Last week's Sasser worm outbreak, which disrupted operations at some businesses while leaving most virtually untouched, highlighted the difference a good vulnerability management strategy can make to a company's defenses, users and analysts said.
The Sasser worm outbreak, which disrupted operations at some businesses but left most virtually untouched, highlighted the difference a good vulnerability management strategy can make to a company's defenses, users and analysts said.
Corporate users are keeping a wary eye on their networks for signs of the W32/Sasser worm that has been infecting systems worldwide since late Friday, even as antivirus firms are warning of several new variants.
The U.S. Department of Homeland Security and US-CERT are warning of a serious vulnerability affecting several Cisco Systems Inc. switches and routers that could result in sustained denial-of-service conditions.
Microsoft's release last Tuesday of three critical patches to fix 20 flaws in various Windows products drew flak from users who expressed frustration at the company's continuing problems with security.
Microsoft Corp. Tuesday released four new security bulletins detailing patches for several critical vulnerabilities, including one that fixes 14 separate flaws, in a wide range of Windows software.
FRAMINGHAM (03/17/2004) - Companies concerned about potential liability issues raised by California's identity-theft law may have a whole lot more to worry about if a recently proposed piece of similar legislation is passed.
Companies that use telemarketing and e-mail to deliver direct marketing messages to consumers are being seriously affected by new laws and growing consumer privacy concerns, according to delegates at the Fourth Annual Privacy & Security Summit, which is being held in Washington, D.C. , this week.
Dealing with a distributed denial-of-service attack such as the one that took down The SCO Group's Web site last week continues to be a major challenge for companies, security experts said. But several options are available to at least help alleviate the pain for those that become targets.
FRAMINGHAM (01/13/2004) - Several critical vulnerabilities have been discovered in voice over Internet Protocol (VoIP) and videoconferencing products based on the H.323 protocol that's used in IP telephony applications to exchange audio and video communications.
FRAMINGHAM (01/09/2004) - A report earlier this week about a critical flaw in the Linux kernel was the latest in a series of recently discovered security problems with the popular open-source operating system.
FRAMINGHAM (11/21/2003) - The upcoming holiday shopping season promises to be a busy one not just for Internet retailers, but for opportunistic online fraudsters and identity thieves as well.
Job seekers who go to online sites to look for employment run a considerable risk of having their personal information improperly sold, shared or used for profiling purposes.
WASHINGTON (11/07/2003) - The need to comply with an array of complex data laws will dominate the security agenda in 2004, according to attendees at the Computer Security Institute conference here this week.
FRAMINGHAM (10/24/2003) - Paul Mockapetris invented the Internet's core Domain Name System (DNS), which is a highly distributed hierarchical database that translates Web names into Internet Protocol addresses, and vice versa. Without it, the Internet as it's structured today wouldn't work. In an interview this week with Computerworld, he talked about the state of the DNS a year after the first distributed denial-of-service attack on the system.