INFORMATION

Site Map - IT Security

IT Security

- Peer-to-peer file-sharing networks pose a severe risk of inadvertent disclosure for large financial institutions, say researchers from the Center for Digital Strategies.

Web Protections

- Consumers will pay more money to shop on a retailer’s Web site with strong privacy protections according to a Carnegie Mellon study.

Quick Bytes: Risky e-mail

- Half of the corporate employees surveyed have saved a work e-mail outside the company network, and almost half have used corporate systems to send jokes, pictures, and “stories of a questionable tone” to friends. Yet 92 percent of these respondents believe that their e-mail use does not pose any risk to their employers.

Web Sites Provide Rich Harvest for Spammers

- If your e-mail address is posted on a Web site, the chances of it being “harvested” by a spammer are much greater than if the address appears on a blog, on a message board, or in a chat room. That’s one finding from a study conducted by the Federal Trade Commission (FTC), whose investigators created 150 e-mail accounts—50 with an Internet service provider (ISP) that does not use antispam filtering, and 50 each at two other ISPs that do filter for spam—to learn more about how to reduce spam. @ E-mail Address Harvesting and the Effectiveness of Anti-SpamFfilters, a report by the federal trade commission’s division of marketing practices, is at SM Online.

Trojans Bearing Gifts

- Malicious code threats continue to rise, according to this software company report.

IT Gets Respect

- According to a survey of IT in the corporate world, the importance of IT security professionals is finally being recognized.

19 Deadly Sins of Software Security

- The book covers these 19 programming flaws, which include the most devastating types of coding and architectural errors, such as buffer overflows, format string problems, cross-site scripting, and insufficient encryption.

Behind the Numbers

-

Numbers

-

A Site to See

- The next time you see Microsoft Windows’ “blue screen of death” or a “fatal error” message flash across your monitor, don’t get angry; reboot and then point your browser toward the DistroWatch Web site

Laws to Aid Breach Victims

- A Chronology of Data Breaches Reported Since the ChoicePoint Incident outlines many of 2005’s breaches and their causes, from 250 individuals who were put at risk when computers at East Carolina University were hacked to the millions at risk from breaches at CardSystems.

Quick Bytes: Trojans bearing gifts

- Trojan horse programs—those pieces of malware designed to infiltrate a computer and then steal information to be sent back to an attacker—accounted for more of the malicious code in 2005 than worms. This indicates, according to researchers at antivirus firm Sophos, that criminals may be moving away from large-scale bombardments in favor of targeted attacks that could yield passwords, credit card information, and bank login credentials. @ The Sophos Security Threat Management Report is at SM Online
 




Beyond Print

SM Online

See all the latest links and resources that supplement the current issue of Security Management magazine.