Data security strategies and governance

  • March 19, 2007 19 Mar'07

    Symantec: Data thieves thrive on zero-day flaws

    According to Symantec's threat report for the second half of 2006, attackers exploited misplaced USB drives and zero-day flaws to steal vast amounts of data. Expect more of the same in 2007.

  • March 14, 2007 14 Mar'07

    Online game exploits threaten IT security

    Gary McGraw, chief technology officer of Dulles, Va.-based security firm Cigital Inc., is a security luminary with several books to his credit, including "Software Security: Building Security In," "Java Security" and "Exploiting Software." His ...

  • February 06, 2007 06 Feb'07

    CA backup bug exploitable on Vista

    In what appears to be the first exploit for a third-party app running on Vista, a previously patched buffer overflow vulnerability in CA BrightStor ARCserve Backup has been exploited. One security firm says ISVs aren't taking advantage of Vista's ...

  • January 18, 2007 18 Jan'07

    Data breach at TJX could affect millions

    Retailer TJX Companies said a hacker gained access to its systems exposing the credit card data of millions of customers.

  • January 10, 2007 10 Jan'07

    More users increase risk for Volkswagen AG

    With 1.5 million users on the network, Volkswagen AG depends more than ever on strong ID and access management to safeguard intellectual property, according to its CISO.

  • January 10, 2007 10 Jan'07

    Federal government pushes full disk encryption

    Businesses need to follow the federal government's lead in reducing data breaches by holding employees responsible and examining full disk encryption (FDE) products.

  • January 04, 2007 04 Jan'07

    Cisco software vulnerable to attack

    Cisco's Clean Access software and Clean Access Manager are at risk to attack. A malicious user can access a database snapshot and download it without authentication.

  • December 05, 2006 05 Dec'06

    IBM to acquire compliance software firm

    IBM plans to acquire Consul Risk Management Inc., a Delft, Netherlands-based firm whose software tracks non-compliant behavior of employees.

  • September 14, 2006 14 Sep'06

    Are companies ready to trust DHS database?

    DHS is trying to convince private companies that any information submitted to the National Asset Database will be protected. It remains to be seen if the agency is succeeding.

  • August 18, 2006 18 Aug'06

    Apple fixes Xsan security flaw

    Attackers could exploit a security flaw in Apple's Xsan file system to launch malicious code and crash vulnerable machines, but a fix is available.

  • August 17, 2006 17 Aug'06

    Security Bytes: Symantec patches Veritas NetBackup PureDisk flaw

    Meanwhile: Two MySQL database flaws are fixed, a study finds that many companies have lost laptops and the VA upgrades computer encryption after recent security breaches.

  • August 11, 2006 11 Aug'06

    Symantec fixes Backup Exec flaw

    Attackers could exploit flaws in Symantec Backup Exec 9.1 and 9.2 for NetWare Servers to cause a denial of service, launch malicious code and gain access to vulnerable machines.

  • August 07, 2006 07 Aug'06

    VA desktop PC stolen, 36,000 could be at risk

    Update: The incident marks the second time in less than three months that a VA device with sensitive information has been compromised. One expert blames the systematic problem of too much internal trust.

  • August 03, 2006 03 Aug'06

    Old attack vectors are back in style

    Black Hat: Like hip-huggers and tweed, once-popular attack methods like ciphertext manipulation are finding new life as hackers look to cut through well-worn Web applications.

  • August 01, 2006 01 Aug'06

    Compliance demands a technology toolbox

    There's really no one technology answer for regulatory compliance. That's why experts suggest that a variety of tools are needed to meet the requirements of regulations such as Sarbanes-Oxley.