Matteo Raimondi Bitflow Comunione Liberazione

Mobile Version Subscribe Contact Us About Us Advertising Editorial SC UK SC Aus/NZ

RSS | Login | Register

Latest Product Reviews

BigFix Security Configuration and Vulnerability Management

February 01, 2010 |

Security Configuration and Vulnerability Management from BixFix goes beyond standard vulnerability management.

Novell ZENworks Patch Management

February 01, 2010 |

Novell ZENworks Patch Management is a solution that helps to analyze endpoints and deploy patches across multiple platforms in an enterprise.

Latest News

New "Bugat" trojan harvesting banking credentials

Angela Moscaritolo February 09, 2010

A new banking trojan has arrived on the scene and it uses unique features to steal login information, researchers at SecureWorks said Tuesday.

SMB, DirectShow top the list of Microsoft patches

Dan Kaplan February 09, 2010

After a restful January, Microsoft pushed out 13 patches to rectify 26 vulnerabilities, mostly affecting issues in Windows.

China's largest hacker training site shuttered

Angela Moscaritolo February 08, 2010

The shutdown of a major Chinese website that offered hacking tools comes during a rocky time for U.S.-China cyber-relations.

Mozilla says two Firefox browser plug-ins contain trojan

Dan Kaplan February 08, 2010

Mozilla is advising users who may have downloaded two "experimental" Firefox add-ons that they contain malware.

Mass injection web hacks yield to targeted attacks

Angela Moscaritolo February 05, 2010

During the second half of 2009, attackers shifted their strategy away from mass-injection campaigns and instead focused on launching targeted attacks to infect high-profile websites, Websense found in a new report.

Solutions for defending against malware's nasty cousin: crimeware

Courtlend Little, senior product manager, Solutionary February 02, 2010

Preventing crimeware requires a multifaceted approach. Fortunately, the Payment Card Industry Data Security Standard (PCI DSS) offers a viable point of reference.

Top five idealistic security recommendations

Lysa Myers, director of research, West Coast Labs January 29, 2010

How applying a new take on the five stages of grief can help to manage information security functions.

Securing the network fabric versus the perimeter

Gary Kinghorn, senior product marketing manager for security products at 3Com Corproation January 25, 2010

With regards to network security and setting perimeters, what constitutes legitimate network activity?

Companies must consider security when choosing a cloud provider

Mushegh Hakhinian, security architect and John Landy, CTO, both of IntraLinks January 13, 2010

There is no denying that cloud computing is here to stay -- the question now is ensuring that organizations choose a trustworthy provider.

The death of security assessments?

Steve Dauber, vice president of marketing, RedSeal Systems January 08, 2010

After breaches such as at Heartland Payment Systems, the time may have come for organizations to stop relying on security assessments in favor of potentially more effective risk management tactics.

ASBPE Awards 2009

SC Magazine wins 7 ASBPE Awards

We received two national ASPBE Golds, two Northeast Region Golds and three Silvers.

Join us on FaceBook!

Click here for the latest issue »

Look what you're missing

We've rounded up some of the information security industry's best and brightest, and now they are personally blogging for YOU about some of today's most pressing security issues. Follow their astute, insightful and sometimes controversial remarks here, as we gear up for SC Magazine Awards 2010 on March 2 in San Francisco.

Fourth Annual IT Security Entrepreneurs' Forum

The Security Innovation Network (SINET) invites you to join us at Stanford University on March 16 and 17 for the Fourth Annual IT Security Entrepreneurs' Forum.

The IT Security Entrepreneurs' Forum (ITSEF) levels the playing field for early stage, emerging companies and raises the awareness of next-generation solutions into the federal government, industry and system integration markets.

SC Magazine Poll

Should software companies pay researchers for every vulnerability submission they make?(polls)

SC News Bytes

Zeus targeting government and military workers

A new campaign of the password-stealing Zeus trojan is targeting workers from government and military departments in the United States and United Kingdom, according to security researchers at Websense. The trojan is being distributed through spoofed emails claiming to come from the U.S. National Intelligence Council. The bogus messages contain subject lines such as "Report of the National Intelligence Council." The emails aim to lure users into downloading a document about the "2020 project," which actually is Zeus. — AM

Oracle fixes WebLogic bug; 11g flaw exposed

Oracle on Thursday released a fix for a zero-day vulnerability in its WebLogic Node Manager. The publicly released bug can allow an attacker to fully compromise a targeted server on Windows, according to an Oracle blog post. The patch does not appear to be related to researcher David Litchfield's talk this week at the Black Hat conference in Washington, D.C., where he revealed how zero-day vulnerabilities in the Oracle 11g database could be used to bypass security and take complete control of the popular software. — DK

The Data Breach Blog

Payroll processing firm Ceridian Corp. hacked

A hacker recently attacked the payroll processing firm Ceridian Corp. of Bloomington, Minn. and gained access to sensitive information of employees working at 1,900 companies nationwide.

SC Magazine's try at predicting 2010

One of the great unintended consequences of my job, having covered the IT security space for nearly four years, is my great inability to accurately gauge the awareness that mainstream America has for cyber-risks.

Perspectives: 20 years of IT security

For SC Magazine's 20th anniversary, we rounded up a number of security veterans to get their perspectives on the past 20 years of security. Click here to view this special anthology.