Security News

Microsoft Announces SP-1 for Forefront Client Security

An update to Microsoft's enterprise client protection app is now available.

Web Sites Rife with Unpatched Vulnerabilities

Although the overall number of vulnerabilities being discovered in software appears to be leveling off or even dropping, two recent reports on Web security say that the overwhelming majority of Web sites studied still have unpatched vulnerabilities that could expose visitors to malicious code.

Security Software: How Suite It Is

The writing's on the wall, it seems, for purveyors of security point solutions. Gone is the day of the best-of-breed anti-virus, firewall, e-mail security or encryption vendors. These days, it's a security suite play.

Browser Security Gets Focus in ZoneAlarm 8.0 App

Check Point Software updated its Web security software suite.

Red Hat Hacked, Company Issues Security Advisory

A critical advisory was issued after hackers tampered with the open source Linux company's Web site.

UPDATED: Microsoft Tool Helps Filter SQL Injection Attacks

UrlScan 3.0, a security add-on to Microsoft's IIS Web server, is now available in its Release-to-Web version.

Vulnerability Management Needed for Security, Study Says

A study describes best practices for keeping down security costs and woes.

Coverity Offers Java Code Readiness Service

The new tool is designed to help managers assess code quality before it's shipped.

The New .NET Identity Class

Simplifying identity with Microsoft's 'Zermatt' class libraries.

VMware's Updates Cause Problems, CEO Apologizes

Updates to the company's ESX 3.5 and ESXi 3.5 virtualization products caused licenses to expire, and other problems.

SQL Injection Attacks on the Rise

MessageLabs reports that the number of SQL injection attacks spiked sharply last month.

WSUS Blocking: A Real Problem, Microsoft Says

Microsoft issued a fix yesterday via Microsoft Update for a patch blocking problem that affected System Center users.

Microsoft's August Patch Brings 11 Security Fixes

Remote code execution and information disclosure risk are the main problems addressed with this patch cycle.

Analyst: Beware of the Google Gadgets

One fun thing about the interactive world of Web 2.0 is the online applications you can take advantage of, such as Google Gadgets.

Seven Critical Fixes Expected on Tuesday

Microsoft's Patch Tuesday security rollout next week will be expected to have 12 total fixes, with seven deemed "critical."

DNS May Be Patched, but Danger Still Lurks

We dodged a bullet last month -- the discovery of a fundamental flaw in the Domain Name System, Dan Kaminsky told a standing-room only (and some sitting on the floor) crowd at the Black Hat Briefings Wednesday.

Coreflood Trojan Stole 500G of Personal Financial Data

A cache of stolen data gathered from a botnet that has been quietly sweeping up information for years contained the user names and passwords for 8,485 bank accounts.

Black Hat Researchers Overcome Security Learning Curve

The Black Hat Briefings return to Caesars Palace this week with a new batch of hands-on security research for a crowd of 4,000 IT administrators, hackers, industry experts and government officials.

Security Woes Up, as PHP and OSS Make the List

A study finds most software vulnerabilities are reported by IBM, Microsoft and Apple, and Web apps are a leading point of attack.

Virtualization Showdown at Black Hat

Next week at the Black Hat conference in Las Vegas, security researcher Joanna Rutkowska promises to demonstrate how a malicious attacker, working remotely, could take control of the open-source Xen virtualization software.

Upcoming Events


Sign up for our newsletter.

I agree to this site's Privacy Policy.