Dennis Fisher

Three days after its appearance, the Bugbear virus is still gaining momentum and has passed the venerable Klez virus as the most active in the past 24 hours. One company that tracks viruses, Message Labs Ltd., said it has seen more than 21,000 copies of Bugbear in the last day, nearly twice the number of […]

NEW YORK—Symantec Corp. on Tuesday unveiled a sweeping new security architecture as well as a new set of technologies designed to correlate and filter data gleaned from dozens of sources, including competitors products. Its a move that analysts say was a must for Symantec as the company continues to evolve. “This was absolutely necessary for […]

In his now-famous memo in January outlining Microsoft Corp.s new Trustworthy Computing initiative, Chairman Bill Gates praised Microsofts efforts in building patches and responding to security problems swiftly and decisively. But, Gates said, the new demands of Trustworthy Computing mean that what was good enough before would no longer make the grade. “Our responsiveness has […]

Although much of the hype surrounding Trustworthy Computing has subsided, Microsoft Corp. is quietly pushing the initiative ahead with behind-the-scenes efforts that include an extension of its developer training program and the possible development of additional stand-alone security products. But while customers give Microsoft credit for its recent efforts, some said the company has much […]

Over the last couple of years, as security vulnerability reports have piled up on products from such big vendors as Microsoft Corp., Oracle Corp. and Cisco Systems Inc., open-source advocates have snickered. If only those vendors would release their source code and let the open-source community at it, all their problems would go away, they […]

A new mass-mailing virus hit the Internet Monday, and unlike many others of its ilk, carries with it a payload that could do quite a bit of damage to vulnerable networks. Called Bugbear, the virus installs a Trojan on infected machines that is capable of logging users keystrokes, which could include passwords and other sensitive […]

A worldwide team of volunteers, using spare computing power, found the secret key for a message encrypted with the RC5-64 cipher, winning a $10,000 prize and, they say, casting some doubt on the security of messages protected by the cipher. Distributed.net, a collection of more than 331,000 volunteers who lent their machines idle processing power […]

There is a serious flaw in the VPN service included with Windows 2000 and XP that could provide an attacker with a clear path through corporate firewalls, according to an Austrian security company. The VPN (virtual private network) client and server that ship with Windows 2000 and XP use the PPTP (point-to-point tunneling protocol) for […]

A newly discovered flaw in Microsoft Corp.s FrontPage Server Extensions gives an attacker the ability to run any code of choice on some vulnerable Web servers. Microsoft issued an advisory and a patch for the problem Wednesday. The vulnerability is in the SmartHTML Interpreter in FPSE 2000 and 2002 and involves the way the interpreter […]

After nearly a year in the shadows, the Organization for Internet Safety on Thursday formally announced its formation. The group, made up of security and software vendors, is working on a set of guidelines for handling vulnerability information, which it hopes will bring some order to the chaotic world of security research and vulnerability disclosure. […]