Profile of Larry Greenemeier
News & Commentary Posts: 1064
Articles by Larry Greenemeier
8/9/2007
Although disasters make headlines, 80% of all IT outages are caused by human error. To defend against downtime or service interruptions, organizations need to maintain strong business continuity plans.
8/7/2007
Security researchers at the Black Hat conference discussed the weaknesses in JavaScript that let an attacker take control of a user's browser.
8/2/2007
Because so much of Estonia's economy relies on the Internet, when the Internet was down, citizens couldn't perform the most basic functions, such buying milk, bread, or gas.
8/2/2007
Now Mozilla is making its JavaScript fuzzer available to anyone who wants to use it, and it'll be followed later this year by fuzzers for the HTTP and FTP protocols.
8/1/2007
Despite the several ways to break down a Web site built using Ajax, all is not lost, according to SPI Dynamics.
8/1/2007
The former federal counterterrorism adviser tells security pros at the Black Hat USA conference that continuing to build more of the global economy on cyberspace as it exists today is dangerous business.
7/30/2007
Four men have pleaded guilty to using phony point-of-sale PIN-pad terminals to steal customers' data and passwords and then defraud stores.
7/27/2007
The new threat comes from a number of newly registered Web sites that pretend to represent Italian organizations, but are really just vehicles for using malicious IFrames to spread malware.
7/25/2007
A House committee hearing shows that the security dangers of file sharing over peer-to-peer networks is still a major problem.
7/23/2007
The 13 months Yahoo will keep search data is shorter than the 18 months announced by Microsoft and Google.
7/20/2007
Microsoft outlines incremental improvements to its privacy principles for its Live Search and online advertising services.
7/19/2007
Don't expect to see a big crowd for EC-Council University home football games: The program's inaugural Master of Security Science class consists of only six students and all are taking their courses online.
7/18/2007
Allied Cash's database administrator Christian Alvarez has been working to secure the company's new Web-based user interface in recent months.
7/17/2007
Can cybercrooks successfully attack at will, and are those who report the details of these attacks causing more harm than good?
7/17/2007
GE Healthcare already has rolled out encryption capabilities on 120,000 laptops as part of a five-pronged encryption strategy initiated in mid-2005.
7/16/2007
The author of a new book, "Exploiting Online Games," says that cheaters are infesting online worlds like World of Warcraft and Second Life, and they could become a threat to mainstream business systems.
7/15/2007
The No. 1 tactical security priority for U.S. companies in 2007, according to 37% of respondents, is creating and enhancing user awareness of policies. But this is down from 42% in 2006.
7/13/2007
The biggest problem is the availability of tools that make it easy for the average person to launch spam campaigns, including those that employ phishing to steal personal information.
7/12/2007
The South Florida bust resulted in the recovery of about 200,000 stolen credit card account numbers used in fraud losses roughly calculated to be more than $75 million.
7/10/2007
The consortium will help federal government agencies develop IT networks and systems that more efficiently and securely share information.
7/9/2007
The PDF image spam is just one of a litany of creative attempts to fool e-mail users into downloading malware or visiting phishing sites, says Symantec in its monthly spam report.
7/9/2007
The Taiyuan University of Technology is testing software agents that crawl through any search engine looking for searched keyword results as well as any personal data that's been collected about the surfer.
7/6/2007
Even if someone is the victim of identity theft, it's difficult to figure out how that person's sensitive personal information fell into the wrong hands, the agency said.
7/6/2007
Experts say U.S. companies need to take the increasing use of cyberwarfare tactics and tools very seriously.
7/5/2007
Al-jinan.org went undetected for more than four years, allowing users to use their own computers to launch denial-of-service attacks against anti-Islamic sites.
7/3/2007
One organization suggests recent surges in Internet disruptions are a political play to influence December's elections in the Russian Federation.
7/2/2007
U.S. businesses would be greatly impacted by any large-scale cyberattacks because most of that infrastructure is run by companies in the private sector.
6/29/2007
The Government Accountability Office says it could take up to a decade to find a practical way to implement biometric exit capabilities at land ports of exit.
6/29/2007
Top-level business executives, including CEOs, presidents, CIOs, and CFOs, are being directly targeted by e-mails containing malicious Trojans.
6/28/2007
Officials are investigating the possible theft and misuse of records containing information on about 1,120 aspiring veterinarians who'd applied to UC Davis School of Veterinary Medicine.
6/27/2007
The School Safety Index indicates that while 95% of districts surveyed are blocking Web sites, only 38% have a closed network that lets them control the content students can access.
6/27/2007
Cruise.com has until the end of the week to decide whether to collect $330,000 in damages for being called a "spammer" by Mark Mumma, or seek a new trial.
6/25/2007
The company will add malware- and spam-inspection capabilities to its firewalls using technology from its recent acquisition of IronPort Systems.
6/22/2007
Law enforcement officials, including all 92 assistant U.S. attorneys, will meet to coordinate efforts against zero-day vulnerabilities and other online threats.
6/21/2007
We're not at war with France, at least not the last time I checked, but that doesn't mean that the French want their state secrets coursing through the U.S. telecommunications infrastructure, courtesy of French government officials addicted to les BlackBerrys. Sure, BlackBerrys come with built-in encryption, but is that enough when you really, really don't want anyone to get their hands on the
6/21/2007
The case is the second this year in Switzerland focusing on Islamic terrorism, but the first-ever terrorism case there involving the Internet.
6/19/2007
The acquisition comes the same day HP introduced a number of security initiatives designed to help promote its diversification into several key areas of security.
6/18/2007
The all-stock transaction will result in a company with more than 5,000 customers worldwide.
6/15/2007
Red Hat Enterprise Linux 5 running on IBM servers now meets government security standards allowing Linux to be used in homeland security projects and command-and-control operations.
6/14/2007
The attacks represent a "quantum leap" for hackers in terms of their technological sophistication and pose a serious challenge to the IT community, one security firm reports.
6/13/2007
Quova's software is designed to help organizations identify in real time any devices connecting into their Web sites.
6/12/2007
McAfee's new chief said growth will come from selling suites of security products and services, particularly those that address security risk management, rather than individual products and services.
6/11/2007
With a new version of ePolicy Orchestrator, McAfee can manage and report on its own antivirus software as well as antivirus software from competitor Symantec.
6/8/2007
The latest sales figures are positive, but the retailer is facing a flood of lawsuits from store customers and financial institutions.
6/6/2007
IBM expects Watchfire's technology to complement existing IBM Tivoli offerings by better incorporating security and compliance testing into the application development lifecycle.
6/5/2007
Some 57% of those attending the Gartner IT security summit keynote session believe that vulnerability labs set up by security researchers are a useful public service.
6/4/2007
With new and increasingly inventive cyberscams surfacing every week, the Postal Inspection Service's workload isn't likely to get any lighter.
6/4/2007
Product announced Monday promises to deliver security information about clients, servers, and networks to a single console.
5/31/2007
His treatment consisted of, among other things, chemotherapy, a bone marrow transplant, and permission to play Re-Mission as often as possible.
5/30/2007
HopeLab claims that cancer patients who play Re-Mission have more successful treatment than those who don't play the game.
5/24/2007
The two states wrangle with the laws surrounding the Payment Card Industry data security standard.
5/24/2007
Most companies are more concerned with blocking Web site categories, such as those labeled "adult" or "gambling," than with targeting individual Web sites, a new report notes.
5/24/2007
The cyberattacks against Estonia were particularly damaging, as the country had to shut down key computer systems for their own protection.
5/22/2007
A panel of data security veterans shared their recommendations on how to avoid trade-secret compromises.
5/22/2007
The Payment Card Industry data security standard has emerged as a primary driver of IT security spending and some serious rethinking of how data and systems are secured.
5/18/2007
With nearly all DDoS attacks and spam coming from bots, infections have become a growing concern for businesses as well.
5/17/2007
Businesses, governments, and reporters will use virtual communities to gather information.
5/15/2007
Many of the biggest breaches in recent years were inadvertent disclosures, Dartmouth business school researchers found.
5/15/2007
Securent Entitlement Management Solution can be used to manage entitlement privileges not only to applications but to databases as well.
5/14/2007
The ink was barely dry on last year's InformationWeek cover story analyzing the credibility of IT analysts when the e-mails started hitting my inbox. Some readers applauded our efforts to examine the criticism often leveled at the analyst market, while others thought the story fell flat for lack of specific or new examples. Funny thing about the latter -- whenever I'd get a supposedly jilted customer
5/14/2007
The move would add 800 Cybertrust employees to Verizon's security services team of 300 and give it access to Cybertrust operations in 30 locations in the Americas, Europe, the Middle East, and Asia-Pacific.
5/10/2007
There's a danger in focusing security efforts more on controlling admission to IT environments and less on managing users, BT Radianz's security chief suggests.
5/9/2007
Industry analysts suggest some 45 million credit and debit card data could have been poached from a thief with a laptop, a telescope antenna, and a wireless LAN adapter.
5/3/2007
Three security bulletins affect Office, while two affect Windows. Exchange is affected by one bulletin as is Microsoft BizTalk business-process management server and Capicom, a Microsoft ActiveX control.
4/18/2007
The Education Department has been criticized for not keeping better tabs on how student information is used, particularly by companies looking to market products and services to students and their families.
4/17/2007
Nine of the vulnerabilities addressed in the patch can be exploited by an attacker remotely over a network without the need to have a valid username and password for authentication.
4/17/2007
Profiling tactics from Barracuda and other companies are designed to block e-mails that smell fishy but whose IP addresses or domain names haven't been blacklisted.
3/29/2007
New advances in IP-based digital video surveillance cameras, recorders, and analysis software promise to help retailers and other businesses put the kibosh on theft.
3/29/2007
AT&T and Trend Micro are both expanding the network-based security services they're offering to business customers.
3/29/2007
The intrusion hands the retailer the dubious honor of surpassing the 40 million stolen customers record mark, something that only CardSystems had been able to achieve.
3/28/2007
Enrolling users within the Bioscrypt system means first casting a 40,000-point infrared mesh grid over the user's face in order to take measurements.
3/23/2007
$8 million in fraudulent purchases uncovered and traced back to T.J. Maxx parent company's data breach.
3/23/2007
Detailed context is a differentiator for Endeca.
3/22/2007
The U.S. military's latest maneuver could improve search efforts beyond basic keywords and apply search technologies that better help its personnel connect the dots.
3/21/2007
Thieves used the stolen customer data to create dummy credit cards for purchasing Wal-Mart and Sam's Club gift cards, and then used those to hit stores in 50 of Florida's 67 counties.
3/20/2007
The companies say they can equip a small fleet of emergency response vehicles with enough gear to quickly turn a regular field tent into a temporary command center.
3/20/2007
Fortify Software, which has for the past year offered an on-the-fly approach to securing Java-based Web applications, has extended that coverage to include .Net as well.
3/16/2007
Virtual machines can improve a system's security, but beware of the many pitfalls.
3/15/2007
Blue Lane Technologies debuts an intrusion-prevention system for virtual machines running on the VMware Infrastructure 3 platform.
3/13/2007
The Federal Trade Commission's look into TJX, parent of T.J. Maxx, Marshalls, and HomeGoods, is believed to stem from a recent data breach, which allowed cyberintruders to steal customer data.
3/8/2007
Less than 3% of all stolen data actually ends up being used to commit fraud, according to industry experts.
3/8/2007
''Security on the Net is actually an arms race in its most classic form,'' says CEO Meg Whitman.
3/8/2007
Visa USA president and CEO John Philip Coghlan insists that technology is the solution to combating fraud -- not the cause of it.
3/7/2007
Security firms say it depends on whether you believe Microsoft should be judged on how far it's come or how far it has yet to go.
3/5/2007
More than 64% of the 627 IT pros surveyed by Ponemon say their companies use identity and access management technology, but few respondents have centralized systems.
2/28/2007
The deal between HID and IOActive shows how delicate a line security researchers walk when they seek to present their work to the public.
2/28/2007
The dustup revives the issue of how much license security researchers should be given when presenting their findings in the name of better security.
2/27/2007
With products like Boot and Nuke, Data Eraser, Cybercide, and Evidence Eliminator, industry experts offer their tips on how to secure information and intellectual property.
2/23/2007
As data hacks proliferate, Massachusetts lawmakers target retailers for restitution
2/22/2007
Slipups like the ones at T.J. Maxx and Stop & Shop stores could force companies to pay to cancel or reissue cards, stop payments, or block transactions, if the legislation passes.
2/21/2007
The U.S. Postal Service inspires the highest level of trust, while the National Security Agency scored the lowest.
2/21/2007
The retailer's parent company believes portions of the credit and debit card transactions at its U.S., Puerto Rican, and Canadian stores from January 2003 through June 2004 were compromised.
2/20/2007
An increasing number of companies are learning about proper customer data protection the hard way.
2/16/2007
Company scientist downloaded 22,000 sensitive documents and accessed 16,000 others as he got ready to take a job with a competitor
2/15/2007
Small to mid-size companies that allow their employees to open lines of credit in the executive's name, could be most at risk.
2/15/2007
A research chemist who worked for DuPont for 10 years before accepting a job with a competitor downloaded 22,000 sensitive documents and viewed 16,706 more in the company's electronic library.
2/12/2007
In concert with Mirage, the company's new ISS Proventia Management SiteProtector software stems from its recent acquisition of Internet Security Systems.
2/9/2007
Familiar, yes, but more relevant than ever as the number of security companies continues to shrink
2/8/2007
As long as cybercrime continues to grow as an industry, don't count on malicious attacks to abate on their own, the company's CEO says.
2/7/2007
IBM and other large IT infrastructure companies are bulking up in an attempt to provide a one-stop shop for comprehensive security systems.