October was a scary month for IT administrators in charge of filtering spam, according to a pair of reports from messaging security firms.

A team of university researchers have disclosed a flaw in Windows 2000's random number generator (RNG). Microsoft has downplayed the vulnerability, saying it could only be exploited by a user of the victimized computer.

An uncertain economy is likely to negatively impact IT spending next year, especially within large enterprises, according to a new report from Computer Economics.

The screaming headlines have been running for years. Whether they're in press releases about cybercrime exceeding international drug profits or the billions of dollars lost to breach disclosures or videos highlighting the meltdown of power generators due to a myriad of vulnerabilities, the anti-malware industry has long relied on fear to move their products.

Karl Hart is one ISO who sees organizations saving big bucks by virtualizing their data centers, but risks loom, reports Dan Kaplan.

The latest happenings in the boardrooms of the IT security world.

Clothing retailer Gap Inc. revealed that a laptop containing the Social Security numbers of 800,000 job applicants was stolen from a third-party vendor. The laptop contained info of job applicants who applied to the company's Old Navy, Banana Republic, Gap and Outlet stores. The vendor, not identified by Gap, contacted law enforcement authorities about the breach. The data was not encrypted.

A legion of data exposures have occurred over the past year, with many affected companies not only being forced to address customer and investor concerns, but also pay fines and adhere to prolonged sets of requirements administered by the Federal Trade Commission. So just how is news of such breaches, exposures and possible thefts affecting the way organizations -- large and small -- focus on information security plans?

When enterprise data met email and IM, important data began leaking out of corporations unnoticed and it spawned a new security problem called data leakage.

A California man was arrested this week on charges that he attacked organizations, including the anti-phishing community CastleCops, with botnets.