Data security strategies and governance
- March 19, 2007
According to Symantec's threat report for the second half of 2006, attackers exploited misplaced USB drives and zero-day flaws to steal vast amounts of data. Expect more of the same in 2007.
- March 14, 2007
Gary McGraw, chief technology officer of Dulles, Va.-based security firm Cigital Inc., is a security luminary with several books to his credit, including "Software Security: Building Security In," "Java Security" and "Exploiting Software." His ...
- February 06, 2007
In what appears to be the first exploit for a third-party app running on Vista, a previously patched buffer overflow vulnerability in CA BrightStor ARCserve Backup has been exploited. One security firm says ISVs aren't taking advantage of Vista's ...
- January 18, 2007
Retailer TJX Companies said a hacker gained access to its systems exposing the credit card data of millions of customers.
- January 10, 2007
With 1.5 million users on the network, Volkswagen AG depends more than ever on strong ID and access management to safeguard intellectual property, according to its CISO.
- January 10, 2007
Businesses need to follow the federal government's lead in reducing data breaches by holding employees responsible and examining full disk encryption (FDE) products.
- January 04, 2007
Cisco's Clean Access software and Clean Access Manager are at risk to attack. A malicious user can access a database snapshot and download it without authentication.
- December 05, 2006
IBM plans to acquire Consul Risk Management Inc., a Delft, Netherlands-based firm whose software tracks non-compliant behavior of employees.
- September 14, 2006
DHS is trying to convince private companies that any information submitted to the National Asset Database will be protected. It remains to be seen if the agency is succeeding.
- August 18, 2006
Attackers could exploit a security flaw in Apple's Xsan file system to launch malicious code and crash vulnerable machines, but a fix is available.
- August 17, 2006
Meanwhile: Two MySQL database flaws are fixed, a study finds that many companies have lost laptops and the VA upgrades computer encryption after recent security breaches.
- August 11, 2006
Attackers could exploit flaws in Symantec Backup Exec 9.1 and 9.2 for NetWare Servers to cause a denial of service, launch malicious code and gain access to vulnerable machines.
- August 07, 2006
Update: The incident marks the second time in less than three months that a VA device with sensitive information has been compromised. One expert blames the systematic problem of too much internal trust.
- August 03, 2006
Black Hat: Like hip-huggers and tweed, once-popular attack methods like ciphertext manipulation are finding new life as hackers look to cut through well-worn Web applications.
- August 01, 2006
There's really no one technology answer for regulatory compliance. That's why experts suggest that a variety of tools are needed to meet the requirements of regulations such as Sarbanes-Oxley.