Here's a roundup: -- iDefense Labs has issued an advisory on flaws in ...

  • Fake Microsoft patch bulletin circulating

    Leigha Cardwell - TechTarget 27 Jun 2007
  • The SANS Internet Storm Center (ISC) warns on its Web site that a fake Microsoft patch bulletin is circulating. According to ISC handler Donald Smith, several people reported receiving an email ...

  • Newsmaker podcast: Gary McGraw

    Leigha Cardwell - TechTarget 25 Jun 2007
  • Gary McGraw, chief technology officer of Dulles, Va.-based security firm Cigital Inc., is a security luminary with several books to his credit, including "Software Security: Building Security In," ...

  • Apple fixes more Safari-Mac flaws

    Leigha Cardwell - TechTarget 25 Jun 2007
  • For the second time in as many weeks, Apple had to seal some security holes in Mac OS X and the new beta of its Safari Web browser. This time, the fixes are for a memory corruption flaw attackers ...

  • Congress warms to the idea of ditching SSNs as identifiers

    David Schneier - R.I.S.C. Associates 22 Jun 2007
  • After years of screaming and yelling from privacy advocates, consumer groups and others with some common sense, the Congress is finally coming around to the idea that using Social Security numbers ...

  • Sick of those 100% virus-free claims? Read on

    Leigha Cardwell - TechTarget 22 Jun 2007
  • As an information security writer, my email and voice-mail inboxes are constantly flooded with vendor pitches promising everything from Sarbanes-Oxley compliance in a box to 100% malware-free ...