Your search for falls returned 106 results.

Too often, network security relies on placing firewalls in front of public network access points and calling it a day. The assumptions are 1) being on a private network is synonymous with being on campus 2) campus users are implicitly trustworthy and 3) external threats are mitigated by the perimeter firewall. OpenOffice.org released a new version of its productivity suite this week, fixing a flaw that could allow arbitrary code execution attacks. New privacy laws have spread across the US and could be enforced in Australia A researcher has revealed a flaw in the iPhone, as well as the recently released iPod Touch, that can be exploited via malicious TIFF files. This product is a standalone single-user application with some nice features. It integrates directly into the user's Microsoft Outlook to provide the ability of sending 256-bit AES encrypted emails at the click of a button. There has been a steady increase in corporate litigation over the past decade, and those legal proceedings are having an unforeseen impact on IT managers. This trend has been accelerated by the recent changes in the Federal Rules of Civil Procedure (FRCP). A bit of knowledge and research means you can get those coveted tickets while everyone else is hitting "refresh". This device is like a slightly stripped down version of a unified threat manager (UTM). The SecurityMetrics IDS/IPS not only includes IDS/IPS functionality, but it is also a vulnerability assessment tool and it can be configured to be a firewall and router. This appliance is also capable of protecting the network from viruses, pornography, backdoors, cross-site scripting attacks and many other threats. Marshal’s WebMarshal product is an all-inclusive web content filter and anti-malware product. This product is deployed as a web proxy server and will filter all traffic of the enterprise, both incoming and outgoing. Webroot’s SME Security 3.1 is a comprehensive malware management tool. This product provides protection against a variety of problems, such as viruses, spyware, trojans, rootkits and adware. One of the world's most reputed spammers, who used his botnet army to deliver up to billions of junk emails each day, was indicted Wednesday in a US District Court in Seattle. Spammers find yet another way to target the unwary. For the last several years there has been an increased focus on network security, not only from the professionals who run the network, but also from business leaders, industry groups and government bodies. Microsoft’s new Vista operating system has placed more emphasis on security than any previous version of Windows. Often overlooked when it comes to IT security, vendors and attackers are shifting their attention to smaller enterprises. Steve Gold reports. Hackers today embedded a JavaScript-enabled trojan in the website of Dolphin Stadium, home to Sunday's Super Bowl XLI, stadium officials confirmed to SCMagazine.com. Just like the detectives do on weekly television crime dramas, put yourself in the mind of the bad guy. Pretend that you're the criminal who brokers stolen personal information with organised crime syndicates overseas. Put yourself behind the eyes of the malicious hacker who plans to breach merchant networks and compromise wholesale volumes of consumer payment card information, the kind of information that can be bartered within the internet's dark underbelly. There are many different names for the second Tuesday of every month: Patch Tuesday, Super Tuesday, Black Tuesday — and maybe even some other unsavory nicknames not suitable for print. This day, when Microsoft rolls out security updates, is the fulcrum around which most organisations' whole patch management cycles revolve. But just as there are different nicknames for the day, there are also differing opinions about how it should be handled and how quickly organisations should respond with changes. Cutting-edge phishers are creating websites in Flash to evade detection by toolbars, security experts said this week. A United States federal government agency didn’t need to point out the weaknesses of username and password authentication to E*Trade Financial’s CIO Greg Framke. He already knew that such an antiquated method for validating online banking customers falls short in today’s era of keyloggers and phishing scams.