Security researchers at Symantec have placed the blame for a variety of problems users are experiencing with Microsoft's Windows XP Service Pack 3 squarely on Microsoft.

Federated identity management solutions offer the promise of single sign-on, but are slow to see adoption, Jim Carr discovers.

Unlike the more widely known distributed denial-of-service attack, which disrupts service to a website or is used to deliver malware, a so-called permanent denial-of-service attack can sabotage hardware.

Federal agencies continued to show slight improvement in 2007 in their ability to protect sensitive data.

A U.S. Department of Homeland Security-sponsored project has not only discovered that the quality of open-source software code has improved significantly over the past two years, it has debunked a widely held assumption that longer function strings within source code are associated with an increased number of code defects.

An easy-to-fix -- but often overlooked -- problem most likely took the National Security Agency's website and its mail services down for six or seven hours on Thursday.

The apparent development of a malicious rootkit for Cisco System's routers, which control much of the traffic on the internet, is a wake-up call to network administrators to ensure their Cisco devices are properly secured and configured.

A startup vendor of security software says it has a solution to the so-called "cold boot" encryption vulnerability uncovered by a team of Princeton researchers in February.

Microsoft fixed six vulnerabilities, three of them rated critical, with four patches in its May Patch Tuesday round this week.

Counterfeit networking equipment could jeopardize the security of U.S. military and other government systems.