Brian Prince

Details of the DNS flaw uncovered by security researcher Dan Kaminsky have found their way into the public arena. Kaminsky, who is the director of penetration testing for the security company IOActive, had planned on keeping the specifics of his discovery close to his vest until the Black Hat conference in August in Las Vegas. […]

Fortify Software released a report July 21 that will likely wake open-source advocates and application developers from their morning calm. Dubbed the “Open Source Security Study,” the Fortify-sponsored report, which was prepared by security consultant Larry Suto, examined 11 of the most common Java open-source packages for vulnerabilities using Fortify’s technology. Two to four versions […]

The open-source database market is continuing its upswing, and shows no signs of slowing down. A market update by Forrester Research puts the value of the open-source database market at $850 million, which includes software licensing, technical support and services. By 2010, the authors of the report estimate that figure will jump to $1.2 billion […]

Efforts at security in the cloud, also called Security SAAS, are currently focused on messaging security, but expect the concept to expand as the enterprise workforce relies more on mobility and applications in the cloud. Messaging security has been a big beneficiary of early security SAAS (software as a service) adoption. Analysts at IDC have […]

DNSstuff.com is offering a free tool for organizations looking to test the susceptibility of their domain name servers to a fundamental flaw in the Domain Name System protocol revealed publicly last week. A provider of on-demand DNS and network analysis tools, DNSstuff made the freeware, which company officials have dubbed DNS Vulnerability Check, available on […]

When reports of a disgruntled network administrator locking his co-workers out of San Francisco’s new FiberWAN first touched my ears, the first thought that raced through my head-besides the word “wow”-was that this was a clear example of how an insider can potentially bring IT operations to a screeching halt. Terry Childs, 43, pleaded not […]

Intel is bringing its Trusted Execution Technology from the realm of the desktop to the notebook side of the world for users of Centrino 2 with vPro. The technology, launched with the new mobile platform July15, is meant to provide a protected execution environment where sensitive data can be processed out of view from other […]

Call it a cybercrime family. In its trends report for Q2 2008, researchers at Finjan got inside the underground hacker economy and found that as threats have grown more sophisticated, so have the organizations pumping them out. Individual hackers and loosely organized groups have apparently gone the way of the dinosaur, replaced by well-structured organizations […]

Oracle released 45 security fixes July 15 as part of its latest Critical Patch Update. The patches bring the total for the year to 112 vulnerabilities patched. The Oracle Database has the most fixes-a total of 11, none of which can be exploited remotely without authentication. The vulnerabilities affect a number of components, including Advanced […]

Symantec has put the emphasis on performance in the new version of Norton Internet Security and Norton AntiVirus, which are now in open public beta. In Norton Internet Security 2009 and Norton AntiVirus 2009, the security heavyweight has sought to reduce its footprint, in part with new technology called Norton Insight. The Insight feature works […]