The need to automate time-consuming, manual patch processes drove one financial institution to adopt patch management software.
Microsoft patches two highly critical vulnerabilities and corrects a dud patch-installation process, while IBM issues patches for six Lotus Notes problems
Researchers find spyware lives especially on adult, game, and wallpaper sites. The enterprise security mandate is clear: start blocking those sites.
Last week, Oracle released a critical patch update for a SQL attack vulnerability that could give local attackers administrator-level privileges, and Apple patched Windows and Apple OS versions of QuickTime. Meanwhile a new report finds online attacks are hitting the bottom line.
It was a busy week for security alerts: more WMF flaws were exposed and two critical Microsoft vulnerabilities were revealed. Meanwhile, a review of 2005 IM threats gives a hint at what to expect this year.
Symantec anticipates kernel-level rootkits, and more covert channels for siphoning intellectual property
Security managers race to stem a mass outbreak
Regulations, application vulnerabilities, data breaches, and evolved malware accounted for 2005’s top security trends. We look ahead to what’s in store for 2006.
Spyware poses a huge threat—yet a recent survey shows that by their own admission, many enterprises have yet to protect their information with suitable anti-spyware software.
The 2005 SANS Top 20 list of the worst vulnerabilities finds attackers deserting operating system vulnerabilities, for flaws in applications and network devices.
Post-virus attack cleanup costs $200 per system. Taking a layered approach to protection can help keep your PCs safe.
With an increasing number of threats and limited IT staff resources, one company turns to outsourcing network monitoring
Discovering Web application vulnerabilities—which account for a staggering majority of all vulnerabilities seen in the wild—is the easy part. Keeping them fixed is another story.
Using a password hash, attackers can crack a database in about four minutes
Watching inbound and outbound Web applications communications for signs of attack
Increased attacks are driven by money and modularity.
Given the incredibly small window afforded IT managers for patching vulnerable systems, security experts recommend getting help in categorizing vulnerabilities as well as in determining which are actually present.
With attackers gunning for sensitive information, it’s time to rethink Web application code development or face the consequences.
New regulations mandate increased security for utilities' supervisory control and data acquisition systems
Exploits are already circulating for a recently announced Windows plug-and-play vulnerability. Experts recommend better endpoint security controls.