Paul F. Roberts

Security experts from Internet Security Systems Inc. and the U.S. Computer Emergency Readiness Team are warning companies that the popular open-source Snort intrusion detection system technology contains a critical and easily exploitable hole that could be used to compromise vulnerable systems. ISS and U.S. CERT both issued advisories last week concerning a vulnerability in a […]

Networking equipment maker Cisco Systems Inc. finds itself with a formidable new competitor in the emerging area of network access control, as Juniper Networks Inc. has joined the fray with its first NAC offering. Juniper this week is unveiling its first dedicated NAC product, the Enterprise Infranet Controller, a hardware appliance that coordinates policy enforcement […]

Symantec Corp.s recent acquisitions of WholeSecurity Inc. and Sygate Inc. were seen as nice, complementary purchases for the security giant, but Symantec has ambitious plans for the companies technologies that could begin an overhaul of its core product lines. In the coming months, Symantec plans to integrate behavior-based malicious-code detection from WholeSecurity and endpoint compliance […]

Microsoft Corp., once known for its tightly controlled, if not opaque, security processes, recently invited a small number of hackers onto its Redmond, Wash., campus to crack the companys products for all to see. Blue Hat V2 teamed well-known “white hat” hackers with Microsoft employees in an attempt to break into and expose security weaknesses […]

U.S. banks that havent already done so should put plans for shoring up e-banking security into high gear, according to new guidance from the Federal Financial Institutions Examination Council, an interagency body that oversees the financial services industry. The FFIEC issued a report on Oct. 12 that declared single-factor authentication such as a password inadequate […]

Security experts from Internet Security Systems Inc. and the U.S. Computer Emergency Readiness Team are warning companies that use the popular Snort Intrusion Detection System that the technology contains a critical and easily exploitable hole that could be used to compromise vulnerable systems. ISS and U.S. CERT both issued advisories Tuesday concerning vulnerability in a […]

3Com is adding new anti-phishing technology to its TippingPoint line of IPS, or intrusion prevention system, products, the company said. The new anti-phishing features are part of an update to the TippingPoint Digital Vaccine service. They combine system vulnerability data with pattern-matching to spot phishing scams. For example, TippingPoint can determine if an e-mail message […]

Rootkits are becoming increasingly common on enterprise computer networks and are even being used to create undetectable download servers for pirated movies and MP3s, according to anti-virus experts. Anti-virus software company F-Secure Corp., of Helsinki, Finland, has detected rootkits on the networks of numerous customers, and malicious-code authors are integrating rootkit stealth features into Internet […]

Computer Associates International Inc. is reaching out to small and midsize businesses with a new line of software suites that integrate security, storage and data migration tools. This week, the Islandia, N.Y., company plans to unveil its Protection Suites r2.0, six suites for desktops, servers, and mixed desktop and server environments, including versions that can […]

Its Monday: time to pay your monthly credit card bill. A tech-savvy consumer, you log on, open your Web browser and surf to MBNA. com, a site run by the bank that issued your card. Once there, you enter your user name and password, access your account, check your last statement, transfer funds, and pay […]