Subscribe: Sharp Ideas Information Security Aggregator
http://www.sharp-ideas.net/research/infosec_news.rss
Added By: Feedage Forager Feedage Grade B rated
Language: English
Tags:
cost  credit card  exploit  identity  internet  microsoft  new  review total  security  solutions  spam  technology  virus  windows 
Rate this Feed
Rate this feedRate this feedRate this feedRate this feedRate this feed
Rate this feed 1 starRate this feed 2 starRate this feed 3 starRate this feed 4 starRate this feed 5 star

Comments (0)

Feed Details and Statistics Feed Statistics
Preview: Sharp Ideas Information Security Aggregator

Sharp Ideas Information Security Aggregator



Up to date information security headlines



 



The IT Product Guide
We’ve just unveiled the public beta of the IT Product Guide, a new online tool to help IT buyers make smarter purchases.



ISA Server 2004 is a pleasant security surprise
I take a snip here, make a snide remark there, even endure a cheap shot every so often, but for the most part, nothing happens. Microsoft and security are two things that simply don’t want to mix. Such is the life of the Microsoft pundit. But just when I’m ready to start writing about Gameboys, I get a chance to check out something new.



Fixing what's wrong with backup
It's no secret that the old-fashioned approach to data protection – backing up copies to tape -- often can't keep pace with the disproportionate information growth faced by many companies.



Dam that spam
Spam annoys everyone, even Bill Gates. That’s why Microsoft recently proposed a technology it called "Caller ID for e-mail" which is intended to verify that the sender shown in the From: part of an e-mail is the real sender. Several other organizations have come up with their own versions of this idea, and the different standards may become integrated into a single standard called the Sender ID Framework -- if all interested parties can come to an agreement.



Offshoring: More fret than threat?
This year's survey participants cite a wide range of projects underway and a broad set of challenges facing them in the coming year. But there is one area that our respondents clearly aren't too concerned about, despite the persistent news buzz: offshore outsourcing of application development projects.



The IT Product Guide 
We’ve just unveiled the public beta of the IT Product Guide, a new online tool to help IT buyers make smarter purchases.



Product Previews
Netegrity Strengthens Identity for Web Services Netegrity has released TransactionMinder 6.0, the latest edition of its policy-based identity access management system that extends Netegrity's secure single-sign on, delegated administration, and federated identity and session management capabilities to include Web services and SOAs (service-oriented architectures). The new version offers full support for the WS-Security 1.0 standard out of the box, including XML encryption within the WS-Security framework and support for WS-Security authentication based on SAML (Security Assertion Markup Language) tokens. The product features a proxy mode, which lets TransactionMinder secure Web services running on application servers such as IBM WebSphere and BEA Weblogic. Additionally, XML agents can be deployed on Web servers such as Microsoft IIS or Apache. TransactionMinder is priced at $40,000 per CPU. TransactionMinder 6.0, Netegrity  



Rival solutions smack down spam
Spam is such a significant problem these days that even the federal government has gotten involved, passing legislation such as the CAN-SPAM Act. Meanwhile, a wide variety of companies has collaborated on an authentication scheme called the Sender ID Framework, aimed at making e-mail fraud even harder to perpetrate. Realistically, though, neither CAN-SPAM nor e-mail-sender authentication is likely to do much to stem the flood of mail. Fortunately, anti-spam products continue to evolve and improve.



E-business sites hit with attacks, extortion threats
A distributed denial-of-service attack that disrupted Web-based systems at credit card payment processing firm Authorize.Net earlier this week is indicative of a sharp increase in the number of cyberattacks being targeted at specific companies and driven by profit motives on the part of the hackers who launch them.



News: Feds invite comment on Internet wiretaps
U.S. regulators open a public comment period on a plan to wire broadband and VoIP systems for law enforcement surveillance.



News: JPEG exploit toolkit spotted online
A toolkit designed to exploit a recently-disclosed Microsoft JPEG vulnerability has been released onto the net.



ADV: Microsoft Server Software Systems
Technology managers give Microsoft high marks for cost-saving management solutions. Review total cost of ownership studies to learn how you can save with Windows.






Study: Security measures often overlook human factor
Top execs quicker to throw money at tech solutions than to properly train employees--who could be the real problem.



Symantec plugs holes in firewall
Security specialist issues patches for vulnerabilities that could have allowed denial-of-service attacks against some hardware models.



Elsewhere: VeriSign creates kid credentials
VeriSign and a children's safety group has unveiled a new technology designed to make it easier for children to avoid child predators online. The i-Stik token, inserted ...



Elsewhere: Hackers use Google to access photocopiers
Making copies of something important? Photocopiers are the latest networked devices to fall prey to hackers armed with nothing more than Google's search engine Hackers a...



Elsewhere: Jpeg exploit virus appears
A virus designed to exploit a recent disclosed hole in Internet Explorer is already doing the rounds on the Internet. Security experts have warned it could allow remote ...



Security firm justifies virus writer's job
SecurePoint says the alleged Sasser author was "just an immature boy with mindless intent" who wants to make amends.






ADV: Microsoft Server Software Systems
Technology managers give Microsoft high marks for cost-saving management solutions. Review total cost of ownership studies to learn how you can save with Windows.












Technology and the 9/11 Commission
Former government undersecretary William Schneider Jr. says the United States needs better identity authentication practices.






Ex-CA boss Kumar pleads not guilty
Former Computer Associates (CA) CEO Sanjay Kumar pleaded not guilty on Thursday in U.S. District Court in Brooklyn, N.Y., to charges of securities fraud and obstruction of justice involving a multi-billion dollar accounting scandal.





















ADV: Microsoft Server Software Systems
Technology managers give Microsoft high marks for cost-saving management solutions. Review total cost of ownership studies to learn how you can save with Windows.



Columnists: Online Theft
Identity theft meets the global virus epidemic, enabling fraud that finally gets people's attention.



New, dangerous Microsoft JPEG exploit released
New computer code that exploits a recently disclosed hole in Microsoft Corp.'s Internet Explorer Web browser is circulating on the Internet and could allow remote attackers to take full control of vulnerable Windows machines, according to warnings from antivirus companies and Internet security experts.



Elsewhere: Code to exploit Windows graphics flaw now public
A sample program hit the Internet on Wednesday, showing by example how malicious coders could compromise Windows computers by using a flaw in the handling of a widespread...



Elsewhere: IT security culture must start from the top
Senior executives need to help companies build an IT security-conscious culture from the top down, according to new research by Ernst & Young. Respondents to its Global ...



Elsewhere: Microsoft to secure IE for XP only
If you're one of about 200 million people using older versions of Windows and you want the latest security enhancements to Internet Explorer, get your credit card ready. ...



Infocus: Detecting Worms and Abnormal Activities with NetFlow, Part 2
This paper discusses the use of NetFlow, a traffic profile monitoring technology available on many routers, for use in the early detection of worms, spammers, and other abnormal network activity in large enterprise networks and service providers. Part 2 of 2.



News: US credit card firm fights DDoS attack
US credit card processing firm Authorize.Net is fighting a sustained distributed denial of service (DDoS) attack that has left it struggling to stay online.



Anti-spam standard body dismantled
The IETF (Internet Engineering Task Force) has disbanded its anti-spam working group, MARID (MTA Authorization Records In DNS) working group, in part because of an intellectual-property row surrounding Microsoft Corp.'s Sender ID proposal.



Nokia adds anti-virus protection to new smart phone
Finnish mobile phone manufacturer Nokia Corp. will offer mobile anti-virus software through F-Secure Corp. as one of the features in its new Nokia 6670 smart phone when it is released in October, the companies announced Thursday.



Senate panel approves spyware, wireless privacy bills
WASHINGTON -- The U.S. Senate Commerce, Science and Transportation Committee on Wednesday approved bills intended to fight computer spyware and to protect wireless phone customers from potential privacy problems associated with a wireless phone number directory.


















ADV: Microsoft Server Software Systems
Technology managers give Microsoft high marks for cost-saving management solutions. Review total cost of ownership studies to learn how you can save with Windows.