Monthly Archives: October 2006

Rise in the cost of data breaches

PGP Corporation and The Ponemon Institute, a privacy and information management research firm, released the 2006 Annual Study: Cost of a Data Breach.

Turn Off WiFi and Bluetooth When Not In Use

Metasploit is working on a module to transition kernel mode exploits into user mode. This is, say, exactly what you’d need to plug in a wireless driver hack on one side, and use that to create a reverse shell under root on the other. Sound familiar? This was one of the tricks Maynor demonstrated in… Read More »

Reconnex introduces Reconnex 5.0

Reconnex has announced Reconnex 5 of its iGuard 3600 appliance, which can detect risk to corporate information at each stage of exposure: before exposure occurs, while it happens, and even after exposure has already taken place.

eEye Introduces Personal freeware

eEye Digital Security, the developer of endpoint security and vulnerability management software solutions, has announced the release of Blink Personal, a free version of its award-winning Blink endpoint security technology, developed for non-commercial users.

2006 January through September Vulnerability Trends

In my studies of vulnerabilities, I have compiled a large database of information covering vulnerabilities identified at and that includes, among other things, sources concerning dates of public disclosure and references to the disclosures. With this database, it is possible to examine vulnerability trends over time and look for interesting events through the… Read More »

Safend Adds to Executive Team

Safend, an international leader in endpoint security solutions, announced today the newest addition to their management team. Susan Callahan has been named Vice President of Marketing and Business Development for Safend. Callahan’s primary responsibilities will be to supervise Safend’s global marketing activities as well as developing and managing strategic and technology partnerships which will expand… Read More »

Malicious Code Injection: Not Just for SQL

More and more, developers are becoming aware of the threats posed by malicious code, and SQL injection in particular, and by leaving code vulnerable to such attacks. However, while SQL is the most popular type of code injection attack, there are several others that can be just as dangerous to your applications and your data,… Read More »

Securing the Financial Services Firm

Traditionally, larger Financial Services Firms conduct the lion’s share of their business with in-house products and very little personal touch. Because of this, many individuals seek out the services of the small and medium business (SMB) Financial Services Firms who not only offer a broader range of products, but also faster response times, and more… Read More »

SurfControl Gets Industry Checkmark

SurfControl, the provider of global on-demand, network and endpoint IT security solutions, has announced that SurfControl has been awarded Anti-Spam Premium Checkmark Certification from West Coast Labs for SurfControl E-mail Filter and RiskFilter.