• Grisoft acquires Exploit Prevention Labs

    Exploit Prevention Labs specializes in safe surfing technology that protects Internet users against malicious web sites and drive-by downloaded exploits; Grisoft expands it Web security offerings

  • How to secure the new data center

    Virtualization is disruptive, and it changes the rules for how companies secure — or, rather, ought to secure — their data and their computing infrastructure

  • AFIT team wins annual DOD Cyber Crime Center Challenge

    Four graduate students from the Air Force Institute of Technology win highly competitive annual DOD Cyber Crime Center Challenge; the winning team used innovative techniques to crack passwords; repair damaged media such as CDs, DVDs, and a thumb drive; extract hidden information from audio files; and dissect digitally altered photos

  • Defense panel worries about foreign software development

    The U.S. Department of Defense and other government agencies rely more and more on software developed outside the U.S.; a Defense Science Board task force warns that this “creates a rich opportunity to damage or destroy elements of the [U.S.] warfighter’s capability”

  • McAfee sees wave of international cyber crime

    International cyber crime and espionage are on the rise, and will likely pose the most significant security threats in 2008; cyber attacks have evolved into well-funded and complex crime organizations. Governments in 120 countries — particularly China — and other allied groups are using the Internet for cyber espionage and attacks

  • SANS Top 20: Some IT risks did not materialize, others more severe

    SANS Top 20 IT risks (this year, the list contained only 18 of them) show that: Client-side threats are on the rise (if for nothing else, than owing to the sheer attention vendors paid to server-side risks); Web application threats are bigger than ever (50 percent of the 4,396 vulnerabilities report by SANS between November 2006 and October 2007 were Web application flaws); mobile, voice-over-IP (VoIP), IPv6, and zero-day threats were not as big as expected

  • Boeing successfully tests TSAT

    As worries about China’s growing anti-satellite warfare capabilities grow, Boeing and partner companies successfully test a system for encrypted communication with satellites

  • Rambus launches Terabyte Bandwidth Initiative

    Technology initiative will facilitate blazing-fast data rates of 16 Gbps and enable a future memory architecture which can deliver terabyte per second (TB/s) of memory bandwidth (1 terabyte = 1,024 gigabytes) to a single System-on-Chip (SoC)

  • Top Internet security risks of 2007 revealed today

    This year’s SANS Top 20 illuminates two new attack targets that criminals have chosen to exploit and the older targets where attackers have significantly raised the stakes

  • Security software may be posing security risks

    Security maven Thierry Zoller says that file-parsing bugs in security software could become a big problem: Increasing your use of antivirus software only increases the chances that you could be successfully attacked

  • Industry, military, academia to discuss cyber and national security

    In a three-day meeting in Shreveport this week, experts from industry, the military, and academia will discuss business, national and military security, the politics of cyber and its impact on the military planning and execution of the future

  • Pay attention to the human element in IT security

    As far as information security is concerned, even the world’s best technological solution cannot replace a piece of paper –- the company security policy

  • NSA may have put secret back door in new encryption protocol

    The U.S. government released NIST Special Publication 800-90 — a new official standard for random-number generators — earlier this year; the document contains four different approved techniques (Deterministic Random Bit Generators); one of those generators — the one based on elliptic curves and championed by the NSA — is three orders of magnitude slower than its peers; Why?

  • VoIP can be made secure for business purposes

    Many companies have security worries about VoIP, so they decide not to implement the technology even though it has many cost advantages over traditional telephony, Cisco’s Eric Vyncke argues that with proper attention and maintenance, VoIP can be made secure enough even for business purposes; A combination of secure switches, firewalls, and secure devices will not produce 100 percent security, but it can approach 99.9 percent,” he said

  • Corporate e-mail authentication battle royal: IP-based vs. signature-based

    There are two categorical approaches to corporate e-mail security: Path- or IP-based focuses on where the message originated and evaluates the network path traversed by the e-mail; cryptographic methods look at who sent the message