IDC predicts security and business continuity spending will increase twice as fast as overall IT budgets between now and 2007.
From carrots to sticks, a variety of recent regulations has presented a challenge to security managers. We ask a security expert where U.S. and European regulations are headed.
Versions of OpenSSH prior to 3.7.1 are vulnerable to denial of service attacks via a buffer management problem. We explain the problem and what you can do about it.
CERT’s Coordination Center outlines the top steps businesses, vendors, and the government can take to arrest the onerous cycle of constant patching.
Can information security professionals really get certified in half the ordinary time?
The dot-com boom’s legacy: buggy code. How do you find those bugs? Instead of trying to do code reviews with tools that were meant for developers, it's time to do them with tools meant for security
Yankee Group predicts large growth in the authentication market. Here are three things every organization needs to do to ensure users are who they say they are.
Handheld security expert suggests best practices for organizations that support the devices
Central Command shows a single virus accounted for over three-quarters of all activity last month.
Vulnerability in Microsoft applications occurs thanks to Visual Basic for Applications
To avoid the patch-and-pray cycle, IT organizations need to examine how to make vulnerabilities such as Sobig seem so small.
Cisco details vulnerabilities in CiscoWorks; eMule code hiding in P2P software
Techniques for challenging and defeating spam filters continue to grow
Microsoft releases a patch for IE 5.01 and above; company's Data Access Components could run hacker's code
Worms and legislation dictate the need for security-savvy employees; here's how to train them and reinforce human nature.
It's been a banner month for viruses, as new vulnerabilities were unleashed and others lingered
Worm exploits RPC/DOM vulnerability; denial-of-service attacks still likely
Do password management software and identity synchronization software naturally go together? One thing's for sure: the ROI for both categories is attractive.
New vulnerabilities in BSD operating system and Postfix, a popular mail transfer agent; the FTC warns about the dangers of file-sharing
Japanese university finds easy way to control network access