Brian Prince

Several tech industry analysts said they were not alarmed by the recent round of layoffs at Oracle. While Oracle has declined to comment publicly on the layoffs, it was reported by Reuters that the software giant fired several hundred members of its 86,000-person strong work force. The Wall Street Journal put the number of fired […]

More and more vendors are tying together database activity monitoring and security information management, a move that could benefit enterprise data protection efforts. Imperva and ArcSight announced interoperability between their products in December 2008. In March 2008, Guardium announced integration with a number of SIM (security information management) vendors, including ArcSight, CA and LogLogic. Now […]

It’s been roughly two months since the much-heralded shutdown of McColo, yet spam levels have remained below where they were previously. While the amount of spam hitting enterprise networks is building as botnet operators regain their momentum, the botnet landscape has changed significantly. Some of the former kings of the hill, botnets such as Srizbi, […]

AVG Technologies has purchased identity theft protection vendor Sana Security in a bid to bolster its anti-malware defenses. The move gives AVG Sana’s behavior-based security software and is meant to complement AVG’s existing anti-malware capabilities. Sana’s technology works by learning normal application behavior by observing the way applications interact with each other. When malware forces […]

Oracle delivered 41 security fixes to its customers in its first CPU (Critical Patch Update) of 2009. Among those fixes are patches for serious flaws affecting Oracle WebLogic Server and Windows versions of Oracle Secure Backup. According to Oracle, a vulnerability in the WebLogic Server plug-ins for Apache, Sun Microsystems and IIS (Internet Information Services) […]

Microsoft’s inaugural Patch Tuesday of 2009 fixes three vulnerabilities in the Microsoft Server Message Block Protocol software. Though the lone security bulletin itself is rated critical, only two of the three vulnerabilities have a critical vulnerability rating on their own. Both of those issues, if successfully exploited, could allow a hacker to remotely execute code. […]

SQL injection, cross-site scripting – the list of security issues affecting the programs we use daily goes on and on. So often, however, conversations about IT security focus on how to address existing vulnerabilities rather than how to prevent them from coming about in the first place. It is here that the list of the […]

Novell has set its sights on giving non-Windows directory users single sign-on access to Microsoft Web-based products. With Novell Access Manager 3.1, Novell has added built-in support for WS-Federation. Part of the larger Web Services Security framework, WS-Federation is a set of interoperable access and authentication standards used to allow disparate security realms to broker […]

Oracle is planning to deliver 41 patches to its customers on Tuesday, Jan. 13, including 10 for its database products. The most serious of the bugs being patched affect Oracle WebLogic Server Plugin for Apache, Sun and IIS Web servers as well as the Windows versions of Oracle Secure Backup. Those vulnerabilities have a CVSS […]

Microsoft has a relatively quiet Patch Tuesday planned for next week. The vendor is planning to release just one security bulletin Tuesday as part of its monthly round of patches. The bulletin is rated critical, and affects Microsoft Windows 2000, Windows XP and Windows Server 2003. It also affects Windows Vista and Windows Sever 2008, […]