|
Verisign's
'SiteFinder' finds privacy hullabaloo
Privacy advocates have joined the chorus of critics of Verisign's
"SiteFinder," which on Monday began directing mistyped
dot-com and dot-net e-mail and Web addresses to a search site operated
by the company and Overture.com, a Pasadena, Calif.-based advertising
company that brands itself as a search engine.
SecurityFocus | Feature Article
| September 19, 2003
What
are they thinking?
Getting into the minds of crackers, carders and insider thieves
could help corporations better protect their valuable intellectual
property.
Network World | Feature Article
| March 1, 2004
Breaking
the glass firewall
IT women are gravitating to information security, where cross-disciplinary
skills are key.
Network World | Feature Article
| November 17, 2003
Keep
Hackers out of your Website
Hal Pomeranz sees it all the time: A corporate Web site gets hacked and
the business manager calls him to fix it. "The dot-com companies
are so busy building a Web infrastructure that security is just an afterthought,"
says the San Francisco-based information security consultant, who specializes
in Internet start-ups. "Often, we're just the clean-up guys."
KBeta Security Web | Feature Article
| November 17, 2003
SMPD
blue
San Mateo cops create wireless web to snare criminals.
Network World | Feature Article
| October 27, 2003
Know
Thy Users
Identity management can mean just about anything relating to user access:
single sign-on, provisioning, directory services, user administration
or Web-based access management, to name a few. Here are strategies for
making the right choices.
Computerworld | Feature Article
| July 14, 2003
Whitfield
Diffie, Jim Bidzos and Bruce Schneier
Interviews with three cryptographers, Whitfield Diffie, Jim Bidzos and
Bruce Schneier, whose influence on cryptography set in motion the security
of electronic transactions today.
Computerworld | Feature Article
| September 30, 2002
More
Than a Game
Transportation, energy and other critical infrastructure companies are
stepping up their participation in cyberattack exercises as a means of
preparing for a terrorist-related disaster.
Computerworld | Feature Article
| September 9, 2002
The
Annual Checkup
Automated assessment tolls and application services are no substitute
for a security audit by trained security staff. Here's a list of areas
to check in an annual audit.
Computerworld | Feature Article
| September 9, 2002
Wanted:
A clear view of vulnerability
False positives and an overwhelming flood of information leave companies
yearning for less confusing ways to assess their vulnerabilties.
Computerworld | Feature Article
| September 9, 2002
Crafting
a Response Plan
A chief security officer offers some advice on preparing a cyberdefense
plan.
Computerworld | Feature Article
| September 9, 2002
Picking
a Winner
The managed security services market is a volatile one. Choosing the right
vendor is critical. Here's how to go about it.
Computerworld | Feature Article
| August 12, 2002
Choosing
The Best Security Guards
With thousands of potential security audit events coming at them, IT departments
can't possibly sort, prioritize and act on them all in a timely fashion.
Enter the managed security service provider, which can lighten this load.
Computerworld | Feature Article
| August 12, 2002
Symantec
and Network Associates reveal security management agendas
Network Associates President Gene Hodges and Symantec President John Schwartz
discuss their companies' strategies.
Computerworld | Feature Article
| August 12, 2002
From
arms violations to gathering dust: The strange history of PGP
The history of Pretty Good Privacy could come to an end if the code doesn't
find a new home and support from users and vendors.
Computerworld | Feature Article
| July 22, 2002
PGP
on shaky ground
Pretty Good Privacy or PGP gained cult status in the early '90s, and was
welcomed by the tech community for its promise in securing business to
business communications. Then, Network Associates decided to pull the
plug on it.
Computerworld | Feature Article
| July 22, 2002
Denying
Network Service
Denial of service is a form of attack in which a network server is overloaded
by thousands of false communications and/or requests for services originating
from programs in one or more outside computers. Ultimately, the network
receives so many queries that it can't keep up with them and is thus unavailable
to ...
Computerworld | Feature Article
| June 15, 2002
Maximum
Security Returns
Like every other kind of IT investment, security projects must demonstrate
their business value. Here's a step-by-step guide to cutting costs and
getting the greatest returns.
Computerworld | Feature Article
| June 15, 2002
Getting
the best bang for your security buck
Here are a half-dozen tips for stretching tight security budgets, plus
a list of additional resources that can be found on the Web.
Computerworld | Feature Article
| June 15, 2002
More
on steganography
A sampling of available resources on steganography and digital watermarking.
Computerworld | Feature Article
| June 10, 2002
By
Any Other Name ...
Executives with titles other than chief security officer also bear heavy
responsibility for information security. Here's a rundown on what they
do, what they earn and to whom they report.
Computerworld | Feature Article
| June 10, 2002
Steganography:
Hidden Data
Steganography is the hiding of information within a more obvious kind
of communication. Although not widely used, digital steganography involves
the hiding of data inside a sound or image file. Steganalysis is the process
of detecting steganography by looking at variances between bit patterns
and unusually large ...
Computerworld | Feature Article
| June 10, 2002
Chief
(in)security officer
New corporate pressures are putting the onus on security executives to
prove the effectiveness of their programs. But they still lack the resources
and power to be truly effective in their mission.
Computerworld | Feature Article
| June 10, 2002
Counterpane
Internet Security Inc.
Proving return on security spending is difficult, but Counterpane Internet
Security Inc.'s security monitoring services are sure to catch any business
manager's attention by slashing costs and preventing intrusions.
Computerworld | Feature Article
| June 10, 2002
Clarke
warns educators about need for better security
President Bush's cybersecurity czar called on colleges and universities
to beef up their own IT security and broaden the kinds of security courses
offered to students.
Computerworld | Feature Article
| June 5, 2002
Security
Under the Gun
Despite expectations of a boom in IT security spending, many in the field
are finding that in-house demands are rising but budgets aren't.
Computerworld | Feature Article
| June 3, 2002
Where
the Jobs Are
Here's a rundown of the top industries and types of companies that are
hungry for IT security professionals, and the types of skill sets they're
seeking.
Computerworld | Feature Article
| June 3, 2002
Where
to Look for Security Jobs
Here's a list of links for IT security professionals to visit to find
out more information about job opportunities in this discipline.
Computerworld | Feature Article
| June 3, 2002
Ask
the Right Questions
A security professional gives advice on how to evaluate workflow as you
consider provisioning technologies.
Computerworld | Feature Article
| April 29, 2002
Controlled
Access
Provisioning technologies automatically set up new user accounts into
the applications employees need to do their jobs and automate de-provisioning,
or blocking users from resources after they quit or no longer need them.
The result is a streamlined operation and increased security, but deployment
can be a nightmare.
Computerworld | Feature Article
| April 29, 2002
Credibility
Through Invisibility
A look at Nancy J. Wong, deputy director of National Outreach and Awareness
at the U.S. Critical Infrastructure Assurance Office, who had to battle
through attacks on both fronts to bring the public and private sector
together on security issues.
Computerworld | Feature Article
| April 8, 2002
The
Security Sentinels
Here are the stories of three trailblazers who helped shape computer security
and forensics practices used throughout law, government and the private
sector.
Computerworld | Feature Article
| April 8, 2002
Backgrounder
on Steel Magnolias
Learn more about IT security pioneers Dorothy Denning, Raemarie Schmidt,
Nancy Wong and Martha Stansell-Gamm.
Computerworld | Feature Article
| April 8, 2002
Watch
those partner links
Steps to take to make sure your partners' testimonials and links to your
Web site aren't giving your competitors too much information.
Computerworld | Feature Article
| April 1, 2002
Employee
use policy
Steps that companies should take to prevent employees from leaking sensitive
corporate information in chat rooms and other public forums.
Computerworld | Feature Article
| April 1, 2002
Guarding
the Gates
Companies post way too much information about themselves and their employees
on the Web. Find out what steps you can take to prevent your intellectual
property from being snared by competitors.
Computerworld | Feature Article
| April 1, 2002
Handle
With Care
Executives throughout your company should be aware of the information
posted on your Web site.
Computerworld | Feature Article
| April 1, 2002
Tools
of the trade
A look at some of the tools available to conduct competitive intelligence
searches.
Computerworld | Feature Article
| April 1, 2002
Lawsuits
Highlight PayPal's Growing Pains
Online payment processor PayPal faces two class-action law suits and user
complaints over customer service and antifraud systems.
Computerworld | Feature Article
| April 1, 2002
PayPal's
Risks and Potential Rewards
In PayPal's 156-page filing for an IPO in February, the company named
several possible liability risks but pointed out many potential benefits
as well.
Computerworld | Feature Article
| April 1, 2002
RSA
unveils security product for wireless devices
The move represents the first time RSA has introduced a security product
for Palm handheld devices. RSA's plan is to make Palm-based Internet applications
easier to develop by offering hooks directly into the operating system.
Computerworld | Feature Article
| February 22, 2002
Breaking
the Law to Drive Web Traffic
Some Web site operators are using corporate logos and the likenesses of
famous people to drive traffic. How to fight it? Complain to the ISP or
hosting service that supports such sites, or call the FBI.
Computerworld | Feature Article
| February 22, 2002
RSA:
Vendors showcase new security tools
Consolidation and integration tools in such areas as perimeter security
and network assessment were prevalent at the RSA security conference.
Computerworld | Feature Article
| February 20, 2002
Microsoft
Taps Former DOJ Cybercop
Computerworld has learned that Microsoft Corp. plans to name Scott Charney,
the former chief of computer crime at the U.S. Department of Justice and
a partner at New York-based PricewaterhouseCoopers, as its new chief security
strategist.
Computerworld | Feature Article
| February 4, 2002
Microsoft
taps former DOJ cybercop for top security slot
Microsoft has named Scott Charney, the former chief of computer crime
at the U.S. Department of Justice and a partner at New York-based PricewaterhouseCoopers,
as its new chief security strategist. He begins his new job April 1.
Computerworld | Feature Article
| January 31, 2002
Identity
Management Software Tries to Fill Gaps in Directory Services
The Holy Grail of authentication is directory services that store user
account information such as passwords and biometrics.
Computerworld | Feature Article
| January 21, 2002
Beyond
Passwords
Passwords aren't the only game in town anymore when it comes to network
user authentication. The smart card and token, and biometrics markets
are already heating up.
Computerworld | Feature Article
| January 21, 2002
Integration
Challenges
Integration of authentication schemes and back-end directories isn't always
easy.
Computerworld | Feature Article
| January 21, 2002
Forensics
training resources
Links to Web sites featuring forensic training resources.
Computerworld | Feature Article
| January 14, 2002
Job
Watch
A look at opportunities in digital forensics/incident response and the
skills required for jobs in these fields.
Computerworld | Feature Article
| January 14, 2002
Cybersleuthing
solves the case
Computer forensic investigators use a variety of methods and tools to
nab cybercriminals.
Computerworld | Feature Article
| January 14, 2002
Forensic
Detectives
Forensics investigators are playing a growing role in solving systems
crimes and are also adding to the bottom line at many companies.
Computerworld | Feature Article
| January 14, 2002
Forensics
Clues
A look at some of the evidence PayPal gathered to nab credit card thieves.
Computerworld | Feature Article
| January 14, 2002
The
Perfect Forensics Candidate
Charles Neal, incident response director at Exodus Communications, gives
his criteria for the ideal forensics expert.
Computerworld | Feature Article
| January 14, 2002
Security
Suite Becomes Central Issue
PentaSafe's security tool suite forces employee security awareness and
allows security management across operating systems and applications from
one console.
Computerworld | Feature Article
| December 17, 2001
Cybersecurity
Czar Pushes For More Spending on IT Protection
U.S. cybersecurity czar Richard Clarke said last week that cyberattacks
on the nation's critical IT infrastructure could potentially cause "catastrophic
damage to the economy" and urged more spending on IT infrastructure
and security.
Computerworld | Feature Article
| November 12, 2001
Cybersecurity
czar urges more spending to protect IT infrastructure
Speaking at the Trusted Computing Conference, U.S. cybersecurity czar
Richard Clarke defended the proposed GovNet project, which would build
a closed-loop government network that's isolated from the Internet.
Computerworld | Feature Article
| November 8, 2001
Volatile
States
If you've been asked to set up a network in Russia, China or the Middle
East, be aware of the 'gotchas' that could stymie your efforts, such as
hactivism, internal espionage and embezzlement.
Computerworld | Feature Article
| October 22, 2001
Windows
XP: Is it safe?
With the release of Windows XP, Microsoft may finally be getting serious
about security. But are the changes enough?
Computerworld | Feature Article
| October 22, 2001
The
Keys to XP Security
STANDARD XP SECURITY FEATURES:
Computerworld | Feature Article
| October 22, 2001
IT
workers get the call
Many military roles are technology-related, particularly intelligence
and security jobs, and the military is selectively calling back a lot
of people with specialized IT skills.
Computerworld | Feature Article
| October 5, 2001
Security
Ambassadors
At American Family Mutual Insurance, information security advisers act
as liasons between business units and IT, helping each understand the
other's needs when setting up security systems.
Computerworld | Feature Article
| October 1, 2001
Guarding
the data warehouse gate
Rising concerns about privacy mean the security of sensitive information
such as medical and financial data and information about children is coming
under tighter scrutiny these days.
Computerworld | Feature Article
| October 1, 2001
Researchers
say Nimda set to propagate again
Researchers have discovered a third vector to the Nimda worm, which is
set to propagate again through e-mail at 1:00 a.m. Eastern time Friday,
not today as earlier reported.
Computerworld | Feature Article
| September 27, 2001
For
security, the wireless WAN beats the wireless LAN
One user finds that a point-to-point wireless WAN between buildings is
more secure than a wireless LAN.
Computerworld | Feature Article
| September 17, 2001
Eavesdropping
From the Parking Lot
The same wireless technology that allows mobile employees to work in the
conference room allows hackers to work in the parking lot.
Computerworld | Feature Article
| September 17, 2001
Secrets
in the Air
Unsecured wireless equipment is sneaking in the back door of corporate
America, which means business secrets are at risk. It's time to have a
policy for wireless security.
Computerworld | Feature Article
| September 17, 2001
Privacy:
The Liability Link
With 50-plus privacy-related bills wending their way through Congress,
corporations are soon going to have to pay a lot more attention to their
liabilities.
Computerworld | Feature Article
| August 27, 2001
Accepting
credit cards over the Web can be a costly business
Online merchants say that the credit card authorization system is stacked
against them and rife with fraud.
Computerworld | Feature Article
| August 3, 2001
At
Black Hat, ties seen tightening between hackers, legal officials
At the annual Black Hat Briefings conference this week, hackers, computer
security managers and law enforcement officials talked about their respective
roles in securing the Internet.
Computerworld | Feature Article
| July 13, 2001
The
Problem With Power
The danger of XML is in its usability. Here is a list of four risks associated
with XML along with a list of ways to stave off hostile XML executables.
Computerworld | Feature Article
| July 9, 2001
Playing
By Europe's Rules
A European Cybercrime treaty that's close to being ratified has U.S. IT
managers concerned about liability and protection issues.
Computerworld | Feature Article
| July 9, 2001
Security
by Syntax
XML may eventually be a good authentication mechanism, but right now it's
just an alphabet soup of protocols.
Computerworld | Feature Article
| July 9, 2001
Giving
Users Back Their Privacy
With Microsoft rolling out new browser-based privacy controls, the P3P
standard is bound to get increased attention.
Computerworld | Feature Article
| July 9, 2001
What
Is P3P?
Definition of the new personal privacy standard.
Computerworld | Feature Article
| July 9, 2001
The
Threat of XML
XML unlocks data from many sources for many destinations as no markup
language has done before. But it also opens up new security vulnerabilities.
Few realize how powerful a force they're letting through the firewall.
Computerworld | Feature Article
| July 9, 2001
The
Guardian
Eduard Telders says the role of the corporate security officer is ideally
suited to a renaissance manager who can think about how IT systems open
the company to risk of internal embezzlement and fraud, data theft and
customer privacy violations
Computerworld | Feature Article
| July 9, 2001
XML
security guide for programmers
Check out sources that tell you what not to do and where to go for the
answers you need.
Computerworld | Feature Article
| July 6, 2001
Keeping
Secrets
Michael Jacobs, the National Security Agency's Information Assurance Director,
has made a career out of providing a secure IT infrastructure to his constituents.
Here's how he does it - and how any organization can benefit from his
initiatives.
Computerworld | Feature Article
| June 18, 2001
E-Merchant
Beware
The rate of credit card fraud over the Internet is three times higher
than the rate for all credit card transactions. Merchants need to protect
themselves or they can be sunk by credit card criminals.
Computerworld | Opinion Column
| June 18, 2001
Computerworld
investigates: Giving away their privacy
People are giving away their privacy, including home phone numbers and
addresses, in alarming numbers. Many say it isn't a big deal, and that
the older generation just doesn't understand.
Computerworld | Feature Article
| June 7, 2001
We
Have Met the Enemy and He Is Us
For the second time this year, script kiddies using old tactics are bolstering
their egos in the name of country. Even as Israeli and Palestinian hackers
continue to duke it out in cyberspace, a new conflict between Chinese
and American hackers is now under way.
Computerworld | Feature Article
| May 14, 2001
Brief:
Security vendor to buy Network Ice
Saying the economic climate isn't right to go public but needing new management
to keep growing, Network Ice, a privately held maker of desktop intrusion
detection systems, agreed to be acquired by security vendor Internet Security
Systems.
Computerworld | News Brief
| May 4, 2001
IP
Insecurity
The features that make the Net work are also the ones that sometimes allow
hackers to shut parts of it down. Defenses against high-level hacks often
don't include filters for simpler attacks.
Computerworld | Feature Article
| April 16, 2001
Intel's
Itanium speeds encryption
Speaking at the RSA Computer Security Conference in San Francisco, an
Intel executive said faster processing power will eventually lead to wide
use of encryption technologies and that fewer accelerators will be needed.
Computerworld | Feature Article
| April 12, 2001
Think
Like a Crook
Deborah Radcliff gives examples of the rise in Internet crime and offers
advice on how to stop it.
Computerworld
| Opinion Column | April 9, 2001
Firewalls
reach out
Just one employee's unprotected computer can allow stealth attacks into
the corporate network. New personal firewalls include management features
that can help IT managers plug these holes. But the products are still
evolving. Are they worth the investment today?
Computerworld
| Feature Article | March 26, 2001
No
Laughing Matter
With new regulations and and heightened public awareness, Internet companies
are being forced to get serious about security and privacy.
Computerworld
| Opinion Column | March 12, 2001
Companies
move to combine physical, IT security efforts
A big topic of debate at a cybercrime summit being held this week by the
American Society for Industrial Security is the creation of information
assurance groups that are responsible for both physical assets and corporate
data.
Computerworld
| Feature Article | February 27, 2001
FTC
tracks spammers and fraudsters
The Federal Trade Commission has amassed a 300,000-case database, code-named
Sentinel, that holds information about spammers and Internet fraudsters.
Computerworld
| Feature Article | February 14, 2001
University
Computers Remain Hacker Havens
A year ago, hackers launched crippling attacks on commercial Web sites
from software placed in unsecured university research computers. Today,
those computers are still launching pads for denial-of-service assaults.
Dave Dittrich, security expert at the University of Washington, says academics
get grants for ...
Computerworld
| Feature Article | February 12, 2001
Stuck
in a BIND
The latest buffer-overflow vulnerability in BIND highlights a history
of problems with these complicated programs that form the "glue"
of the Web.
Computerworld
| Feature Article | February 12, 2001
Calculating
E-Risk
Corporations are aware of some of the risks of e-business. But they're
only beginning to discover ways to measure those risks.
Computerworld
| Feature Article | February 12, 2001
InfoWar
Games
Can an orchestrated cyberattack wreak havoc throughout the nation's information
infrastructure? The federal government isn't taking any chances, and it
wants the private sector to prepare for battle.
Computerworld
| Feature Article | January 22, 2001
The
Info Warrior
Major Marcus Sachs is a member of this country's advance guard in the
new field of battle known as information warfare. It's a role that requires
top technology skills combined with a thorough understanding of military
strategy and history.
Computerworld
| Feature Article | January 22, 2001
Stop
the Spammers
In this Hack of the Month column, Deborah Radcliff gives advice on how
to stop spammers from clogging e-mail inboxes and wasting IT staff time
at your company.
Computerworld
| Opinion Column | January 8, 2001
Pick
Your Security Officer's Brain
Distributed denial-of-service attacks, self-replicating e-mail viruses,
electronic security insurance, outsourcing: These are just a few of the
myriad issues that landed on your information security manager's watch
list last year. And even more are expected to arrive in 2001. We polled
35 security vice presidents ...
Computerworld
| Feature Article | January 1, 2001
Virus
Vigilance
A year after the well-publicized spate of viruses raced through the cyberworld,
variants of the bugs are still turning up in e-mail in-boxes.
Computerworld
| Opinion Column | December 11, 2000
Privacy
policies, tools fluster gathering of info-sec specialists
A Microsoft-sponsored meeting yielded little agreement between attendees
on guidelines for dealing with information security issues, but the software
vendor did announce two new privacy products.
Computerworld
| Feature Article | December 8, 2000
Sizing
Up Security Services
Do large security services firms or small consultancies deliver the best
results? It depends on your needs, users say. Marriott International's
Jerry Dixon says the Big Five sometimes act as resellers for specific
products, and that bias may not serve his company well.
Computerworld
| Feature Article | November 27, 2000
Take
caution this holiday season
As online retailers gear up for the shopping season, it's important that
they shore up site defenses against hacker attacks, fraud and other threats.
Computerworld
| Feature Article | November 13, 2000
Should
You Strike Back?
Experts say the first shots have already been fired in an all-out information
war but that relying upon laws to protect your organization may not be
enough. Some companies are fighting back with their own style of online
vigilantism.
Computerworld
| Feature Article | November 13, 2000
Keeping
Secrets
Mark Lawrence is a rarity in IT - one of a handful of IT professionals
holding the title of chief privacy officer. The job is a new one, and
one usually held by someone from the legal side. But that's changing,
as new privacy regulations affect the storage and handling of customer
data.
Computerworld | Feature Article
| November 13, 2000
Overcoming
Software Volatilities
Thinking of installing new software on your network? Take it from the
pros: No new commercial program is entirely risk-free. Don't buy anything
without an extensive evaluation. And if you can't afford to test the product,
check with those who have.
Computerworld
| Feature Article | November 13, 2000
The
ABCs of security team building
Building a good security team means grabbing candidates wherever you can
find them. A seminar at recent SANS conference offered a few tips on where
to look and what to look for.
Computerworld
| Feature Article | October 25, 2000
Meet
the 'Hactivist'
Take a walk into the underground world of a group of computer hackers.
They work in IT by day and fight for cyberfreedoms by night. They're also
being called today's version of the '60s counterculture. Computerworld's
Deborah Radcliff accepted their invitation to see what they're all about.
Computerworld
| Feature Article | October 16, 2000
Don't
overreact
Hard-line security policies made in reaction to the threat of viruses
and Trojan horses can eliminate the use of valuable productivity tools.
Computerworld | Opinion Column
| October 9, 2000
Wanted:
Security Superman
Finding the right person to oversee an organization's information security
efforts can take extra time, money and salesmanship. Pete van de Gohm
at Enron Energy Services says he looks for work that offers new opportunities.
Computerworld
| Feature Article | September 25, 2000
Wireless
at risk
The next malicious software on the horizon is likely to attack wireless
devices, says Computerworld security specialist Deborah Radcliff. Any
device that can be programmed can be hacked, she writes.
Computerworld
| Feature Article | September 11, 2000
Authorization
Management Tools Emerge
Authorization management software tools go beyond simply validating Web-based
users to control the level of access users receive within an application.
These automated products work well for new projects, but often require
substantial work to integrate with legacy applications. New standards
may ease the pain.
Computerworld
| Feature Article | September 11, 2000
The
government wants to know: How do you handle security?
Deborah Radcliff reports that the CIAO is reaching out to IT leaders and
is asking them a series of questions about the state of security at their
companies. The presidential commission has been meeting with leaders around
the country and most recently held a conference in California.
Computerworld
| Feature Article | August 30, 2000
Got
Cyber Insurance?
Few companies seem to know that they can insure themselves against Web
shenanigans. Part of the problem is that insurers themselves are just
waking up to technology's impact on business liability. Here's how to
better protect your firm.
Computerworld
| Feature Article | August 21, 2000
Secure
With Your Security Pros
The growing demand for security professionals is fueling a number of new
security skills certifications. Here's a look at the new certifications,
their cost and what they'll do for you.
Computerworld
| Feature Article | August 21, 2000
Fighting
hacks
After Microsoft issued a fix for a security flaw in its Access database,
Anchorsign CIO Timothy Mullen found a flaw in the work-around itself.
He contacted Microsoft and found a way to turn the vulnerability against
itself. 65
Computerworld
| Feature Article | August 7, 2000
The
security community learns how to schmooze like the mainstream
PHILADELPHIA -- The CERT Coordination Center at Carnegie Mellon University
here has long had the ear of Congress in matters of computer information
security, but last Wednesday was a first in terms of CERT's politicking
-- it held a good old-fashion cocktail party at a national convention.
Computerworld
| News Article | August 4, 2000
HOPE
2000 hackfest hits New York
Yuppie techies mix with rebels; Cult of the Dead Cow's Sir Dystic reveals
a NetBIOS decoder that can trick a machine's NetBIOS name service into
thinking its name is already in use, blocking the real machine from getting
onto a network. Deborah Radcliff reports.
Computerworld
| Feature Article | July 21, 2000
Napster
gaffes
Last week's Hack of the Month on security vulnerabilities in Napster missed
some important points, but the music trading program can still pose a
security threat. Deborah Radcliff makes the mea culpas and clarifications.
Computerworld
| Feature Article | July 17, 2000
First
Line Of Defense
Job Watch: Paul Raines knows IT security. First, it was handling the launch
keys for Minute Man missiles. Then, responsibility for the Air Force command
and control communications. Now, he's chief security officer at the New
York Federal Reserve Board.
Computerworld
| Feature Article | July 14, 2000
Napster
trap
All those Napster-using employees in your company aren't just wasting
time listening to music. They could be exposing corporate systems to a
program that can disguise any files as MP3 files and download them without
anybody knowing it.
Computerworld
| Feature Article | July 10, 2000
Security,
the Way It Should Be
Today, security is often slapped on as an afterthought. But there's a
better way: Build systems with security in mind at the outset. "The
vast majority of network plumbing gear in use today is misconfigured,"
says Stefan Jon Silverman, a security expert at Scient Corp.
Computerworld
| Feature Article | July 10, 2000
The
Cyber-Mod Squad Sets Out After Crackers
Mission Impossible? Not quite. A Secret Service unit nabs cybercriminals
with help from corporate IT.
Computerworld
| Feature Article | June 19, 2000
Domain
name game
It's almost frighteningly easy for a hacker to steal your domain name,
especially if the company which registers your domain allows online ownership
changes. One way to protect yourself: Use a registrar which requires phone
or paper-based confirmation of ownership changes.
Computerworld
| Feature Article | June 12, 2000
In
Search of Cyberlawyers
Despite the explosion in e-commerce, there aren't enough lawyers expert
in the ways of the Internet to advise IT managers on thorny legal issues.
Computerworld
| Feature Article | May 20, 2000
Cobol-to-Web
Translation Tools and Services
The third sidebar to security story
Computerworld
| Feature Article | May 1, 2000
Security
Alert: Moving Cobol to the Web - Safely
As companies have a need to make information from secure mainframes available
on the Internet, they are developing a variety of strategies to deal with
their new security risks.
Computerworld
| Feature Article | May 1, 2000
Digital
Signatures
Webster's defines a signature as "the name of a person written with
his own hand."
Computerworld
| Feature Article | April 10, 2000
Honor
thy customers' cards
Denial of service attacks have been getting a lot of attention lately.
But meantime, you need to be protecting your systems from credit card
theft. Contributing Editor Deborah Radcliff reports on some tough lessons
learned.
Computerworld
| Feature Article | April 10, 2000
Fighting
the flood
There's no perfect way to protect yourself against a denial-of-service
attack (or from unwittingly aiding such an attack.) But some common-sense
measures can give you some protection, or at least blunt the impact.
Computerworld | Feature Article
| March 6, 2000
Hunting
Hackers: How to Fight Back
In police work, sometimes the longest journeys end with the shortest trips.
That's what happened to Brian Koref, who spent months at the Air Force
Office of Special Investigations (OSI) tracking down a pair of Swedish
hackers who invaded U.S. Air Force, U.S. Army, NASA and other military
systems, helping ...
Computerworld
| Feature Article | February 14, 2000
Guardians
of your Web security
Computerworld
| Feature Article | February 14, 2000
Hunting
hackers: How to fight back
As military security gets more effective, it filters out to private sector.
Computerworld | Feature Article
| February 11, 2000
Cover
your SNMP
Deborah Radcliff/Hack of the Month
Computerworld | Feature Article
| February 7, 2000
Vigilante
Group Targets Child Pornography Sites
Condemned.org defies legal channels and takes down sites while most law
enforcement agencies turn a blind eye.
Computerworld | Feature Article
| January 17, 2000
Strategist
of the Net
Computerworld | Feature Article
| January 10, 2000
Y2K's
real lessons
The extraordinary attention we paid to security during the year 2000 rollover
seems to have scared hackers off, writes Deborah Radcliff. Imagine if
we were this careful all the time.
Computerworld | Feature Article
| January 10, 2000
Vigilante
group targets child porn sites
Condemned.org defies legal channels and takes down sites while most law
enforcement agencies turn a blind eye.
Computerworld | Feature Article
| January 7, 2000
Keep
Hackers Out of Your Web Site
Hal Pomeranz sees it all the time: A corporate Web site gets hacked and
the business manager calls him to fix it. "The dot-com companies
are so busy building a Web infrastructure that security is just an afterthought,"
says the San Francisco-based information security consultant, who specializes
in Internet start ...
Computerworld | Feature Article
| January 3, 2000
Evil-code-fix
myth
Though Trojan horses hidden in Y2K remediation code are possible, they
are extremely unlikely. It is difficult to hide Trojans in Y2K code because
the Trojan program would have to be broken up, making it easier to locate
the code.
Computerworld | Feature Article
| December 13, 1999
Three
Industries, Three Security Needs
If your goal is to boost protection of your company's data, first you
must know the security problems in your industry.
Computerworld | Feature Article
| November 29, 1999
'Standard'
security is different for every industry
Finance sites worry about data integrity, entertainers worry about piracy,
others have their specific concerns.
Computerworld | Feature Article
| November 23, 1999
Crackers
Subvert Servers To Map Web Weak Spots
In a giant leap in attack technology, crackers, possibly from Russia,
are mapping the Internet. The fact they use victim's own machines to scan
the Web for other vulnerable systems has security experts worried.
Computerworld | Feature Article
| October 18, 1999
The
Hacker in All of Us
"How do you spell pillage?" asks Fred Norwood, manager of information
infrastructure technology at El Paso Energy Corp. in Houston.
Computerworld | Feature Article
| October 11, 1999
Common
Security Standards At Last?
Do you trust vendors and the government to set standards for security
products? Or will they further muddle the picture for IT customers?
Computerworld | Feature Article
| September 20, 1999
The
Making of a Standard
How Common Criteria works: The government issues a protection profile,
much the way large-volume customers issue a request for comment or a request
for quote. If a vendor wants this high-volume business, it submits its
tool for testing against that profile.
Computerworld | Feature Article
| September 20, 1999
Your
PC may be tapped
If you're finding user-installed cameras and/or microphones on Windows
NT machines in your enterprise, be afraid. For the past four months, U.S.
Army special agents have been showing their commanding officers how to
turn microphones and cameras into remote spying devices.
Computerworld | Feature Article
| September 20, 1999
ack
of the Month: Vendor Defaults Open Doors to Invasions
Corporate networks and cable modem users could be sharing their messages
with snoops or losing them altogether to denial-of-service attacks, thanks
to a default configuration in Windows and Solaris machines, according
to an advisory posted earlier this month by L0pht Heavy Industries.Understanding
the hack ...
Computerworld | Feature Article
| August 23, 1999
Taking
a byte out of crime
At 17, Rob Clyde liked to play a remote Star Trek game with his buddies
who were spread out across the country. To win the game, he wrote a program
called "CONTRL," which allowed him to monitor his opponents'
computers from afar.
Computerworld | Feature Article
| August 9, 1999
Complacency
Leads To E-Mail Hacks
Recently, about 40 desktop e-mail applications started acting up at an
East Coast telecommunications company. Then the company's mail server
ground to a halt. The company called Mike Young, a network security consultant
at Thorne Securities, the information security arm of DataStaff Inc.,
a Schaumburg, Ill., job ...
Computerworld | Feature Article
| July 19, 1999
Vendors
Post Back Orifice Antidotes
Security software vendors last week claimed to have developed antidotes
to the Back Orifice 2000 (BO2K) Trojan horse, which allows attackers to
remotely access Windows-based PCs. But the program's ability to change
attack signatures may foil efforts to detect it, according to hackers
who developed it.
Computerworld | Feature Article
| July 19, 1999
Antivirus
vendors post Back Orifice 2000 antidotes
But hackers who developed the exploit say their polymorphic Trojan Horse
will defeat software protection.
Computerworld | Feature Article
| July 14, 1999
Linux
Hack Flies Below Intrusion-Detection Radar
About six weeks ago, I got a call from Gerry Zepp, a former National Security
Agency information systems security officer who is now an intrusion-detection
analyst at an East Coast Internet service provider.
Computerworld | Feature Article
| June 14, 1999
A
cry for privacy
The issue of privacy both polarizes and unifies government, cyberactivists,
businesses and consumers. "Privacy is something that Americans respond
to very emotionally," says industry analyst Jim Balderson at Zona
Research Inc. in Redwood City, Calif.
Computerworld
| Feature Article | May 17, 1999
Russian
New Year's Diabolical Twist
"Suppose it's possible to send an e-mail containing a hidden construct,"
said an information security director. "And when the user opens that
e-mail, the construct will run without the user ever knowing anything."
Computerworld
| Feature Article | May 10, 1999
Trusting
the Net
When Netware International Bank guaranteed 20% interest on savings and
near-prime loans, the North Carolina Office of the Commissioner of Banks
started getting inquiries. Lots of them. A little research proved that
Internet bank was no bank at all. It had no license. No recognition by
any regulatory agency. And ...
Computerworld
| Feature Article | May 3, 1999
'CIH'
Virus Dangerous, But Easy to Avoid
Late last year, network administrators at Lockheed Martin Corp. were hammered
with calls from users in an 8,000-node subnetwork.
Computerworld
| Feature Article | April 5, 1999
How
to make your buildings Y2K OK
David Tucker feels like a fish out of water. As CIO at the 27-facility
Seton Healthcare Network, in Austin, Texas, he says he knows little about
building-control systems. But he's learning.
Computerworld
| Feature Article | March 29, 1999
Elevator
Maker: No big plunges on New Year's Day
When the year 2000 rolls around, elevators won't go screaming down their
shafts, even if a date-sensitive controller gets overlooked.
Computerworld
| Feature Article | March 29, 1999
Keep
your code clean
You've fixed your year 2000 problem and everything's going smoothly. Then
it happens: Payroll shuts down. Or worse, your accounts receivable software
can't process invoices.
Computerworld
| Feature Article | March 1, 1999
Busted!
I was a welfare fraud. I tried to cheat the system. But the system fingered
me -- and I've got the rap sheet to prove it.
Computerworld
| Feature Article | December 14, 1998
Invisible
Loot
High-tech espionage is a grave and growing threat to US businesses, prompting
new security services from law enforcement agencies and private firms.
Industry Week | Feature Article
| November 2, 1998
IT
security opportunities: The hackers among us
Faced with a shortage of experienced security pros, many IT managers find
they have nowhere else to turnThough he acknowledges the shortage of network
security sharpshooters, Rob Clyde, co-founder of $100 million security
software and consulting vendor Axent Technologies, Inc. in Rockville Md.,
says hiring ...
Computerworld
| Feature Article | October 5, 1998
IT
security opportunities: Sleeping with the enemy
Fred Villella has that hollow, hopeless look of a father trying to rein
in a bunch of unruly teen-agers. Villella, former secretary to the national
security adviser and founder of New Dimensions, Inc. in Cardiff, Calif.,
hires hackers to teach information security courses to cops, agents and
private-sector ...
Computerworld
| Feature Article | October 5, 1998
Cybercop
boot camp
El Nino gave California a break overnight, pushing the mercury to a suffocating
99 degrees Fahrenheit and rousting a storm of fat, window-splattering
insects along Route 50 to Sacramento. Here, at the headquarters of SEARCH
Group, 17 shorts-clad officers of the law had traded their guns for PCs
for two weeks in ...
Computerworld
| Feature Article | September 7, 1998
Uneasy
partners
In February, the information systems department at Sonoma State University
in Rohnert Park, Calif., learned that child pornography was being stored
on a server somewhere on campus.
Computerworld
| Feature Article | August 17, 1998
Don't
forget the guard
Computerworld
| Feature Article | June 22, 1998
|
