End Users Lax With Company Data
A new security study shows end users from around the world treat data and corporate systems with little respect for the potential consequences. When it comes to corporate data, which is actually often customer data, there's little regard for security.
New DoS Attack Is a Killer
Things are a-brewin' in Sweden. Sweden is not just home of the infamous bikini team, it is also the home of Outpost 24, an equally sexy software-as-a-service network scanning service, and the employer of my friend Robert E. Lee and his colleague Jack C. Louis. These guys are the inventors of UnicornScan, a user-land TCP stack turned into a port scanner. Never heard of it? Use Nmap exclusively? Well if you run Linux, I suggest checking
Can You Prove Compliance In The Cloud?
Whether you're in the midst of an audit or a forensic investigation, thorough logs are the key to proving compliance with security regulations. So how do you prove your organization is/was compliant when you aren't able to maintain logs? This is the nagging question that gnaws hungrily at my weary brain every time I ponder cloud computing.
Scareware Purveyors To Get Legal Thrashing
We've previously warned about the rising number of scareware threats attempting to scam Internet users. Now Microsoft and the state of Washington are gnashing their legal teeth. Will it work?
Free Cloudmail Continuity Offer From LiveOffice
Snailmail may be immune to rain, sleet snow, etc. but heavy weather can wreak heavy damage -- and outright interruption and downtime -- on your e-mail traffic. A new free service from LiveOffice argues that the solution to storm clouds' potential for disruption lies in the digital Cloud.
CSRF Flaws Found on Major Websites
Princeton University researchers reveal four sites with cross-site request forgery flaws and unveil tools to protect against these attacks
Mozilla Fixes Password Management Gaffe
Just after Mozilla released Firefox version 3.0.02, which fixed a bevy of security problems, the foundation had to issue a notice to users about a flaw that could keep users from accessing and even creating passwords under some conditions.
Portrait Of A Computer Forensic Examiner
While data can be recovered from any computer, expert Ives Potrafka believes that corporate IT departments have far less control over what happens on PCs used for work.
Astaro Debuts E-mail Spam Fighter For SMBs
Everybody hates spam. It clogs inboxes and online traffic, cuts productivity, and holds out false hope of riches, romance, and hair. Astaro's new Mail Gateway is designed to help your company deal with spam and other e-mail issues without spending a lot of money.
Senate Committee Approves Updated FISMA Bill
The Senate Homeland Security and Government Affairs Committee just approved S.3474, which will update the Federal Information Security Management Act (FISMA), in the hope of lifting federal security efforts beyond what many have deemed a paperwork shuffle that does little to boost security.
One In Ten Computer Users Don't Have A Clue About Security
They've got computers, they've got apps and they've almost undoubtedly got confidential data, but a new study from privacy company Steganos found that nearly 10 percent of computer users didn't know if they had anti-virusware installed. And it gets worse...
Speed Is The SSD 'Killer App'
In a recent blog entry I provided a time line on when I thought SSD would become the dominant storage type for what is currently the active storage tier. One of the key enablers of this will be the increasing need for speed and mechanical hard drives' lack of ability to deliver it in a cost- effective manner.
North American Companies Embracing Security Outsourcing
The U.S. managed security services market is booming, and set to double in size in the next few years? MSSPs have been around, in one iteration or another, for as long as I can remember. Why is the market set to rock now?
Risky Employee Web Use: Cloud Storms Gathering
How are you going to keep them on task when they can go to the Web? is not only a productivity question, it's a growing security concern. A new study indicates the concern is growing fast.
Information Cards Are Awesome; But Are Identifying Parties Really Ready To Do This Right?
Perhaps the greatest thing about information cards is that they might finally free us from the purpose-defeating and idiotic practice of using Social Security numbers as a nigh-universal identifier. But it won't work unless the Identifying Parties find a way to balance security with portability, and can smartly manage distribution, expiration, and destruction.
McAfee Acquires Secure Computing
McAfee is buying Secure Computing for $465 million, rounding out its network security business and strengthening its security risk management offerings among companies of all sizes.
Cloud Storage 2.0
Cloud storage 1.0 as it exists today has one primary service; it stores data. Not very exciting. Cloud storage 2.0 will have to provide the ability to do more with that data than just store it.