Dennis Fisher

Microsoft Corp. on Wednesday released patches for two critical flaws in Internet Explorer that enable an attacker to run code on a vulnerable PC. These two vulnerabilities are also the first to potentially affect the recently released Windows Server 2003 operating system. However, the new version of Windows blocks both of these attacks in its […]

WASHINGTON—This year has been nothing if not eventful for Network Associates Inc. The first five months of 2003 have seen the Santa Clara, Calif., security vendor restate several years of earnings due to an accounting issue, endure investigations by both the Department of Justice and Securities and Exchange Commission and acquire two up-and-coming intrusion prevention […]

WASHINGTON—In a rambling and somewhat odd keynote speech at the Gartner IT Security Expo here Monday, author Tom Clancy urged the assembled security specialists and CIOs in the audience to seek out experts in other fields and apply their knowledge to the IT world. “The world is full of smart people, and when you find […]

Looking to add more versatility and flexibility to its line of core routers, Juniper Networks Inc. is rolling out a security tool kit that includes a variety of protection capabilities. The enhanced functionality is delivered via Junipers PICs (Physical Interface Cards), an architecture that enables customers to select the features they want. Prominent among the […]

New leadership at security developer Ntru CryptoSystems Inc. is hoping a new services and consulting strategy will help mitigate the damage caused by problems with the companys core encryption algorithm. Once one of the premier cryptography companies in the United States, Ntru in the past six months has undergone a nearly complete face lift, replacing […]

WASHINGTON—Managed security provider Guardent Inc. on Tuesday plans to announce a new service that will enable enterprises to discover and monitor rogue wireless access points on their networks. The new offering will be delivered as part of Guardents Managed Vulnerability Protection Service and takes a new tack in the ongoing battle security specialists and network […]

Security vendor Sourcefire Inc. on Monday will announce a new security appliance that company executives say will make intrusion detection systems more efficient and valuable in enterprise networks. The Real-Time Network Awareness appliance combines vulnerability assessment and correlation with change management in an effort to reduce or even eliminate the false positives and negatives that […]

The amount of money that U.S. businesses and other organizations lose to digital attacks has dropped more than 50 percent since 2002, according to the latest survey from the Computer Security Institute and the FBI. And, the percentage of organizations that detected unauthorized use of their systems fell to 56 percent from 60 percent a […]

Microsoft Corp. on Tuesday yanked an update for Windows XP off its download site after it became clear that the software was blocking some users from accessing the Internet. The update, which is not a security patch, was designed to improve the operation of VPNs running on Windows XP machines. It made some changes to […]

Microsoft Corp. on Wednesday issued a patch for a flaw in several versions of the IIS Web server that allows attackers to run whatever code they choose on vulnerable servers. The vulnerability allows for a cross-site scripting attack on machines running IIS 4, 5 and 5.1. In order to exploit the weakness, an attacker would […]