Jason Miller, security data team manager at patching vendor Shavlik Technologies, talks about Microsoft’s emergency bulletin MS08-067 released last week. Microsoft is now warning that malware exploiting the Microsoft RPC flaw is in the wild.
Dave Jevans, chairman of the Anti-Phishing Working Group talks about the exponential increase in phishing websites, the evolution of the battle against email attacks during the group’s first five years and the outlook for the long struggle still ahead.
The SearchSecurity editorial team discuss how the poor economy affects security pros, cybersecurity for the next president, vendor security transparency and the security job market.
The Internal Revenue Service deployed two systems despite knowing they contained flaws, according to a government review. Jack Danahy, chief technology officer and co-founder of Ounce Labs explains how companies can avoid the security problems associated with system deployments.
Rootkits were once a system administrator’s best friend. Now they have evolved to become an admin’s worst nightmare: well-known, surreptitious malware that can provide super user access to an infected machine. Michael Cobb explains how to get rid of rootkitters’ latest creation: system management mode (SMM) rootkits.
Amichai Shulman, founder and CTO of Imperva examines the latest round of patches issued byOracle Corp. A new survey from RSA finds security policy is being bypassed by employees, Sean Kline of RSA joins us to talk about the details.
Andre Gold, former director of security at Continental Airlines and former head of security and risk management at ING U.S. Financial Services talks about how IT security pros should respond to the current financial crisis and the mergers and acquisitions associated with it.
Scott Mitic of TrustedID talks about the latest Identity theft news and the FTC Red Flag rules for healthcare firms taking effect Nov. 1.
Adam Shostack, a well-respected voice on privacy and security issues, joins Dennis Fisher in this episode of the Nameless Security Podcast to discuss the data breach epidemic, the untimely demise of Zero Knowledge Systems and his new book, “The New School of Information Security.”
Information security forensic investigations can be a big job, but Windows registry command tools can make it easier. From querying autostart programs to getting the goods on every USB device ever connected to a particular Windows machine, these tools can streamline an investigation. Ed Skoudis explains which system-wide commands can aid an investigation.