Security Bytes

April 2008

  • Why lateral SQL injection and NULL pointer attacks matter

    David Schneier - R.I.S.C. Associates 30 Apr 2008
  • There has been a lot of interesting work going on in the research community of late on a handful of really specialized and esoteric application attacks, like Mark Dowd's NULL pointer attack and ...

  • Sophos: Sharp rise in Web threats

    Marcia Savage - Editor 28 Apr 2008
  • The Web now hosts an "unprecedented" number of threats, according to a report recently released by Sophos. In the first quarter of this year, Sophos researchers discovered a newly infected Web page ...

  • Secure Computing CEO steps down

    Marcia Savage - Editor 23 Apr 2008
  • Secure Computing today named Daniel Ryan as interim CEO. He replaces John McNulty, who served as board chairman and CEO since 1999. Ryan has served as the company's president and chief operating ...

  • IBM Phantom to analyze virtual security

    Robert Westervelt - TechTarget 22 Apr 2008
  • IBM's X-Force security research team and IBM Research are studying ways to protect virtual computing environments. Code named Phantom, the research project has been ongoing and could result in new ...

  • Richard Stiennon joins new MSSP as CEO

    David Schneier - R.I.S.C. Associates 22 Apr 2008
  • Richard Stiennon, the well-traveled vendor executive and industry analyst, has taken up a new post as the CEO of new MSSP Seccom Global, an offshoot of Seccom Networks, an Australian company. ...

  • Fighting security FUD

    Leigha Cardwell - TechTarget 17 Apr 2008
  • I recently tripped over a blog write-up from independent analyst Eric Ogren about his irritation with security vendors using FUD to sell products. It's an older posting from 2006 but his message is ...

  • Flaw fixes for Firefox, Mac

    Leigha Cardwell - TechTarget 17 Apr 2008
  • A couple of notable security fixes to flag this morning: First, Apple has patched the Safari Web browser flaw that famously earned a researcher $10,000 at the CanSecWest conference last month. ...

  • Oracle preps CPU for 41 flaws

    Leigha Cardwell - TechTarget 11 Apr 2008
  • Oracle said Thursday that it is prepping a Critical Patch Bulletin (CPU) to address 41 security holes across its product line. According to the database giant's advance CPU bulletin, attackers ...

  • RSA 2008: Firm makes log management a priority for compliance

    Robert Westervelt - TechTarget 11 Apr 2008
  • Ira Hanson-Ralph of EnCana explains why the oil and gas exploration company made log management a priority as part of its compliance program. Hanson-Ralph is EnCana’s group leader of IS compliance ...

  • RSA 2008: Sourcefire founder Roesch previews Snort 3

    Robert Westervelt - TechTarget 10 Apr 2008
  • In this interview at RSA Conference 2008, Sourcefire founder and Snort creater, Martin Roesch, talks about the sudden departure of the company's CEO and the future of intrusion defense.