Security News


New ways to police the enterprise

More important than ever, intrusion detection and prevention systems offer new ways to reduce data overload and false alarms.

Microsoft Word vulnerability gives hackers a backdoor

A newly discovered vulnerability in Microsoft Word XP and Word 2003 allows malicious hackers to mount Trojan-based attacks through e-mail attachments, establishing a backdoor that allows them to control compromised Windows PCs.

Sunbelt Software announces third-gen messaging security

Sunbelt Software recently released Sunbelt Messaging Ninja, its new third-generation enterprise messaging security solution for Microsoft Exchange. The product includes antivirus, antispam and antiphishing features, and attachment filtering, which is free for a limited time.

Bots join a long list of security woes

Nearly two-thirds of IT decision-makers aren’t confident they can prevent bots from infecting company PCs when they are not connected to the corporate network, according to a new survey.

Innovator Awards 2006

ADT’s 12th annual Innovator Awards recognize the work of IT teams who developed—and deployed—unique apps to solve their company’s business problems.

Credit union takes SAFE approach to patch automation

Some organizational names carry inherent assumptions. Just ask the Sacramento Air Force Employees (SAFE) Federal Credit Union in California, which maintains assets of $1.2 billion for its roughly 120,000 members.

Open-source and commercial tools mashup

They may not be as slick, powerful or extensible as off-the-shelf reporting tools, but that doesn’t bother a growing number of developers who find open-source tools good enough.

Why Automated Patch Management Remains Elusive

Patching remains a manual, time-intensive process, despite more automated tools.

Building Better Applications: Beyond Secure Coding

While teaching developers “secure coding” techniques is important, experts say far more is needed to actually produce secure applications.

Security beyond the Badness-ometers

Gary McGraw's New Book Puts the Yin and Yang in Application Security

Virtually reflexive response to security threats

Reflex Security’s Reflex VSA, which the company claims is the industry's first virtual security appliance for virtualized environments, enables enterprises to secure those networks with firewall protection and intrusion prevention.

Rapidly evolving security attack trends

On Monday, Counterpane Internet Security and MessageLabs released their 2005 Attack Trends & Analysis report, which analyzes security attacks across 15 industry sectors and discusses how these attacks affect organizations and outlines the extent of potential damages.

Destroy, Shred, Disintegrate: Guidelines for Securely Decommissioning Storage

Thanks to improved corporate information security practices, attackers are seeking new methods for accessing sensitive corporate information, putting storage media more at risk than ever. We offer several recommendations for destroying data.

RSA Opening Keynoters

Gates Packs ‘em in; McNealy Shows up with a Message

Corporate E-Mail Security: Compliance Swamps IT Staff

IT managers look to better tools, including self-service retrieval for employees

Spinning CAN-SPAM

Is CAN-SPAM working to unclog enterprise in-boxes?

The Shape of Endpoint Security to Come

Will 2006 be the year of endpoint security? A number of network-access-control approaches are finally coming to fruition.

Security firms form posse to track and capture spyware

McAfee, Symantec, Trend Micro, ICSA Labs and Thompson Cyber Security Labs announced yesterday a plan to test technologies designed to ID and kill spyware.

Compuware seeks to secure Web apps with tool upgrade

Compuware is announcing the general availability of a new version of its security analysis tool DevPartner SecurityChecker.