Dennis Fisher

Netegrity Inc. and startup Layer 7 Technologies Inc. are each seeking to simplify the process of securing and managing Web services deployments. Netegrity, which has been one of the major players in several Web services security standards efforts, this week plans to release a reference architecture for securely deploying Web services. The document lays out […]

A new mass-mailing virus is on the loose on the Internet, this one masquerading as a message from Microsoft Corp. about a cumulative security patch. Known as either Swen or Gibe, the virus is mainly found in Europe right now, but anti-virus experts say it has the potential to spread quickly and widely. Like some […]

Security experts have discovered two new vulnerabilities in IBMs DB2 database software, both of which allow an attacker to gain root privileges on vulnerable servers. The weaknesses are potentially quite dangerous, considering that DB2 is one of the most popular enterprise databases, especially for e-business applications. However, the flaws can only be exploited by local […]

Symantec Corp. on Monday plans to introduce the next generation of its DeepSight Threat Management System, which now pays more attention to developing threats and early warnings. DeepSight 5.0 is the second major revision of the product since Symantecs acquisition of SecurityFocus, the company that developed the technology. The system relies on a network of […]

There is a serious security flaw in several versions of both Solaris and Trusted Solaris that make it possible for virtually any remote or local user to gain root privileges on a vulnerable machine. There is also a working exploit for this vulnerability circulating in the security community. The problem lies in the Solstice AdminSuite, […]

Adding more fuel to the fears that another Windows worm is on the horizon, security experts said Tuesday afternoon that they have seen working exploit code in the wild for the latest pair of vulnerabilities in the Windows RPC DCOM interface. The discovery of the code, which can be used to attack the two buffer […]

Despite growing opposition, U.S. Attorney General John Ashcroft last week completed his public relations road show to defend the expanded police powers found in the USA Patriot Act, which was signed into law two years ago. At the same time, the White House came out in favor of a movement to further expand the governments […]

The SoBig.f virus mercifully expired last week, providing worm-weary administrators and users with a bit of relief, but the respite may be short-lived. The original SoBig virus appeared in early January, welcoming workers back from the holidays with a raft of infected messages from big@boss.com. In the intervening eight months, five more variants have been […]

Department of Homeland Security officials hope to announce as early as this week the name of the person who will head the departments National Cyber Security Division. The identity of the candidate is still under wraps as the White House finishes its background checks, sources said. When the announcement comes, the new NCSD chief will […]

Nearly a month to the day after the Blaster worm began tearing through the Internet, Microsoft Corp. reported three newly identified flaws in the Windows RPC protocol, two of which are quite similar to the one that Blaster attacks. The most recent vulnerabilities include two buffer overruns and a denial-of-service (DoS) flaw—all of which are […]