Security: Data Protection

New Enterprise Tools Attack Spyware

Spyware is a moving target. Pushing out one level of filters just doesn’t cut it any more.

In Brief

Database and Imsecure vulnerabilities, search software flaw enables sophisticated phishing attack

In Brief

Microsoft ISA vulnerability may lead to phishing attacks, a new version of MyDoom targets the IFRAME vulnerability in IE, and survey finds bank clients willing to defect over banks’ lack of ID theft protections

Bias-Free Security Testing

New security-risk management tools bridge the security/business gap

In Brief

Blame unusable security, not users; Apple worm; high-speed IPS

Google Desktop Search Tool Raises Security Concerns

Free hard-drive indexing utility raises corporate security and privacy questions

Ten Best Practices to Secure Web Services

As more organizations embrace Web services (which opens back-office processes to partners and the Internet), a problem is emerging: who inside the organization is in charge of Web services security?

Case Study: Credit Union Encrypts Data onto Secure USB Keys

How one financial company distributes secure information to its board of directors, many of whom work in an insecure environment

Understanding the New Breed of Hackers

Knowing how today's hackers think and work is the first step to combating their attacks.

Software Vaults Protect Sensitive Information

Software vaults are increasingly the solution for securing passwords, notes from the board of directors, and more

Smart Cards Gear Up For Biometrics

Smart cards, currently a favorite of governments and large corporations, are getting more powerful, incorporating Java and USB technologies.

Inside Attackers Often Unremarkable, Warns CERT

Most attacks are relatively unsophisticated, planned in advance, conducted during normal business hours, and start from inside the organization. The common driver comes as no surprise: money.

In Brief

Most unsolicited e-mail originates in U.S., survey finds; securing storage; name-dropping attacks

Digital Certificates Get Pentagon, Regulatory Boost

Once they seemed doomed, but public key infrastructure is taking off, driven by e-commerce servers, Pentagon requirements, and government regulations.

Digital Certificates Secure Web Services, Mobile Communications

Public key infrastructure isn't dead yet.

Top 10 Security Modifications in Windows XP Service Pack 2

This XP Service Pack should be called a Security Pack

Best Practices: Securing IM Against Attacks

Free instant messaging services are just one of the many security holes facing corporate IT

Q&A: New Technology For Encrypting Sensitive, Stored Data

New approaches make it easier than ever to add network-wide transparent data encryption