Brian Prince

Oracle officials are issuing a red alert regarding a flaw affecting the Apache plug-in for Oracle WebLogic after exploit codes for the vulnerability were posted in public forums. The flaw affects a number of versions of Oracle WebLogic Server–formerly BEA WebLogic Server–and can be exploited remotely by a hacker without authentication to execute code or […]

As the race to put more security technologies on the endpoint continues, Sophos needs to add strong encryption and data loss prevention technologies to its portfolio if it wants to continue building momentum. Enter Utimaco Safeware. Sophos announced plans July 28 to pursue the German data security vendor as part of its strategy for challenging […]

Sophos announced plans July 28 to make a roughly $340 million bid to buy German security vendor Utimaco Safeware. Utimaco focuses on data loss prevention and endpoint encryption technologies through its SafeGuard product line. According to Sophos officials, the acquisition would extend Sophos’ security and control strategy, which is aimed at protecting data and computers […]

Symantec has opened up a beta program for Norton Safe Web that puts the company on course to challenge a similar offering from security rival McAfee. According to Symantec, Norton Safe Web is available starting today, July 28, as a plug-in for the beta version of NIS (Norton Internet Security) 2009. Safe Web functions as […]

Researchers at the National Institute of Standards and Technology have developed a new analysis technique to help IT administrators assess security risk. The patent-pending technique was developed by computer scientist Anoop Singhal and his research colleagues at George Mason University. Though NIST researchers weren’t available this morning to comment on their findings, Singhal and his […]

With details of the Domain Name System flaw discovered now public and attack code in the wild, security researcher Dan Kaminsky once again is urging IT administrators to patch promptly. The bug can be exploited to poison DNS caches and re-direct Internet traffic to malicious sites. Kaminsky, director of penetration testing at IOActive, held a […]

Microsoft is making a push into the data warehousing space with the purchase of DATAllegro, in a move that could touch off similar acquisitions by other vendors. The acquisition, being made for an undisclosed sum, is aimed squarely at strengthening Microsoft’s position in the data warehousing market, which is rapidly expanding because of the explosive […]

Sybase’s investments in database technology appear to be paying off. In its second-quarter earnings call July 23, company officials announced that license revenue for Sybase database products grew 38 percent year over year, driven by adoption of Adaptive Server Enterprise and Sybase IQ. Overall, Sybase’s place in the RDBMS (relational DBMS) market remains small, at […]

Oracle has bundled together a suite of access management products in a bid to help enterprises secure their Web-based environments and to challenge its main rivals in the space. The new offering is called Oracle Access Management Suite, and combines Oracle Access Manager, Adaptive Access Manager, Identity Federation and Entitlements Server into one integrated suite, […]

The Intrepidus Group has put its own spin on the axiom about teaching a man to fish. In this case, the information security vendor is teaching companies to phish-not so they can feed themselves, but so they can educate their employees on the threats they face. Through Intrepidus’ new software-as-a-service platform PhishMe, organizations can simulate […]