Dennis Fisher

Security researchers have found two serious buffer overruns in Oracle Corp. products, both of which give an attacker complete control of a vulnerable machine. One flaw affects Windows machines running any version of Oracle9i, while the other affects any machine running the 9i Application Server, according to a bulletin released by Next Generation Security Software […]

Microsoft Corp. on Tuesday released an updated patch for a known vulnerability in its MSN Chat control because the original fix didnt prevent the problem from recurring. Although the original patch resolved the vulnerability, it failed to prevent the vulnerable ActiveX control from being reintroduced into the system, Microsoft said. As a result, the company […]

IBM corp. on Monday announced enhanced capabilities for its Tivoli security software that add further support for Linux and Unix variants. The IBM Tivoli Access Manager for Operating Systems now has access-control support across Linux and numerous Unix-based operating systems, including AIX and HP-UX. The Tivoli Risk Manager is also getting an upgrade, which includes […]

Responding to the overwhelming popularity of instant messaging and peer-to-peer file sharing programs, a San Diego, Calif. startup later this month will roll out a platform designed to monitor and secure the protocols these programs use. Akonix Systems Inc. on Monday announced the pending availability of its L7 platform. The system works by monitoring the […]

Network Associates Inc. and Symantec Corp. have developed automated signature-delivery technologies they say should help head off the outbreak of fast-moving viruses such as Klez and Nimda. Network Associates McAfee Security division next week will unveil the latest version of its VirusScan ASaP managed anti-virus service, which includes an improved peer-to-peer delivery system that enables […]

Microsoft Corp. last week announced plans for a technology called TrustBridge, which it said will help businesses securely share customer identity information. Scheduled for release next year, the technology is roughly analogous to the companys .Net Passport service, which stores consumer identity data and enables single sign-on across multiple Web sites. Microsoft said TrustBridge will […]

If approved, the proposed Department of Homeland Security would radically alter the shape of the federal governments information security response and detection apparatus. The new department would absorb five separate security-related entities from across the government, including the FBIs National Infrastructure Protection Center and the General Services Administrations Federal Computer Incident Response Center. In total, […]

Microsoft Corp. on Thursday announced plans for a new technology called TrustBridge which it says will help businesses securely share customer identity information. Scheduled for release next year, the technology is roughly analogous to the companys .Net Passport service, which stores consumer identity data and enables single sign-on across multiple Web sites. Microsoft said TrustBridge […]

Security researchers have identified numerous flaws in the Bluetooth short-range wireless access points sold by Red-M Communications Ltd., the most serious of which could compromise the administration password. @stake Inc., a security research and consultant firm in Cambridge, Mass., discovered the six vulnerabilities in Red-Ms 1050AP, which is the only server on the market that […]

Looking to move into the top tier of security companies, intrusion-detection system vendor Sourcefire Inc. on Tuesday announced the hiring of a new CEO. Wayne Jackson, formerly of Aether Systems Inc., takes over the helm of the company, while founder Martin Roesch, who had served as CEO, becomes chief technology officer. Jackson joined Aether when […]