Dennis Fisher

As worms and viruses continue to ravage the Internet, a security vendor and an infrastructure provider are employing new strategies to try to prevent initial infections and limit the damage of compromised networked machines. McAfee Inc. and Alcatel USA Inc. are each introducing offerings this week that use policy-based frameworks and network monitoring to regulate […]

Computer Associates International Inc. on Monday acquired PestPatrol Inc., one of the original anti-spyware vendors, for an undisclosed sum. The purchase is an interesting one for CA, whose focus in the security market has been mainly in the security management area. But CA officials said many of their large enterprise customers had become more and […]

SPI Dynamics Inc. is opening up its toolbox and giving customers access to a wide range of utilities that are meant to manipulate, break and otherwise abuse Web applications. SPI ToolKit is a grab bag of the kind of toys that people—good and bad—use to break into applications to probe for common weaknesses, as well […]

Several years after the beginning of a widespread effort between public and private parties to create an environment that would allow broader dissemination of vulnerability information, friction among the players is now scuttling such efforts. The federal government, a key promoter of numerous information-sharing programs, announced last week it wants even more information from private […]

Another variant of the ubiquitous Bagle worm is now making its way across the Internet, flooding in-boxes with infected Zip files. The newest member of the Bagle family, named Bagle.AQ, arrives via an e-mail message with a spoofed sending address and no subject line. The only text in the message body is typically one or […]

They say all good things come to those who wait. For Microsoft Corp. customers, the wait for the major security upgrades in Service Pack 2 for Windows XP is nearly over as the company on Friday released the code for the update to manufacturing. This is the last step in the process before the service […]

Another new version of MyDoom is worming its way through the Internet, and this variant—like the last one—uses Yahoo as part of its infection routine. MyDoom.P is similar to most of the other MyDoom variants in that it arrives via e-mail, with a spoofed sending address and a subject line designed to make it look […]

Hoping to gain an edge on its myriad competitors, Passlogix Inc. on Wednesday will announce a new product strategy in which all of its future offerings will be released as modules that plug into v-GO SSO, the companys flagship single sign-on solution. The platform is the first offering of its kind in the security market […]

As many security researchers feared after analyzing the code for MyDoom.O, a second, related attack began in earnest Tuesday with a new piece of code using the back door installed by MyDoom.O to spread itself and launch a DDoS (distributed denial of service) attack against Microsoft.com. MyDoom.O, also known as MyDoom.M or MyDoom.M@mm, installs a […]

Several new variants of the venerable Bagle virus visited themselves upon corporate networks last week, frustrating administrators and virus researchers who continue to wonder why these worms can still infect thousands of machines after months of warnings. None of the most recent variants is particularly innovative or clever in its social engineering efforts or infection […]