Cyber risk is increasing for individuals and organizations, making flexible and robust solutions for identifying spam and malware increasingly critical. Apache SpamAssassin is an anti-spam framework we stand behind and have been using in Guardian Dig...
Las Vegas plays host to two separate security conferences this week--one for people who guard computer systems, another for those who break into them. System administrators and hackers, CIOs and script kiddies will all gather in the desert to trade information, . . .
Hacker conventions, such as those being held in Las Vegas this week, are no longer considered the sinister gatherings they once were. If the slot machines get a little screwy this week, casino detectives will have plenty of suspects. Thousands of computer hackers and security experts begin converging in Las Vegas Tuesday for the annual Black Hat Briefings and Def Con convention on computer security.. . .
Despite high profile security breaches the issue is still not a priority for many, a survey finds Half of IT directors are willing to bet less than £1 that their IT systems are safe from hacker attack, according to a . . .
The Center for Internet Security (CIS), a coalition of internet user groups, yesterday released the first set of minimum security standards for operating systems. Starting off with specs for Solaris, the user group plans to introduce similar standards for Windows, as . . .
The Black Hat Briefings is a conference for researchers, IT professionals and experienced security administrators. Every year, leaders in the security field are brought together to Black Hat to discuss the latest threats, trends, products, and influences in the Internet and . . .
The organization charged with managing the worldwide Domain Name System (DNS) has launched a study to gauge privacy concerns raised by the plethora of personal information contained in the "Whois" database, a publicly searchable resource used to determine the identity of . . .
Maintaining the openness of OpenBSD got a little more complicated recently when the project leader of what may be one of the most popular modules in OpenBSD decided to re-word his home-grown license to specifically disallow modifications to the source code . . .
An organisation formed to promote compatibility between different implementations of OpenPGP standard does not include Network Associates, which is the main supplier of PGP-based encryption products for business. The OpenPGP Alliance, which was founded by PGP creator Phil Zimmermann, doesn't include . . .
The Attrition staff outlines their decision to no longer maintain the Web defacement archive. "During this time, we have struggled to keep up various other sections of Attrition that have been a core part of the site. As the mirror grew and began to consume more resources, the other sections have found themselves on the backburner and rarely updated. In essence, what was once a hobby site run in spare time for fun has turned into a beleaguring second job. A job that comes with more headache, complaints, criticisms, slander and attacks than productive output or reward. . . .
The problem with IT security benchmarks is that the reference point is a constantly shifting target as new technologies and threats emerge. And that's an especially difficult problem to overcome, said corporate security systems managers. They are examining the fruits of . . .
With security expertise becoming an increasingly expensive but important commodity, security companies plan to focus on managed security services as a key selling point at the RSA Conference 2001 this week in San Francisco. In addition, companies are pushing systems to . . .
The RSA Conference, named for the Bedford, Mass.-based security company that puts it together, began Sunday and runs through Thursday. In another sign that security has become important business, the sponsors include Intel, Microsoft, Hewlett-Packard, IBM and Compaq. "I think the . . .
Does an alphabet soup of acronyms, which stand for certifications that you've obtained, follow your signature? Are you wondering which, if any, are really valuable? Are you contemplating a worthwhile certification challenge? Have you been working in the information system security . . .
On the surface, IT-ISAC sounds wonderful, but there's something wrong with this picture. Each of these companies might provide a general idea as to the kinds of attacks that it is receiving. But no company in its right mind will contribute . . .
The Electronic Privacy Information Center (EPIC) has teamed up with Privacy International in relaunching a Web site that aims to become the clearinghouse for all privacy-related news worldwide. The new site, EPIC – Electronic Privacy Information Center, hosts links to hundreds of news . . .
Nineteen leading tech firms have created an information-sharing conglomerate aimed at countering the growing number of electronic attacks on U.S. companies. The information technology sector on Tuesday became the third area of the economy to create its own "Information Sharing and . . .
These are portraits Marcus Ranum took at the first ever computer security summit, held at Bill Cheswick's house in the summer of 1998, I believe. Ever wonder what Dan Farmer or Wietse Venema look like? Marcus adds, "Due to unfortunate lack . . .
Although U.S. companies lose billions of dollars every year as a result of cybercrimes committed by internal and external hackers, more than 90% of CIOs polled in a recent survey said they have confidence in their company's network security. According to . . .
In its clearest signal yet that it may be bracing for a massive attack, computer network security group CERT issued an advisory today asking system administrators to prepare systems to block denial of service attacks. The advisory, titled DenialofService Vulnerabilities in . . .