Researchers find spyware lives especially on adult, game, and wallpaper sites. The enterprise security mandate is clear: start blocking those sites.
Despite the popularity of instant messaging (IM), many organizations don’t regard the communications channel as an enterprise security risk.
IT managers look to better tools, including self-service retrieval for employees
Large enterprises are deploying network behavior analysis tools to supplement firewalls and IPS to block unknown types of attacks and catch stealthy attacks in progress.
The FTC says federal anti-spam legislation is effective. Experts disagree.
Will 2006 be the year of endpoint security? A number of network-access-control approaches are finally coming to fruition.
Despite the popularity of forensic science, automated, digital evidence-gathering and analysis tools lag.
Last week, Oracle released a critical patch update for a SQL attack vulnerability that could give local attackers administrator-level privileges, and Apple patched Windows and Apple OS versions of QuickTime. Meanwhile a new report finds online attacks are hitting the bottom line.
Many organizations have reached or exceeded their ability to support the growing security management headaches and are facing compromises. What we need is a complete suite of top-tier security technologies administered from a single, unified console. Is that even possible?
It was a busy week for security alerts: more WMF flaws were exposed and two critical Microsoft vulnerabilities were revealed. Meanwhile, a review of 2005 IM threats gives a hint at what to expect this year.
With information security increasingly a boardroom-level concern, job prospects continue to be good, according to a new study. Training and certification are becoming increasingly important for candidates and companies alike.
Symantec anticipates kernel-level rootkits, and more covert channels for siphoning intellectual property
Security managers race to stem a mass outbreak
Regulations, application vulnerabilities, data breaches, and evolved malware accounted for 2005’s top security trends. We look ahead to what’s in store for 2006.
Sarbanes-Oxley compliance started chaotically. By its second year, however, many organizations were investigating how automated controls could help them see SOX not as an annual cost but as a way to reduce business risk. What’s in store for year three?
Spyware poses a huge threat—yet a recent survey shows that by their own admission, many enterprises have yet to protect their information with suitable anti-spyware software.
The 2005 SANS Top 20 list of the worst vulnerabilities finds attackers deserting operating system vulnerabilities, for flaws in applications and network devices.
To succeed, a chief information security officer needs project management skills, business process expertise, a budget, and authority—and an aptitude for diplomacy.
Just think of it: routers and switches no longer need separate firewalls, IDS/IPS appliances, or other security technologies to shield themselves from attacks. Fewer boxes to maintain, fewer management systems to support—what’s not to like? As it turns out, plenty.
Companies favor security technology, overlook adequate user training