Latest Product Reviews

NETASQ U120

July 01, 2010  |  NETASQ U120
The U120 from NETASQ includes a firewall, HTTP proxy with URL filtering, and an anti-spam engine.
 

Symantec Endpoint Protection v11

July 01, 2010  |  Symantec Endpoint Protection v11
Symantec Endpoint Protection combines many Symantec protection technologies into a single, agent-based suite for desktops, servers and mobile devices.
 

Latest News

Black Hat 2010: Even with SSL/TLS, browsers still are susceptible to attack

Dan Kaplan July 29, 2010

Two researchers at the Black Hat conference in Las Vegas on Thursday exposed 24 ways hackers can hijack seemingly secure browser sessions.
 

Black Hat 2010: Like Safari, Internet Explorer 6 and 7 suffer from auto-fill flaw

Angela Moscaritolo July 29, 2010

Internet Explorer suffers from a similar auto-fill feature that Apple is grappling with, a well-known web researcher said Thursday at the Black Hat conference in Las Vegas.
 

SC Magazine earns top honor at ASBPE Awards

Staff Report July 29, 2010

SC Magazine took top honors as the 2010 Magazine of the Year at the annual Azbee Awards of Excellence gala held in New York on Wednesday evening.
 

Black Hat 2010: Researcher Jack uses design, authentication flaws to force ATMs to spit out cash

Dan Kaplan July 28, 2010

Making a dream come true for anyone who ever has seen their chips evaporate at a Las Vegas casino, a security researcher on Wednesday forced two ATMs to spit out bundles of cash thanks to security weaknesses in the machines.
 

Black Hat 2010: Some vendors oppose "bug bounty" programs, researchers disagree

Angela Moscaritolo July 28, 2010

Researchers, vendors and CISOs sounded off at the Black Hat conference on Wednesday on how vendors and researchers best can achieve satisfaction in the vulnerability disclosure arena.
 

Latest Opinions

Black Hat 2010: Why user quality and design matter for VPNs

Martin Hack, EVP at NCP engineering July 28, 2010

At this week's Black Hat 2010 in Las Vegas, NCP engineering is releasing a new white paper that sheds light on common VPN vulnerabilities that put organizations at risk.
 

Answers, not data: The key to access security

David Rowe, CEO, NetVision July 27, 2010

Compliance TNG (the next generation) is the emergence of internal and external guidelines and best practices that are concerned with security rather than just compliance success.
 

Stuxnet: a wake-up call, but not necessarily a nightmare

Eric Knapp, director of critical infrastructure markets, NitroSecurity July 26, 2010

The fact that a new strain of malware specifically is targeting critical infrastructure control systems certainly is troubling, but because SCADA platforms are designed to be predictable, suspicious activity can be detected.
 

Burgeoning mobile Wi-Fi hotspots present risks to enterprises

Ajay Gupta, tech lead of engineering, AirTight Networks July 23, 2010

While most people are familiar with traditional Wi-Fi hotspots, organizations must recognize the security ramifications presented by growing numbers of mobile hotspots.
 

Implications of desktop virtualization for secure remote access

Sai Allavarpu, senior director of product marketing, Citrix Systems July 20, 2010

Many organizations may be considering server virtualization, but next on the horizon is desktop virtualization, which promises to deliver secure remote access and WAN optimization, among other benefits.
 

The shadowy world of the advanced persistent threat and botnets

Greg Hoglund, founder and CEO, HBGary July 15, 2010

Botnets have evolved into full-fledged criminal enterprises, and those organizations that take the threat lightly will be the ones paying in the end.
 

Health care security: feeling better yet?

Peter Spier, senior risk management consultant, Fortex Technologies July 13, 2010

As health care entities face new compliance demands, a free framework could offer some help.
 

The SC Podcast

2010 SC Awards




The winners of the 2010 SC Awards U.S. were announced in San Francisco. Click here to see the results.

ASBPE Awards 2009

SC Magazine wins 7 ASBPE Awards

We received two national ASPBE Golds, two Northeast Region Golds and three Silvers.
 

SC Magazine
2010 edit calendar

SC Magazine's 2010 editorial calendar is now available.

Click here to download the PDF.

Perspectives: 20 years of IT security

For SC Magazine's 20th anniversary, we rounded up a number of security veterans to get their perspectives on the past 20 years of security. Click here to view this special anthology.

Join us on Facebook!

Follow us on Twitter!

The News Team Blog

Black Hat 2010 notebook: Day Two

July 29, 2010

DEFCON is in sight, but not before the final day of Black Hat. Here's what's making news at this hour.
 

SC Scholars


Check out SC Magazine's recently launched online educational program, geared specifically for information security professionals.

SC News Bytes

Juniper Networks to acquire SMobile Systems

Juniper Networks has agreed to acquire Columbus, Ohio-based SMobile Systems, a privately held software company focused on smartphone and tablet security solutions, for $70 million. The acquisition will further enable Juniper customers to remotely and securely connect their PCs and smartphones to corporate networks. According to Infonetics Research, the mobile client security market is projected to grow to more than $1 billion by 2014. - GM
 

Safari update fixes auto-fill flaw ahead of Black Hat talk

Apple on Wednesday issued updates for its Safari 4 and 5 web browser to fix 15 vulnerabilities, some of which could lead to arbitrary code execution or information disclosure. Safari 5.0.1 and 4.1.1 fix an issue with the browser's auto-fill feature, which is used to automatically fill out web forms using information in a user's computer or address book. The flaw could allow a maliciously crafted website to trigger auto-fill without user interaction, potentially leading to information disclosure. The patch comes one day before Jeremiah Grossman, founder and CTO of WhiteHat Security, is set to present about the vulnerability at the Black Hat conference in Las Vegas. The Safari updates also fix several flaws in WebKit, an open-source application framework. - AM
 
more »

From the Blogs


The Data Breach Blog

Employee at Maryland state agency posts client information online

The personal information of clients of the Maryland Department of Human Resources (DHR) recently was posted on a third-party website, where it remained for nearly three months.
 

Sensitive database compromised at Buena Vista University

A sensitive database at Buena Vista University in Iowa was compromised, exposing the information of students and staff.
 

SC Magazine Poll




AVAILABLE ON DEMAND
CLICK HERE to view these sessions on demand,
including keynote speaker Jerry Archer, SVP and CSO of Sallie Mae


 Subscribe to the RSS for this page  [view all our RSS feeds here]
Popular Topics
Access Control Analyst Reports & Industry Surveys Apple Threats Application Security Awareness Training Breaches & Exposures Browser Flaws Browsers And Security Cybercrime Cybersecurity Education Government Insider Threats Malware Microsoft Mobile Endpoint Security Patch Management Privacy Regulation SCADA USB Vulnerabilities Vulnerabilities & Flaws Vulnerability Disclosure Vulnerability Management Windows