Security
Port
A Security Port Blog
Porn
Cause for Security Concerns. |
03/29/2006 | |
Workers misusing the Internet cause the
most security incidents after viruses in large UK
companies, a new government-sponsored study has
found.
Two-thirds of large businesses had at
least one online misuse incident last year and small
companies reported hundreds of e-mail abuses every day,
according to the results of the 2006 UK Department of
Trade and Industry's biennial Information Security
Breaches Survey. |
Security Vendor Patches IE Bug |
03/28/2006 | |
With Microsoft Corp. saying that it may
wait until April 11 to patch a critical vulnerability in
its Internet Explorer browser, security vendor eEye
Digital Security Inc. has released what it calls a
"temporary" patch to address the problem.
The
bug, which concerns the way IE processes Web pages using
the createTextRange() method, is now being exploited by
attackers on hundreds of malicious Web
sites
|
Security Spending in Asia to
Double |
03/28/2006 | |
Security spending is set to double by
2010, as businesses in the Asia-Pacific region snap up
more integrated security appliances, according to a new
report by research analyst IDC.
The overall
security appliance server market in the region excluding
Japan is expected to grow at a compound annual growth
rate of 15.6 percent over five years, to reach over
US$1.1 billion in 2010, IDC noted in a statement on
Monday. |
Verisign Security Assessment |
03/26/2006 | |
VeriSign has launched a risk profiling
service that gives companies an overall picture of how
good their security setup is.
The
service ties together risk profiling from Skybox
Security with threat research from VeriSign's own
iDefense, and explains how well a company can meet
current threats, as well as explaining how changes -
such as altering a firewall or installing a patch - will
affect the picture.
Complete
Article
|
Microsoft Slams Apples
Security |
03/27/2006 | |
A Microsoft security manager has called on
Apple to appoint a head of security and change how it
handles vulnerabilities and updates.
A security
program manager at Microsoft Corp. has scolded rival
Apple Computer for claiming that its security updates
are just as transparent, informative, and detailed as
those that come out of the Redmond, Wash. developer
every month.
Stephen Toulouse, a program manager
for the Microsoft Security Response Center and often the
MSRC's spokesman, has used several entries in his
personal blog to take Apple to the woodshed.
Complete
Article
|
UN
Security Councils Security |
03/27/2006 | |
According to Reuters:
The
U.N. Security Council has too often failed to act
swiftly and effectively to contain international crises
and needs to be reformed, the head of the U.N. nuclear
watchdog said on Saturday.
"Too
often, the Security Council's engagement is inadequate,
selective, or after the fact," said Mohamed ElBaradei,
last year's Nobel Peace Prize
winner.
|
Homeland Security Undersecretary Hale
resigns |
03/23/2006 | |
Janet Hale, the Homeland Security
Department’s first undersecretary for management, will
leave her post in early May.
In a March 22
statement announcing her resignation, Homeland Security
Secretary Michael Chertoff called her a pioneer and
commended her for merging the management and budget
functions of 22 agencies into the mammoth department.
|
Other Important Security Sites |
03/22/2006 | |
Security Protection - Locate RSS feeds
specific to security related issues. From homeland
security warnings to virus alerts. Get RSS feeds to
notify you of status changes.
Security Software - Finding the balance
between George Orwell's 1984 and assuredness that your
privacy is protected, has become a more difficult
balance with the emergence of new technologies. Security
Software is a resource that will assist you in
protecting your privacy without going to the
extremes.
Alarm Tools - Alarm solutions directory
including security alarms, burglar alarms, companies,
emergency response solutions and fire alarms.
|
GM
Security Guard Accused of Hacking |
03/20/2006 | |
A former security guard at General
Motors Corp.'s (GM) Warren technical center is accused
of taking employee Social Security numbers and using
them to hack into the company's employee vehicle
database.
James S. Green II, 35,
of Washington Township, found out what company cars the
employees drove and sent them bogus e-mails asking them
their thoughts on the vehicles, Macomb County sheriff's
Capt. Anthony Wickersham said Tuesday.
Complete
Article
|
RFID
Tags To Spread Viruses |
03/19/2006 | |
Radio frequency identification tags can be
used to spread computer viruses and attack middleware
applications and the databases behind them, a group of
Netherlands-based scientists said Wednesday.
At
an IEEE' conference on pervasive computing in Pisa,
Italy, Melanie Rieback, a third-year PhD student at
Amsterdam's Vrije Universiteit, presented a paper that
outlined the threat to RFID systems and laid out how the
small amount of memory in a tag -- in some cases as
little as 128 bytes -- could be used to corrupt
databases.
|
Failing Grades for Security |
03/19/2006 | |
For the fourth consecutive year, a large
percentage of federal agencies flunked their annual
network security review under the Federal Information
Security Management Act (FISMA), including the
Department of Homeland of Security (DHS) and the
Department of Defense (DOD).
Out of 24 reporting
agencies, 13 either scored an F or a D in the annual
report card scores required under FISMA.
|
New
Denial of Service Attack |
03/17/2006 | |
A new type of denial of service attack has
emerged, with an impact right across the internet,
security experts have warned.
The new style
distributed denial of service attack hits target
organisations by flooding their e-mail systems with
queries bounced off domain name system (DNS) servers.
|
International Conference on Energy
Security Opens in Moscow |
03/14/2006 | |
Representatives of G8 countries and
international organizations have gathered in Moscow for
a two-day international conference on energy security.
The main session of the conference will be
dedicated to the problems of energy safety and security.
Participants will also take part in the round table
discussion titled “The current state and perspectives
of nuclear power generation”. The conference drew
participation from the representatives of state
authorities, business circles, scientific and
technological organizations of G8 countries, as well as
from international bodies and organizations.
|
Tech
Companies Focus on Security |
03/14/2006 | |
Security is never far off the mind of most
people, and the companies that make money from fear are
here in abundance at the CeBIT technology trade
fair.
And that is not such a bad thing. Software
vendors like Symantec and SAP are showing users how to
protect their data without having such high fire walls
that no-one can communicate with customers.
And
Hitachi has launched a laptop which stores the vein
patterns of the user's middle finger.
|
BigFix Security Software |
03/14/2006 | |
BigFix on Monday announced support for
Macs that use Intel processors with a Universal Binary
release of its eponymouse security configuration
management software.
BigFix is a policy-based
system that provides enterprise network managers and IT
staff with the ability to manage, audit and track
computers connected to their network.
|
EMC
Buys Security Software |
03/14/2006 | |
EMC has quietly acquired Authentica, a
privately-held maker of security software that helps
companies and government agencies protect critical
information, for an undisclosed
sum.
|
Panda Platinum 2006 Internet Security
Named Best |
03/14/2006 | |
Panda Platinum 2006 Internet Security
takes first place, ahead of nine other solutions, in a
comparative review carried out by the Dutch national
consumer organization magazine, De Digitale Consument.
The technical analysis focused on the antivirus and
anti-spyware potential of the products, as well as the
firewall performance. The test used samples of about
3,500 threats, including viruses.
|
Homeland Security News |
03/13/2006 | |
Free News Submission Available for
Homeland Security Companies and Organizations at the National Homeland Security
Knowledgebase
The NHSK site now offers a free
news submission section where Homeland Security
companies and organizations can submit relevant news for
free. The site audience targeted to Homeland Security
creates a platform for a valuable PR and marketing
venue. Additionally, companies, government and
organizations can post job offerings within the industry
sector for a fee in the newly created "Homeland Security
Job Posting" section.
The National Homeland
Security Knowledgebase also includes comprehensive
Homeland Security information resources, news, Homeland
Security newsletter, investment research, technology
sectors, and a collection of links on Homeland Security
related topics.
|
Hacker Teaches |
03/10/2006 | |
He can find George Bush senior's social
security number and Leonardo DiCaprio's mother's maiden
name in under 15 seconds, and led the FBI on a
three-year manhunt as he hacked his way into the world's
biggest firms.
"Computer terrorist" Kevin
Mitnick is one of the world's most famous computer
hackers and became a cause celebre after breaking into
networks and stealing software at companies including
Sun Microsystems and Motorola.
Now Mitnick, from
the United States, travels the world teaching companies
how to guard against people just like
him.
|
Apple OS X Withstands University
Student Hacking Attempts |
03/10/2006 | |
The University of Wisconsin has ended its
OS X hacking contest with no successful hacking
attempts.
The challenge was cut short after the
University's Chief Information Officer found out about
it and deemed that it was unauthorized. The
competition's website has since been
removed.
|
Security Researchers Terminate Sites
Selling Trojans |
03/10/2006 | |
Several Web sites selling made-to-order
Trojan horses to hackers have been shut down, the two
cooperating security companies who led the investigation
said Wednesday.
U.S.-based RSA Security and
Spain's Panda Software collaborated in the effort to
identify, locate, and shutter five sites. Three were
marketing la carte Trojans for launching targeted
identity theft attacks against users of specific
financial institutions, while two were sites where the
buyers could monitor the infections the malware caused.
|
Two
Security Updates From Microsoft Next Week |
03/10/2006 | |
Microsoft said today it plans to issue two
software updates next week to patch a couple of security
holes in its Windows operating system and its Office
productivity suite. |
Mac
Hacker Mocks Security |
03/07/2006 | |
It took the winner of the 'rm-my-mac'
competition 30 minutes to gain root control of a Mac
Mini using an unpatched OSX exploit.
Gaining root
access to a Mac is "easy pickings", according to an
individual who won an OS X hacking challenge last month
by gaining root control of a machine using an
unpublished security vulnerability.
On 22
February, the Sweden-based Mac enthusiast set up his Mac
Mini as a server and invited hackers to break through
the computer's security and gain root control, which
would allow the attacker to take charge of the computer
and delete files and folders or install applications.
|
Port
Security Seen As Serious Issue |
03/06/2006 | |
Political turmoil over the Bush
administration's decision to allow an Arab
government-owned company to operate shipping terminals
at U.S. ports has sparked new efforts in Congress to
tighten port security.
With loud public criticism
concerning the deal to allow Dubai Ports World, a firm
owned by the United Arab Emirates government, to operate
six East Coast and Gulf seaports, lawmakers are dusting
off proposals to tighten maritime cargo security this
election year.
"We took care of aviation pretty
well, we beefed up rail, but ports haven't had the
attention they should," said Sen. Kay Bailey Hutchison,
R-Texas. "I think there is momentum for a broader look
at port security. We have the attention of the rest of
Congress" as the result of the Dubai
debate.
|
RSA
Adaptive Authentication |
03/06/2006 | |
RSA Security on March 1 announced a new
risk-based authentication product and said that ETrade
Financial would use the program to secure log-ins for
all its online brokerage
customers.
RSA Adaptive
Authentication is a multi-tiered authentication scheme
that combines RSA's SecurID tokens and tokenless
"risk-based" authentication from Cyota. The new service
will allow banks and financial services companies to
extend more security to the masses of online banking
customers.
Complete Article
|
George Orwell's Thoughts |
03/06/2006 | |
What would George Orwell think of the
U.S. government's inquiry of search data to see a
snapshot of just what people are searching for?
Amid the fallout of the inquiry,
industry experts convened at the Search Engine
Strategies 2006 Conference ?
Complete
Article
|
Researchers Not Sharing Virus
Details |
03/05/2006 | |
Researchers are wondering why a group
claiming to have found the first PC-to-mobile Trojan is
unwilling to play by the gentleman's rules of security
researchers. Normally, new viruses are shared by the
discoverers, so vendors can verify the find and update
their own anti-virus software. But MARA, a
non-commercial collection of malware researchers, will
only share the alleged Trojan within its
membership.
This has caused a problem for
anti-virus researchers who find MARA's stand
puzzling.
|
Mobile Anti-Virus |
03/04/2006 | |
As anti-virus researchers have discovered
evidence of the first mobile phone Trojan
(Redbrowser.A) targeting J2ME (Java 2 Platform, Micro
Edition) devices, Finnish anti-virus vendor F-Secure has
issued updated the virus definitions for their Mobile
Anti-Virus to combat this
threat.
|
Apple Releases Security Patch |
03/04/2006
|
|
Apple Computer releases its first security
update of 2006 to patch 17 bugs, including a critical
flaw in the Safari browser and a gaffe in iChat that
was used by the first Mac OS X worm to infect Macintosh
machines.
|
Blog Archive
March Archive
February Archive
January Archive
| |
 |

Security Alerts
Locate security alerts, and security feeds via a security rss feed
directory.
|