The Liberty Alliance, the group led by Sun Microsystems Inc. which is working to offer an alternative single sign-on technology to Microsoft Corp.'s Passport, announced 11 new members Tuesday and set a date for when it hopes to complete the first technical specifications for its system for authenticating users on the Web.
Lockstep Systems Inc. Tuesday announced a new version of its WebAgain automated Web site repair software, with the new version adding detection and removal of trojans and backdoor programs, better support for VPNs (virtual private networks), expanded protocol support and international language editions.
Cybersecurity and the protection of critical computer infrastructure have become a hot topic at trade shows, with vendors and in the halls of Congress since September 11, with new initiatives, legislation, partnerships and products springing up almost weekly. The RSA Conference 2002 security show, to be held February 18 to February 22 in California, doesn't figure to be any different.
Recourse Technologies will release a new version of its ManHunt security tool in March, adding new security-event correlation and analysis features, intrusion-detection options and enhanced reporting to the product.
Flaws in how SNMP (Simple Network Management Protocol) is implemented in a raft of products could allow attackers to stage denial of service attacks, take over systems and threaten the Internet, according to a new alert from the federally funded computer security body CERT/CC (Computer Emergency Response Team/Coordination Center).
In an attempt to add a new layer of features to its Personal Firewall service, McAfee.com will integrate the Visual Trace traceroute application with its firewall in March, according to Sam Curry, McAfee.com security architect.
Web servers used for e-commerce, financial services and other tasks that make intensive use of SSL (secure sockets layer) encryption are often slowed by having to devote processor time to decrypt, interpret and process encrypted traffic.
A week after first issuing an alert about the problem, firewall and intrusion-detection system vendor Internet Security Systems (ISS) released a patch to fix a security flaw in its BlackICE security products that could have led to a denial-of-service attack.
Microsoft confirmed Friday that its instant messaging programs MSN Messenger and the Windows Messenger included with the company's Windows XP operating system can allow users' names and e-mail addresses, as well as those of all their chat buddies, to be viewed. The issue was first mentioned in an alert posted to the Bugtraq security e-mail list on February 2.
Microsoft confirmed Friday that its instant messaging programs MSN Messenger and the Windows Messenger included with the company's Windows XP operating system can allow users' names and e-mail addresses, as well as those of all their chat buddies, to be viewed. The issue was first mentioned in an alert posted to the Bugtraq security e-mail list on February 2.
If you don't succeed the first seven times, try, try (and try some more) again. That seems to be the lesson Friday as Microsoft acknowledged new vulnerabilities in the Telnet code included in Windows 2000, eight months after issuing a patch that fixed seven other security holes in Windows 2000's Telnet.
New York state Attorney General Eliot Spitzer Thursday filed suit against Network Associates Inc. seeking to end restrictions that he charges Network Associates places on what its customers may say about the company.
A security vulnerability in an antipiracy tool included in Microsoft Corp.'s Office v. X for the Macintosh can allow an attacker to crash applications in Office, Microsoft said in a bug alert Thursday. The company has released a patch to fix the problem.
In mid-January, Russian law enforcement, with help from the U.S. Secret Service and U.S. Federal Bureau of Investigation (FBI), arrested a computer hacker who had attempted to extort US$10,000 from a U.S. bank, according to a Secret Service agent.
Numerous juicy nuggets of information and interesting facts were mentioned as asides or in passing by speakers at the CyberCrime 2002 conference, which concludes here Tuesday. The conference brought together academics, security professionals from the private sector, national, state and local law enforcement agents, including members of the U.S. Federal Bureau of Investigation, and representatives of government computer security bodies such as the National Infrastructure Protection Center. Though every interesting tidbit did not warrant its own story, presented here are some of the more choice statements, proposals, suggestions and facts.