Latest articles from SC Magazine US

IBM develops selective data hiding on the fly

Thu, 09 Jul 2009 15:44:22 GMT

IBM researchers say they have invented a way to selectively obscure sensitive information before it is displayed on a computer screen.

DirectShow, ActiveX 0-days among planned Microsoft fixes

Thu, 09 Jul 2009 13:59:57 GMT

Microsoft is hoping it can pull off a quick turnaround for a fix of a zero-day ActiveX vulnerability that was only disclosed this week.

Security redesign coming in Google Chrome OS

Wed, 08 Jul 2009 16:26:28 GMT

Details are scant on Google's planned Chrome operating system -- but there is reason to be hopeful that security will be a big part of it.

Mass attacks on government, financial sites continue

Wed, 08 Jul 2009 17:26:19 GMT

Researchers remain unsure of the source of a major distributed denial-of-service attack, which temporarily crippled dozens of international government and financial websites.

Spammers exploiting trust in shortened URLs

Wed, 08 Jul 2009 12:08:23 GMT

Shortened URLs could potentially lead to sites hosting malware, phishing exploits or other spam-related content, security experts warn.

FBI trying new ways to stem cybercrime tide

Tue, 07 Jul 2009 14:18:13 GMT

Cybercriminals may never be totally stopped, but federal agents and attorneys are getting better at catching and prosecuting them.

FTC website experiencing "technical problems"

Tue, 07 Jul 2009 17:23:45 GMT

A distributed denial-of-service attack is a potential cause of Federal Trade Commission website problems during the past two days.

Source of Adobe zero-day bug patched

Mon, 06 Jul 2009 15:49:31 GMT

One of the flaws at the heart of Adobe's ColdFusion 8.0.1 zero-day vulnerability has been patched.

Report: NSA will monitor government networks

Mon, 06 Jul 2009 15:28:47 GMT

The National Security Agency will assist in a new program to monitor government traffic on private-sector computer networks, as part of a new program called Einstein 3, according to a published report.

"Fourth of July" hacker jailed after hospital hack

Thu, 02 Jul 2009 15:13:45 GMT

A Dallas hospital guard was ordered to jail following his arrest on charges of breaking into computers, planting malicious software and planning a massive distributed-denial-of-service (DDoS) attack on the Fourth of July.

iPhone hacker reveals SMS vulnerability

Thu, 02 Jul 2009 14:36:59 GMT

A security researcher on Thursday unveiled a new iPhone SMS vulnerability, according to reports out of the SyScan Conference in Singapore.

Spam increased in Q2, despite 3FN takedown

Thu, 02 Jul 2009 12:41:08 GMT

During the second quarter of 2009, the amount of spam was up 53 percent from the first quarter, according to Google.

The changing role of log management

Mon, 06 Jul 2009 13:55:37 GMT

We are only at the beginning of evolution in terms of the meaningful intelligence that can be derived from log and event data, says LogRhythm's Eric Knight.

Hot or not: SCAP is heating up

Thu, 02 Jul 2009 06:57:06 GMT

The Security Content Automation Protocol (SCAP) can help take guesswork out of secure system configurations.

PCI-DSS: Not on health care provider's radar

Fri, 19 Jun 2009 15:42:54 GMT

In 2009, virtually all health care providers take credit cards - and virtually none of them are PCI compliant.

Email: An open door to sophisticated security threats

Mon, 01 Jun 2009 13:22:34 GMT

Email was once a straightforward vehicle that, contrary to design, became a vector for viruses, trojans and spam. etc. Now, of course, it's a virtual open door exploited by individuals, organized groups of malware authors and cybercriminals to deliver sophisticated and stealthy security threats, which take up residency on desktops and establish extensive strongholds on corporate networks.

Process over trust: Will we ever learn?

Wed, 27 May 2009 17:25:07 GMT

To give businesses greater confidence in privilege management, we must define, implement, monitor and enforce processes for delegating administrative access.

Open letter to vendors on software security

Mon, 18 May 2009 18:35:07 GMT

Customers, consumers and enterprises need their vendors to take the entire life cycle of security management far more seriously than is evident from their behavior today.

PCI DSS: Double-duty solutions enable secure access and prove compliance

Mon, 18 May 2009 16:16:15 GMT

The reward that comes with being able to process payment card transactions is phenomenal, so is the risk

Navigate your company through an M&A transition

Mon, 11 May 2009 14:00:33 GMT

In the midst of an M&A environment, proactive risk management is key.

Hot or not: Web application vulnerabilities hit inflection point

Tue, 09 Jun 2009 16:54:14 GMT

Consider this: Though there was an overall 15 percent rise in vulnerabilities discovered last year, 60 percent of those uncovered were web application flaws.

Waging war on cyberthreats

Fri, 08 May 2009 16:47:37 GMT

Compromised information networks can put an organization's very life in jeopardy. Here are ways that firms can take the lead.

Solving the lying endpoint problem

Tue, 05 May 2009 12:10:47 GMT

Lying endpoints are a critical challenge to network security. No single solution is perfect, and each approach has its advantages and caveats; however, combined solutions can offer an effective response.

PCI DSS: Double-duty solutions enable secure access and prove compliance

Mon, 18 May 2009 16:16:15 GMT

The reward that comes with being able to process payment card transactions is phenomenal, so is the risk

PCI DSS compliance for firewalls: It doesn't have to be complex

Tue, 28 Apr 2009 16:26:57 GMT

The Payment Card Industry Data Security Standard has placed considerable pressure on retail industry IT security teams. The burden to ensure both security and compliance isn't easing; the current economic situation forcing IT to accomplish more with less is only adding to the problem.

Hot or Not: SCADA security is hot

Thu, 23 Apr 2009 16:22:27 GMT

As more physical systems are run and managed by IT systems, SCADA security will grow steadily in importance.

Symantec wins piracy cases

Thu, 09 Jul 2009 16:53:49 GMT

Symantec has been awarded $18.6 million in two federal lawsuits against distributors selling counterfeit software. The judgments were against V-Micro, based in New Jersey, and Higher Model Computer, based in Connecticut, the company announced Thursday. Symantec alleged copyright and trademark infringement and fraud against the distributors for selling counterfeit products such as Norton SystemWorks, Norton AntiVirus and pcAnywhere. — CAM

Waledac bot profligacy

Thu, 09 Jul 2009 10:40:53 GMT

Waledac-infected computers are, on average, capable of sending 6,548 spam emails per hour, or two emails per second, according to security vendor ESET. Over the course of several one-hour periods, a Waledac-infected computer in the company's lab delivered between 5,610 to 7,148 spam emails. If 20,000 computers are infected with Waledac, as researchers estimate, then the botnet is capable of sending three billion emails per day, if all infected computers were working to full capacity. — AM

Safend Data Protection Suite

Mon, 06 Jul 2009 09:00:00 GMT

The Safend Data Protection Suite is an encryption (and endpoint protection) software solution that consists of a centralized management console, which runs on IIS and .NET, a Microsoft SQL Server backend, and client software components.

SafeNet HASP SRM

Mon, 06 Jul 2009 09:00:00 GMT

SafeNet’s HASP SRM controls access to protected software applications either through a hardware dongle or through a virtual dongle that resides on the end-user’s hard disk.