Dennis Fisher

Former Network Associates Inc. corporate controller Terry Davis pleaded guilty Wednesday to securities fraud and now faces up to 10 years in prison. The charges are the result of an investigation by the FBI and the United States Attorneys Office into the companys accounting practices. In his plea agreement, Davis admitted to heading up a […]

A research report saying that intrusion detection systems are outdated and useless has angered some vendors who say that argument deliberately ignores several key facts and discounts IDS potential. The anger stems from a press release that research firm Gartner Inc. sent out Wednesday. The release touts a recent report that concludes that IDS systems […]

Microsoft Corp. on Tuesday announced plans to buy a little-known Romanian companys antivirus software technology for an undisclosed amount. The acquisition signals Microsofts desire to move deeper into the security market and may mean trouble for the handful of big players in the AV arena. The main product of GeCAD Software Srl., based in Bucharest, […]

Security vendor Sourcefire Inc. is rolling out a security appliance that company executives say will make IDSes more efficient and valuable in enterprise networks. The Real-Time Network Awareness appliance combines vulnerability assessment and correlation with change management in an effort to reduce or even eliminate the false positives and negatives that plague intrusion detection systems. […]

Oracle Corp. is developing several security tools to help users of the companys software find vulnerabilities and lock down their systems. The tools, which will be released over the next several months, are part of an effort by the company to extend its security commitment to customers beyond simply writing secure code and shipping software […]

The amount of money U.S. businesses and other organizations lose to digital attacks has dropped more than 50 percent since last year, according to the latest survey from the Computer Security Institute and the FBI. And the percentage of organizations that detected unauthorized use of their systems fell to 56 percent, from 60 percent a […]

Several third-party device drivers that ship with Windows Server 2003 contain a vulnerability that causes them to leak potentially sensitive data during TCP transmissions. The flaw does not affect any Microsoft Corp. drivers; it has only been found in drivers provided by outside vendors. The vulnerability is quite similar to a class of flaws first […]

The Department of Homeland Security on Friday finally unveiled its plans for a new information security division. Although many in the security community applauded the move, they also worried that the divisions as-yet-unnamed chief will be too low on the organizational chart to have much authority. The National Cyber Security Division is under the umbrella […]

A new variant of the dangerous Bugbear virus is on the loose and has begun spreading rapidly. Bugbear.B is quite similar to the original virus except that the new version contains a keystroke logger and is capable of changing its appearance to evade detection. As of about 4 p.m. EDT Thursday, MessageLabs had stopped more […]

A group representing several security and software vendors on Wednesday finally released a draft of a plan that asks security researchers to voluntarily keep a lid on the vulnerabilities they find and to follow a strict protocol for dealing with vendors. The plan is the work of the Organization for Internet Safety and is available […]