FBI Top 20 Vulnerabilities   Latest Virus Information   Latest Threat Information

Internet complexity, insecurity could stifle innovation, expert says

MARCH 2007 | Security pros are constantly weighing whether a new security policy could be costly to employee flexibility and productivity. But in recent years, one expert says, less flexibility appears to be the new standard as vendors protect their products from Web-based attacks -- and it could stifle technological innovation. (Full Story)

Phishing, Crimeware Jump in '07

MARCH 2007 | Phishing Websites and crimeware both hit an all-time high in January, according to the Anti-Phishing Working Group's latest report, which was released yesterday. And for the first time, ISPs surpassed retail as the second-most targeted industry sector -- although they are way behind financial services, which accounts for 88.9 percent of phishing attacks. (Full story)

Gartner: IT departments lack finances to protect data

MARCH 2007 | Data breaches like the one TJX recently disclosed are starting to take a heavy toll on consumers, according to the newly-released results of a Gartner Inc. survey.

The Stamford, Conn.-based research firm said in a report released Tuesday that 15 million Americans suffered from identity theft between mid-2005 and mid-2006. That's a 50% increase since 2003, when the Federal Trade Commission (FTC) reported 9.9 million American identity theft victims. The people Gartner surveyed weren't affected by the more recent TJX breach, but that company's mistakes mirror the failures of other merchants to protect customer data, said Avivah Litan, a vice president at Gartner. (Full Story)

VOIP More Vulnerable

December 2006 | If you're talking over your IP network right now, then voice-over-IP should be at the top of your security priorities for next year.

Securing enterprise IP voice hasn't been on most organizations' radar screens, mostly because VOIP so far hasn't been a popular target of attackers or bug hunters, nor have many organizations torn out their traditional voice systems altogether, anyway. But security experts say it's time to make VOIP security a priority. (Full story)

DOD bars use of HTML e-mail, Outlook Web Access

December 2006 | Due to an increased network threat condition, the Defense Department is blocking all HTML-based e-mail messages and has banned the use of Outlook Web Access e-mail applications, according to a spokesman for the Joint Task Force for Global Network Operations. (Full story)

Standard May Hold Key to Encryption

December 2006 | After decades of operating in the shadows, encryption is now becoming cool for mainstream organizations. And it may soon become easier to manage, too: OASIS, the Organization for the Advancement of Structured Information Standards, is developing a standard for managing symmetric encryption keys. (Full story)

Firefox 2.0 vs. Internet Explorer 7

December 2006 | Web browsers are among the most commonly used software. Recently, both Internet Explorer 7 (IE7) and Firefox 2.0 trumpeted new or improved security features during their well-publicized launch campaigns. While these features are primarily aimed to attract the business user, they also are directed toward the everyday user who has started to take Internet security more seriously. But what are these new features and do they make using the Web any safer? (Full story)

Zero-Days Top 2006 Attack List

November 2006 | "Zero day" was the mantra for attackers in 2006, and the trend shows no signs of letting up next year, according to a new report issued by The SANS Institute earlier today. (Full story)

Final Notice: PCI DSS Enforcement

September 2006 | Tougher data security rules await credit card data processors, as new PCI guidance and the threat of stricter enforcement push retailers to improve data protection. But rules aren’t the only reason companies should shape up. As hackers, phishers, and fraudsters close in, will retailers wake up and smell the peril? (Full story)