Dennis Fisher

Microsoft Corp. has released the first of what will be several OS-specific guides to securing Windows machines. The guides are a result of the internal work that the company has been doing to improve the security of its products. Much of the content comes directly from lessons learned during the security push Microsoft began last […]

A lack of focus and leadership within the federal governments security community makes it unlikely that many of the initiatives in the recently released National Strategy to Secure Cyberspace will ever be implemented, security experts and Washington insiders say. And, as the strategy centers on improving security inside the Beltway—a major shift from early drafts […]

Two Cambridge University researchers have discovered a new attack on the hardware security modules employed by banks that makes it possible to retrieve customers cash machine PINs in an average of 15 tries. The attack takes advantage of a weakness in the cryptographic model used by many HSMs to encrypt, store and retrieve PINs. The […]

As an extension of its ongoing effort to improve the security of its products, Microsoft Corp. on Thursday announced that is has formed an academic advisory board to offer advice and comments on Trustworthy Computing issues. The board comprises 14 professors from universities all over the world and includes some of the best-known names in […]

Intel Corp. and Check Point Software Technologies Ltd. announced Wednesday that they are working together on developing enhanced VPN-based security systems for notebook PCs based on Intels Centrino mobile technology. The companies say they are aiming to provide automated, hardware-based security systems for wireless connections, especially for users who regularly use public wireless hot spots. […]

On Jan. 20, the security engineers at Addamark Technologies Inc. noticed the problem immediately: Someone had accessed a confidential, password-protected document on the companys Web server that contained technical product details. After studying the traffic logs more carefully, San Francisco-based Addamark officials discovered it was no random hack. The intrusion had come from a competitor, […]

As secrets go, it wasnt very technical. Matt Blaze, a respected security expert and research scientist at AT&T Labs Research, in Florham Park, N.J., published a paper last fall describing how to make a master key for an office building or a school. The method required one key for any lock in the building, access […]

Sanctum Inc. last week released an application designed to enable developers to perform security testing and vulnerability assessments of software during the development stage. AppScan Developer Edition 1.5 is targeted at Web-application developers and is integrated with Microsoft Corp.s Visual Studio .Net software. As a developer goes through the coding process, he or she can […]

The FBIs cybersecurity arm is warning that the imminent threat of war with Iraq and escalating tensions with North Korea could lead to increased attacks against U.S. networks. “Recent experience has shown that during a time of increased international tension, illegal cyber activity…often escalates,” the FBIs warning says. This activity can be state sponsored or […]

Symantec Corp. on Wednesday released the newest version of its DeepSight Threat Management System, which now integrates firewall data and includes new reporting and analysis capabilities. The system, which Symantec acquired in its purchase last year of SecurityFocus, is designed to be a comprehensive, early-warning system for administrators and security analysts. It gathers incident and […]