Dennis Fisher

Security experts and government officials agree that the unprecedented disruption of services by the SQL Slammer worm last week exposed the inherent flaws in the Internet and the domino effect that a few unprotected servers can have on the rest of the network. Unleashed early on Saturday, Jan. 25, the worm hit data centers, snarling […]

A prominent security vendor that is well-known for finding dangerous vulnerabilities in software said last week that it will no longer work with the CERT Coordination Center after becoming disillusioned with the organizations policy of giving some people advance notice of new vulnerabilities. Researchers at Next Generation Security Software Ltd., in Surrey, England, were angered […]

The security industry has always looked to the field of medicine for metaphors and ways of thinking about network protection. Now, Sana Security Inc., a San Mateo, Calif., start-up, is extending that relationship to another level with the introduction Monday of its Primary Response application security platform. The software works by observing application-operating system interactions […]

Ronald Dick, the former director of the FBIs National Infrastructure Protection Center, joined Computer Sciences Corp. Monday, eliminating himself from consideration for the top security job at the Department of Homeland Security. Dick had been considered one of the candidates for director of the Information Analysis and Infrastructure Protection division of the new department. The […]

As Richard Clarke prepares to step down as chairman of the Presidents Critical Infrastructure Protection Board and adjust to life in the private sector, questions remain about the boards place and utility in the new Department of Homeland Security. Clarke plans to resign within the next few weeks after 30 years of government work. For […]

The security researcher whose code was used as a template for the Slammer worm is now reconsidering his position on releasing sample exploit code. David Litchfield, co-founder of Next Generation Security Software Ltd., in Surrey, England, said in a post to the BugTraq mailing list Wednesday that hes concerned that some future code of his […]

Richard Clarke, the presidents top information security adviser, is planning to retire within the next month, leaving a power vacuum at the top of the governments security structure at a crucial point in the development of the nascent Department of Homeland Security. Clarke, chairman of the Presidents Critical Infrastructure Protection Board, has been the driving […]

A prominent U.K.-based security vendor well-known for finding dangerous vulnerabilities in a variety of software said on Monday that it would no longer work with the CERT Coordination Center after CERT personnel gave advance notice of several new vulnerabilities to a software vendor and some government officials. Researchers at Next Generation Security Software Ltd. were […]

Its been one of the dirty little secrets of the security industry for years: Software patches dont work. Its not that they dont fix the problems that theyre designed to solve; they do. Despite technical problems with some patches, most notably regression errors and incompatibility issues in patches from Microsoft Corp. and others, hot fixes […]

Microsoft Corp. is stepping up its Trustworthy Computing efforts as it readies the release of Windows Server 2003—a product viewed by company executives and customers alike as a crucial test of the security programs effectiveness. The server, due in April, is the first product from the Redmond, Wash., developer to be designed and built from […]