Dennis Fisher

A group of security volunteers on Tuesday released a new version of an advanced open-source framework for developing, testing and using exploits. The Metasploit Framework 2.3 is the latest evolution of a project that began as a lark and has turned into a serious tool for penetration testing and exploit development. The framework, which is […]

Robert Liscouski, the man in charge of the section of the Department of Homeland Security responsible for cyber-security, has decided to leave the department and head for the greener pastures of the private sector. Liscouski is the assistant secretary of the Information Assurance and Infrastructure Protection directorate at the DHS, which includes the National Cyber […]

Although some ISPs and legislators are crediting the year-old CAN-SPAM Act and better technology for recent gains in the war on spam, many in the industry say the advances are forcing spammers to employ new tactics, which are destabilizing the Internets crucial DNS. One troublesome technique finding favor with spammers involves sending mass mailings in […]

Mcafee Inc.s Foundstone professional services group this week will unveil a sophisticated tool designed to help enterprises use Google to discover any sensitive information about the company that might have leaked onto the Internet. The tool, called SiteDigger 2.0, is an upgrade to a utility program written by Foundstone consultants before McAfee acquired the company […]

Looking to solidify the companys place at the top of the security heap, Symantec Corp. executives are considering a new pricing model in which enterprises using Symantecs managed services would pay a single price for all the products and services they purchase from the company. The pricing plan, which has been under consideration since before […]

While chief security officers and CIOs have a broad range of issues to concern themselves with in todays climate—regulatory compliance, threat management, user education, budget constraints—few among them have the mind-bending number of challenges that Eric Litt faces as the chief information security officer at General Motors Corp. With nearly 325,000 employees working in 32 […]

The $13.5 billion merger of Symantec Corp. and Veritas Software Corp. not only creates a dynamic new presence in enterprise software but also could signal a major shift in the way customers buy software and handle their relationships with vendors. Executives from both companies said the main driver behind the merger is a desire to […]

An extensive review of the Linux kernel using a source-code analysis tool found that the core components of the operating system contain far fewer security vulnerabilities than a typical commercial software package. The review, begun in 2000, was done by Coverity Inc., a company that sells a source-code auditing tool and has been working with […]

The consolidation continues in the intrusion prevention system market, as 3Com Corp. announced Monday that it has agreed to acquire IPS vendor TippingPoint Technologies Inc. for $430 million in cash. The purchase positions 3Com to remain competitive with rivals such as Cisco Systems Inc. and Juniper Networks Inc., both of which have made IPS acquisitions […]

NEW YORK—The uncertainty surrounding the change in leadership at the Department of Homeland Security has thrown the search for a permanent director of the National Cyber Security Division into flux, and it now appears likely that the division will continue for the time being under interim Director Andy Purdy. President Bush this week named former […]