...

There are a lot of examples of information / data leakage. Most involve important and confidential information leaving an organization due to accidental emailing or other means. A high profile example is the confidential memo leak in the Hillary Clinton campaign. Though the post by Rebecca Herold says that she ...

There are a lot of examples of information / data leakage. Most involve important and confidential information leaving an organization due to accidental emailing or other means. A high profile example is the confidential memo leak in the Hillary Clinton campaign. Though the post by Rebecca Herold says that she ...

Database security is a promising segment, driven by compliance and the mandate to protect confidential data. While it is too early to feel comfortable with how database security will evolve and if it will become a market, it is not too early to start sorting out vendor approaches.  There are ...

I guess it’s OK to call Robert Soloway a spammer — he’s already been convicted in U.S. civil charges of spamming in 2003. This time though, he’s been arrested on criminal charges, brought by the FTC. The list of laws he’s alleged to have broken is extensive: 10 counts of mail fraud 5 ...

Declan McCullagh, writing in CNET, makes the standard schoolboy error of assuming that email sender authentication technologies are "antispam techniques." They’re not. DomainKeys Identified Mail (DKIM) and other sender authentication technologies are simply ways to detect forgeries. At best, they give a partial indication whether a message is spam or not, but ...

Declan McCullagh, writing in CNET, makes the standard schoolboy error of assuming that email sender authentication technologies are "antispam techniques." They’re not. DomainKeys Identified Mail (DKIM) and other sender authentication technologies are simply ways to detect forgeries. At best, they give a partial indication whether a message is spam or not, but ...

Symantec has its latest monthly "State of the Spam Union" report out. A couple of things caught my eye: [REDACTED] is America’s most disgusting hamburger restaurant … food is full of dead insects, such as flies and maggots — delightful little anti-brand spam this. Must be pretty low volume though, ‘cos ...

Thank the flying spaghetti monster, it’s Friday’s IT Blogwatch: in which we ponder the fate of the security industry. Not to mention deterministic programming gone mad… Bruce Schneier asks, "Do We Really Need a Security Industry?": What [does] it mean for the IT industry that there are thousands of dedicated security products ...

Less than nine months after SurfControl bought BlackSpider, it seems that Websense is buying SurfControl. Wow. Consolidation still rampant in the anti-spam market, eh? BlackSpider is an email- and Web-filtering service. Variously described as "managed", "hosted", "on demand", or "in the cloud", the service competes with the bigger fish such as MessageLabs, ...

Passwords work, users accept them, IT has to deal with them. We all know that authenticating users and controlling access to application data is the logical starting point for corporate security programs. However, a persistent problem which may potentially be the bigger risk to the business are the credentials hard-coded ...

Last week, I wrote about the CEAS 2007 Live Spam Challenge (CEAS is the Conference on Email and Anti-Spam). I opined that fair comparative testing of spam control technologies is extremely difficult, especially when behavioral analysis techniques such as greylisting and OS fingerprinting are part of the spam control technology ...