Stories by Ellen Messmer

Why data-loss prevention tools scare the hell out of some

Though data-loss prevention gear is proving a boon for corporate security, its "see all, know all" style of content monitoring can cast a harsh glare on business practices and legal issues that end up putting information-technology staff on the spot.

Cisco alums readying firewall killer

Five former Cisco engineers have co-founded a start-up called Rohati Systems whose products take dead aim at traditional perimeter firewalls.

McAfee, Yahoo team on Web security

McAfee and Yahoo this week announced a partnership on Web security in which Yahoo's search engine is making freely available to users the warnings about unwanted or malicious code on Web sites as determined through McAfee's security technology.

How one site dealt with SQL injection attack

The massive wave of SQL injection attacks that started striking Microsoft-based Web sites around the world more than a week ago claimed as one of its victims Autoweb, a UK-based advertising and marketing site.

iFrame attacks surge, security firm says

A flood of SQL injection attacks on Microsoft Internet Information Servers are leaving Web pages with malicious iFrames in them, and Panda Security is urging network managers to make sure their Web pages haven't been infected.

PGP publishes encryption APIs

PGP Monday announced it plans to make its encryption interfaces openly available. In addition, the company announced it intends to obtain Common Criteria certification for its disk encryption and Universal Gateway Email products.

Symantec chief talks acquisitions, Cisco's snub

Symantec chairman and CEO John Thompson last week delivered a keynote speech to thousands of security professionals at the RSA Conference 2008 in the US. Ellen Messmer caught up with Thompson at the RSA event, where he expanded on a range of topics including vendor alliances, Symantec's competition and the importance of data-loss prevention technology.

Core Security discovers IPv6-related flaw in OpenBSD

Core Security Technologies says it's discovered an IPv6-related buffer-overflow vulnerability in several versions of the OpenBSD operating system that would allow an attacker to knock a server offline or take control at the kernel level. The OpenBSD project, the group which makes the free operating system available, has issued a software patch to plug the hole.

Cisco reinforces physical security family

Cisco Wednesday expanded its physical-security product line with a digital surveillance camera and the introduction of the Cisco Physical Access Manager, an appliance that acts as a central point for managing existing door readers, electronic locks and biometric devices.