Stories by Paul Roberts

New alerts have analysts doubting MS security

A string of new security alerts from software maker Microsoft Corp. this week has prominent industry analysts and security experts predicting that the company's goal of making its software secure may remain elusive.

Bugbear virus spreading rapidly

The Bugbear virus is rapidly spreading around the world, according to alerts issued by antivirus companies and computer security experts. The virus first appeared Monday and has since spread rapidly.

GSA unveils list of top 20 vulnerabilities

The top 20 list of Internet security vulnerabilities unveiled Wednesday by the U.S. General Services Administration (GSA) includes those affecting Microsoft Corp.'s Internet Explorer Web browser and Internet Information Services as well as the Apache Web server, which was identified as a source of problems for the Unix and Linux operating systems.

New e-mail virus targets Windows, IE

A new e-mail-borne virus variously known as "Tanatos," and "W32/Bugbear," is being circulated as an e-mail attachment and appears to target machines running Microsoft Corp. operating systems, according to alerts issued by a number of computer security companies.

Increasingly, security targets mobile devices

Recognizing the growing popularity of mobile computing devices such as handheld computers, personal digital assistants (PDAs) and smart phones, companies are rolling out a host of new products to secure data and communications on portable devices. From disposable soft tokens, to virtual private network (VPN) software for PDAs, to security management software for mobile devices, security companies are catching up to and cracking down on mobile users.

PDFs may pose threat to Unix, Linux

A security flaw in commonly distributed file-viewing programs may make it possible for attackers to use Adobe Systems Inc. PDF and PostScript files to run malicious code on machines using the Unix or Linux operating systems, according to an advisory released by technology security company iDefense Inc.

IBM set to unveil new 'autonomic' Tivoli Risk Manager

IBM will unveil on Friday the latest version of enterprise security management tool Tivoli Risk Manager, which now contains new self-protecting "autonomic" features and supports three new security products, according to an IBM official.

RSA security integrated into PeopleSoft 8

RSA Security announced Wednesday the integration of its RSA ClearTrust product with PeopleSoft Inc.'s PeopleSoft 8 Web-based enterprise application suite. The collaboration is intended to provide improved security and identity management capabilities to the PeopleSoft 8 product line, while also tying the PeopleSoft suite closer to other third party Web applications, according to a statement released by RSA.

New Slapper worm variants spread

Two new variants of the Slapper worm that targets Apache Web servers running on Linux operating systems have appeared and are reported to be spreading. The worm initially surfaced two weeks ago.

Vulnerabilities uncovered in Cisco VPN client software

New vulnerabilties discovered in the Cisco Virtual Private Network (VPN) 5000 Client software could allow an attacker to gain root access to a local workstation running the VPN client software or to capture password information used by the client, according to statements released by security company Ubizen NV and by Cisco Systems, lastThursday.

Symantec set to announce Security Management System

Symantec is set to unveil a new network security management tool called Symantec Security Management System (SSMS) in an event scheduled for Oct. 1. The new product will provide customers with a holistic view of their network security.

Security experts weigh in on cybersecurity plan

Experts in the field of cybersecurity find reason to applaud the Bush administration's plan for securing the nation's IT infrastructure, but feel that the report falls short in offering specifics and clear incentives to improve security for companies, nonprofit organizations and individuals, according to security experts and industry analysts.

Security experts divided on Slapper's threat

The Apache/mod_ssl, or "Slapper" worm that is fast infecting Web servers worldwide marks a new milestone in the evolution of computer worms, experts say: the creation of a peer-to-peer network by a worm for the purpose of conducting distributed denial of service (DDOS) attacks. But experts are divided on how big a threat Slapper poses to the Internet infrastructure as a whole.