Stories by Sam Costello

Oblix updates NetPoint software

Oblix Inc. announced version 5.0 of its NetPoint identity management and authentication software Monday, touting new group management and administration features as well as added support for XML (extensible mark-up language).

Internet too complex to secure, says exec

When he goes to Washington, D.C. next week to testify before the U.S. Congress on computer and Internet security, Bruce Schneier, the chief technology officer of Counterpane Internet Security Inc., would like to tell them that such efforts are currently done poorly and with the wrong goals.

Security concerns prompt Safe Harbor Web site changes

Because of security concerns, two features were removed last week from a U.S. government Web site designed to aid the flow of personal information and commerce between the U.S. and the European Union, according to a notice posted on the Web site.

SuSE launches firewall application on CD

Linux operating system vendor SuSE Linux Inc., the U.S. subsidiary of SuSE Linux AG, Tuesday announced the release of its SuSE Linux Firewall on CD, a CD-ROM-based software firewall aimed at strengthening security for enterprises running Linux.

Mazu unveils TrafficManager to stop DDoS attacks

In the battle to stop Distributed Denial of Service (DDoS) attacks, a flood of new products have been offered recently. Many of these products offer a faster response to DoS attacks, but few promise to actually stop them. Cambridge, Massachusetts-based start-up Mazu Networks Inc., however, unveiled a product Monday, which, if the company's claims are to be believed, does just that.

Bug in Word can lead to security problems

Because of a flaw in Microsoft's Word word processor program, documents containing macros can be modified to bypass Word's security features and make possibly devastating changes to a user's computer, the company said Friday. A macro is a small script that can be used to automate tasks, such as text formatting on a document.

Flaw in Front Page on MS IIS can lead to trouble

A flaw in Microsoft's Internet Information Server (IIS) versions 4 and 5 -- software used to run an estimated 6 million Web servers worldwide -- can let an attacker execute code of his choice on the server, the company said Friday. The security hole is the second found in IIS this week and at least the fourth identified since the beginning of May.

Backdoors, Trojan plague Usenet, says McAfee

A part of the Internet that existed before the Web ever did, and was once among the busiest places online, is now, despite its loss of visitors (and many would argue, loss of quality, as well), a breeding ground for some of the Internet's most vicious viruses, according to anti-virus firm McAfee, a division of Network Associates.

VeriSign begins taking applications for .biz

VeriSign Inc., the company which oversees the .com, .org and .net domain names and will do the same for a number of soon-to-be-added domains, said Tuesday that it would begin taking applications for the upcoming .biz Top Level Domain (TLD) immediately.

PGP offers firewall, VPN, anti-virus in e-ppliance

PGP Security, a division of Network Associates Inc., will announce on Thursday the release of the e-ppliance 1000, an integrated firewall, VPN (virtual private network) and anti-virus appliance capable of securing up to 1G-bit per second of data.

Another serious security hole in Microsoft IIS

Due to a "serious" flaw in Microsoft's Index Server 2.0 and Indexing Service -- software that enables full-text searches and indexing in Windows NT 4.x and Windows 2000 -- an attacker may be able to take full control of Web servers running on those operating systems, as well as the still-in-beta Windows XP, the company said late Monday.

MS: Security hole in SQL lets attackers take over

A security flaw in Microsoft's SQL Server 7.0 and SQL Server 2000 Gold can allow an attacker to take control of a targeted server, the company said in a security bulletin late Tuesday night. Microsoft issued a patch for the flaw at the same time it released the bulletin.

SAP, Palm team on mobile CRM

SAP AG and Palm announced a joint technology, sales and marketing alliance aimed at enabling mobile access to enterprise portals, customer relationship management and supply chain management Wednesday at the Sapphire conference in Orlando.

Researcher: DDoS attacks are growing threats

Distributed denial of service attacks are growing in number and sophistication, though tools to fight them are just over the horizon, said Stefan Savage, a researcher at the University of California at San Diego and the founder and chief scientist at Asta Networks Inc.

[]