Latest articles from SC Magazine US

After guilty plea, E-Gold founder seeks to remove stigma

Wed, 23 Jul 2008 17:40:43 GMT

The principal owners of E-Gold, an online money transfer system, have pleaded guilty in federal court to operating a business that caters to cybercriminals. But now they plan to institute measures to change the company's stigma.

"Spam King" sentenced to 47 months

Wed, 23 Jul 2008 13:03:42 GMT

Notorious spammer Robert Soloway has been ordered to spend 47 months behind bars.

Convicted spammer escapes from prison

Wed, 23 Jul 2008 14:24:38 GMT

Convicted spammer Edward "Eddie" Davidson escaped from a federal prison camp after serving just five weeks of a 21 month sentence.

DNS flaw details heighten urgency to patch

Tue, 22 Jul 2008 15:39:50 GMT

When researcher Dan Kaminsky reveals details behind the major DNS protocol vulnerability next month at Black Hat, it may not be such a surprise anymore.

Hackers: Georgia on my mind

Tue, 22 Jul 2008 10:05:16 GMT

A distributed denial of service (DDoS) attack brought down a government website in the country of Georgia this weekend.

BlackBerry maker fixes PDF flaw that could crash server

Mon, 21 Jul 2008 15:36:10 GMT

The maker of popular BlackBerry mobile devices has patched a hole in its Enterprise Server that could have allowed hackers to take control of affected systems.

NERC unveils cybersecurity plan

Mon, 21 Jul 2008 15:56:43 GMT

A new response plan for threats to the national power grid is in the works.

Is Limbo 2 the ultimate trojan?

Fri, 18 Jul 2008 17:19:52 GMT

The Limbo 2 trojan may be the most sophisticated trojan yet unleashed.

Google Trends hacked again

Fri, 18 Jul 2008 10:15:35 GMT

Search engine Google has had its Hot Trends system hacked for the second time in seven days.

Romanian cybercrime ring busted

Fri, 18 Jul 2008 09:46:59 GMT

Thanks to a joint effort between the FBI and Romanian police, 24 Romanians believed to be part of an organized cybercrime ring were arrested during the past week.

Facebook exposes private data

Thu, 17 Jul 2008 16:00:03 GMT

Facebook users' dates of birth were revealed at some point in public beta tests of a profile redesign.

Cybersecurity and the presidential campaign

Thu, 17 Jul 2008 13:38:23 GMT

The presidential candidates envision America's cybersecurity infrastructure.

BlackBerry advises blocking PDFs until flaw is fixed

Wed, 16 Jul 2008 15:46:30 GMT

A major vulnerability in the BlackBerry Attachment Service could result in a takedown of the enterprise server that supports the popular mobile device.

Business booms for organized cybercriminals

Wed, 16 Jul 2008 13:39:33 GMT

The days of the lone hacker are seemingly over, with cybercrime organizations now being run by bosses parading as business entrepreneurs, complete with criminal staff.

Trojan disguised as UPS delivery note

Wed, 16 Jul 2008 13:21:54 GMT

Panda Security is warning email recipients that a series of messages purporting to come from UPS, the world's largest shipping carrier, may in fact harbor the Agent.JEN trojan.

Oracle pushes out 45 patches; 14 for Database

Tue, 15 Jul 2008 17:25:50 GMT

Oracle on Tuesday released 45 patches for product vulnerabilities.

Angry insider locks down San Francisco WAN

Tue, 15 Jul 2008 16:29:32 GMT

Network administrators in San Francisco could not access the city's new wide area network because a disgruntled engineer refused to divulge his exclusive credentials.

"Spam King" Soloway to be sentenced July 22

Tue, 15 Jul 2008 14:04:02 GMT

The sentencing for "Spam King" Robert Soloway, who faces up to nine years in prison, has been delayed until next week.

Phishing attack targets Monster.com

Tue, 15 Jul 2008 17:22:42 GMT

A major job site is the latest phishing attack target.

Data security and higher education

Wed, 16 Jul 2008 14:51:43 GMT

Information is the lifeblood of any educational facility, based on the free exchange of information, ideas and research. For this reason, colleges and universities face unique data security challenges.

What you must know about network security before going global

Thu, 10 Jul 2008 16:12:13 GMT

Prior to remotely deploying any infrastructure in support of globalization, consider the level of trust to be afforded to the remote site, why such trust is merited, and how it will be continuously verified.

Making data breach prevention a matter of policy

Wed, 09 Jul 2008 11:41:33 GMT

Though many states have adopted data breach notification laws, notification is a far cry from prevention.

The emergence of crimeware as a service

Tue, 08 Jul 2008 11:18:31 GMT

A major risk to security is the emergence of server-side polymorphism or "Crimeware as a Service", in which a polymorphic malware engine does not reside within the virus code itself, but rather remotely on a server.

Palm-vein biometrics help accurately ID patients

Wed, 02 Jul 2008 16:35:49 GMT

Palm-vein recognition hits that sweet spot of biometrics between security, cost, accuracy and ease of use that make it an optimal physical and IT access control solution for health care organizations.

Five steps to securing mobile data for HIPAA compliance

Tue, 01 Jul 2008 16:48:53 GMT

Workforce mobility presents new challenges to health care IT groups responsible for HIPAA security compliance.

Crypto chip: How the TPM bolsters enterprise security

Fri, 27 Jun 2008 14:00:18 GMT

Want to make your endpoints and servers more secure, and easier to manage? Consider the Trusted Platform Module (TPM), a hardware-based cryptography chip built into virtually every enterprise PC and notebook, and now installed in over 100 million PCs.

Anatomy of a data breach: Security from the inside out

Fri, 27 Jun 2008 12:00:34 GMT

When it comes to database breaches, the real issue is lack of real-time insight into what is actually happening to the data.

The rise of targeted malware

Thu, 26 Jun 2008 12:20:33 GMT

Research firms have been saying for quite some time that the antivirus/perimeter approach to security is dead, and targeted attacks could very well be the final nail in the AV coffin.

If you can't trust the compliance officer, whom can you trust?

Fri, 20 Jun 2008 15:09:00 GMT

The insider threat is the main security risk enterprises face -- insider incidents from using system administrator or privileged account access are responsible for nine out of 10 breaches in data security.

On the tracks of medical data: Electronic records pressure

Wed, 18 Jun 2008 17:37:00 GMT

The pressure to move records to an electronic format is stronger than ever, but at the same time the risk and awareness of privacy violations are on the rise.

What HIPAA can learn from PCI

Wed, 18 Jun 2008 17:04:00 GMT

HIPAA in its current form fails to adequately protect patient data. There is a lack of oversight, guidance and enforcement.

Exploiting VoIP vulnerabilities to steal confidential data

Mon, 09 Jun 2008 16:50:00 GMT

Like any complex computer system, VoIP/UC networks have present unique security challenges. Despite many attempts to formulate best security practices for VoIP/UC solutions within an enterprise, such best practices are not always enforced or correctly followed.

Changing the POS security burden

Wed, 04 Jun 2008 15:34:00 GMT

Easing the burden of security and compliance must come from all participants in the retail environment.

PCI compliance: Learning from the U.S. Air Force

Wed, 04 Jun 2008 14:57:00 GMT

If an organization is going to successfully protect its data, it must aim for preventing a breach, not passing an audit.

Setting the stage for the latest PCI deadline

Tue, 03 Jun 2008 14:25:00 GMT

June 30 marks an important date for any company that takes online credit card payments. On that date, a section of the Payment Card Industry Data Security Standards (PCI DSS) becomes mandatory. The transition shows that web application security is the biggest security threat faced online.

SonicWALL SSL-VPN 2000

Mon, 07 Jul 2008 09:00:00 GMT

The SonicWALL SSL-VPN 2000 focuses its feature set toward becoming more than just a virtual network.

Sophos NAC Advanced

Mon, 07 Jul 2008 09:00:00 GMT

The Sophos NAC Advanced product is a well-designed offering which balances the need for ease of administration with network protection.