Dennis Fisher

As part of a continuing effort to find a way to handle sensitive security vulnerabilities, government security officials have been discussing the possibility of creating a central point of contact within the government for reporting such information. Under a scenario the officials have discussed, researchers who find a new vulnerability would be encouraged to send […]

Congress last week set aside $903 million over the next five years for new education programs and public/private partnerships that are designed to battle attacks on computers. Almost immediately, vendors began racing to bid for a share of the pie. Microsoft Corp. last week named former U.S. Coast Guard officer Thomas Richey to the companys […]

Math is hard. Those three words sum up the premise upon which the security of the trillions of bits of encrypted data crisscrossing the Internet daily depends. The encryption algorithms used in everything from Web browsers to virtual private networks to the servers holding the nations top-secret data at the National Security Agency are all […]

An apparent delay in the availability of patches for the vulnerabilities in BIND that were disclosed earlier this week is once again highlighting the seemingly endless debate over when and to whom vulnerability data should be released. Internet Security Systems Inc.s X-Force research team on Tuesday released an advisory warning of three newly discovered vulnerabilities […]

After a year of work on the Trustworthy Computing initiative, Microsoft Corp. executives say they are pleased with the progress the company has made thus far, but acknowledge that theyve only just scratched the surface of what needs to be done. Although it didnt get much attention until Bill Gates wrote his famous call-to-arms memo […]

CHICAGO—IBM next week will announce two new initiatives designed to extend the companys reach in the security market. On Tuesday the company will announce a new integration of its Tivoli Risk Manager 4.1 software with Check Point Software Technologies Ltd.s FireWall-1 and VPN-1 products, which will enable administrators to manage Check Point devices from the […]

Security researchers have discovered several serious new vulnerabilities in the BIND software that runs on the vast majority of the Internets DNS servers. The most serious flaw, a buffer overrun in both BIND 4 and BIND 8, enables an attacker to execute arbitrary code on a vulnerable server. The Internet Software Consortium, which maintains the […]

Lancope Inc. on Tuesday unveiled its new StealthWatch Management Console, which is designed to enable administrators to manage multiple IDS appliances from a central location. The console collects data from all of the StealthWatch IDS boxes deployed in a given network and correlates the information. A user can select a specific security event and get […]

CHICAGO—Microsoft Corp.s top security executive on Monday called on the government to take more responsibility for the security and integrity of the nations critical infrastructure, saying that leaving the task to vendors and market forces is a mistake. “The problem is, we have delegated security to the markets, and the markets dont do that,” said […]

A New York-based startup last week announced it has a working prototype of a device capable of employing quantum cryptography to encode keys on existing high-speed networks. MagiQ Technologies Inc. is the first company to announce its intention to sell a commercial solution based on the concept of quantum cryptography. Code-named Navajo, the system comprises […]