Information Security Policies Procedures and Guidelines

  • January 28, 2008 28 Jan'08

    ChoicePoint saga comes to a close

    Remember ChoicePoint? Four years ago the data broker kicked off what became a years-long deluge of enterprise data breaches by allowing more than 160,000 customer records to be stolen. It seems ...

  • January 25, 2008 25 Jan'08

    Look how far we’ve come

    Once upon a time, it was fairly simple for security researchers to identify and eliminate phishing sites or sites hosting malware. Most of them were hosted on sketchy domains, often in countries ...

  • January 24, 2008 24 Jan'08

    NAC vendors stake future on manageability

    With security experts predicting a shake-out in the NAC market, vendors are focusing on management tools as the best recipe for survival.

  • January 22, 2008 22 Jan'08

    Microsoft hires Linux security guru Crispin Cowan

    Microsoft has added yet another big name to is Windows Security team: Crispin Cowan. These hirings have become old hat at this point, but this one has an interesting twist in that Cowan is renowned ...

  • January 18, 2008 18 Jan'08

    Information security makes the silver screen

    Information security hit the big screen -- well, not so big screen -- with the debut of Fortify Software's documentary, "The New Face of Cybercrime" Thursday in San Francisco. Billed as a "world ...

  • January 17, 2008 17 Jan'08

    Security Wire Weekly video format

    Security Wire Weekly Video Edition.

  • January 16, 2008 16 Jan'08

    Happy Valentine’s Day from the Storm Trojan

    Valentine's Day isn't for another month, but that's not stopping controllers of the Storm Trojan from using the holiday theme to trick users into downloading the malware. A posting on the SANS ...

  • January 15, 2008 15 Jan'08

    TSA security lapses example of outsourcing failure

    A congressional report issued last week outlined the failure of the Transportation Security Administration to secure a special Web site designed to help travelers whose names appeared erroneously ...

  • January 14, 2008 14 Jan'08

    New banking Trojan wants you for its army

    A couple of weeks ago I wrote a story about some of the more sophisticated Trojans out there right now, including Storm and Nugache. I mentioned a few Trojans that specifically target online ...

  • January 11, 2008 11 Jan'08

    Another day, another QuickTime zero-day

    Here we go again ... Vulnerability researcher Luigi Auriemma has reported an Apple QuickTime flaw attackers could exploit to hijack targeted machines. The problem is a boundary error in how RTSP ...

  • January 11, 2008 11 Jan'08

    Oracle plans 27 security updates Tuesday

    Oracle released an advance bulletin for the Critical Patch Update (CPU) it has planned for Tuesday. If all goes to plan, DBAs are looking at 27 fixes across the database giant's product line. ...

  • January 10, 2008 10 Jan'08

    Green security?

    These days, "green" is being used to market everything from cars and light bulbs to cleaning products. Now security vendors are jumping on the bandwagon to promote their products as good for the ...

  • January 10, 2008 10 Jan'08

    Former CA security exec Ron Moritz joins Microsoft’s Forefront team

    Microsoft, continuing its quest to become the New York Yankees of security by amassing the best free-agent talent available, recently signed up another heavy hitter: Ron Moritz, the former head of ...

  • January 09, 2008 09 Jan'08

    New MBR rootkit on the loose

    The folks at Symantec's Security Response Center have an interesting writeup on a new Trojan making the rounds that installs a MBR rootkit on compromised machines. Known as Trojan.Mebroot, it is ...

  • January 08, 2008 08 Jan'08

    Security update for VMware ESX Server, VirtualCenter

    VMware has released a hefty security update to address flaws in the VMware ESX Server and VirtualCenter. Attackers could exploit the flaws to perform actions with escalated privileges, cause a ...