Cyber risk is increasing for individuals and organizations, making flexible and robust solutions for identifying spam and malware increasingly critical. Apache SpamAssassin is an anti-spam framework we stand behind and have been using in Guardian Dig...
A variety of denial-of-service vulnerabilities has been explored and documented by BindView's RAZOR Security Team. These vulnerabilities allow attackers to consume limited resources on victim machines. BindView's RAZOR Security Team has referred to these vulnerabilities as Naptha vulnerabilities. Denial-of-service attacks . . .
During just one month of monitoring, the Honeynet team's "honey pot," which poses as a real network to attract hackers, had been scanned by hundreds of unique IP addresses looking for two particular ports: UDP (User Datagram Protocol) port 137, used . . .
Tired of conferences not living up to your expectations? Then you haven't been to Usenix. In this month's Wizard's Guide to Security, Carole Fennelly reports that Usenix's recent security conference offered interesting and accessible talks -- and a who's who of . . .
Several security vulnerabilities have been found in the latest version of BIND. CERT has now issued an advisory outlining those vulnerabilities and how to resolve them. "The CERT Coordination Center has recently learned of two serious denial-of-service vulnerabilities in the Internet . . .
Kris Kennaway succeeds Warner Losh as FreeBSD security officer. " I am resigning as FreeBSD's Security Officer. Over the past several years I have enjoyed watching FreeBSD's security improve. The change in attitude towards security issues of FreeBSD has . . .
Security was a hot topic at Monday's first-ever federal Linux user's conference. The news that Microsoft Corp.'s network had been breached and that hackers had gained access to source code underscores the need for effective security systems to protect large institutions . . .
Now you can download some late arriving presentations from SANS Network Security 2000 last October 15 - 22 in Monterey. Just click on the title of the presentation you're interested in to access the PDF file. Brief session descriptions are provided . . .
This year's BSDCon is being held at the Monterey Hyatt, in Monterey Ca. The first tutorial was a two-day tutorial covering BSD System Security. For the most part the classes are intensive and there was a lot of ground to cover. . . .
Members of the Members of the Global Internet Liberty Campaign (GILC) will today urge the Council of Europe to reconsider a draft treaty on cybercrime. The international coalition of civil liberties and human rights organizations, which includes the Electronic Privacy Information . . .
Security Trends for 2001 - authoritative predictions from three sources. This PDF file contains comments from Alan Paller, Marcus Ranum, and others on the security trends we can expect to see in the coming year.
In November, the ultimate ICANN outsider will become one of its ultimate insiders. When Andy Mueller-Maguhn of Germany takes his seat on the ICANN (International Corporation for Assigned Names and Numbers) board, he says he'll start tearing down the Internet governing . . .
The topics covered where pretty comprehensive. Alan started with an outline of what is computer crime and then ended up with a quick guide to the latest script kiddie software. This, believe it or not, included running Nessus (a new script . . .
The first open balloting of board members to the non-profit group overseeing the Internet's name and address system led on Tuesday to the election of five regional directors, including a German hacker. The five new grass-roots members, each representing a major . . .
The cryptorights folks are holding a party in San Francisco, California on September 21st." The last of the Big Crypto Patents --the RSA algorithm-- will officially expire and enter the Public Domain on 20 September 2000 (at midnight local time), two . . .
The system had the same account and password as last year. There was a trivial vulnerable program in the home directory, resulting in a root shell. The kernel had been modified to include a form of access control called DTE which . . .
Marc Blumenauer writes, "till today I did not find any useful information about the past DefCon VIII. I was there, and therefore I decided to write my own review and published exclusive images (256!) on my www site. please feel free . . .
The secret service won't be the only high-profile security group in Philadelphia at the Republican National Convention. A computer security organization will sound the alarm over the increasing vulnerability of America's network-based society on Wednesday. . . .
The European Parliament's de facto rejection of a so-called safe harbor plan to promote data transfers between the European Union and the US has waxed into an unprecedented balance of power issue between the parliament and the European Commission.
Joe Barr takes off his rose-colored glasses and discovers deception and darkness are old hat in the world of computer security. This week I'm eating crow because I didn't follow my gut instinct on a story I wrote about Linux security . . .
In the charge to protect computer systems against cyberattacks, the National Security Agency and the State Department are two prime examples of agencies that have taken a proactive approach. NSA is one of the federal agencies that have taken the . . .