- +
Strategies for Dealing With IT Complexity 24 December, 2007 10:30:47
Every innovation, every business process improvement, comes with an IT complexity tax that must be paid by CIOs in time, money and sweat. Here are strategies to mitigate the increasing complexity of IT as it enables new business.Every innovation, every business process improvement, comes with an IT complexity tax that must be paid by CIOs in time, money and sweat. Here are strategies to mitigate the increasing complexity of IT as it enables new business.
- +
Can Macs conquer the enterprise? 11 January, 2008 10:55:53
The field is wide open for a Macintosh insurrection on the business desktop. It could happen, but probably won't. Here's why.If Apple were a football team, the New England Patriots would have had some serious competition this year. - +
Adobe launches hosted services, adds Flash to Acrobat 03 June, 2008 09:02:44
Adobe to launch Web site offering users free hosted services for document creation, sharing and storageAdobe this week is set to unveil the next version of its Adobe Acrobat software, which adds support for the company's Flash multimedia technology. The company also plans to launch a new Web site offering users free hosted services for document creation, sharing and storage.
Read up on the latest ideas and technologies from companies that sell hardware, software and services. Newsletter Subscription
With attackers finding more ways to exploit a critical flaw in its Windows operating system, Microsoft has published an emergency software patch.
The update fixes seven separate Windows vulnerabilities, but security experts are most concerned about a bug in the way Windows processes .ani Animated Cursor files. Online criminals have been exploiting this bug since late last week.
This is the only one of the seven vulnerabilities rated "critical" by Microsoft.
Microsoft was forced to release the early update a week ahead of schedule because attacks had become too widespread, director of malicious code intelligence with iDefense, Ken Dunham, said. "We have over 400 different URLs identified and related to attacks, and multiple emails have been sent out that direct people back there," he said. "We have proof that organised groups are now launching attacks."
The .ani attack vector would probably be one of the most prevalent and persistent types of attacks over the next months and years, he said.
Exploit code for the flaw had now been added to the widely used Metasploit hacking tool, and there were automated malicious website generation tools available, he said.
This is the third such "out-of-band" patch release Microsoft has made since January 2006. While attacks based on this .ani flaw are still considered limited, exploitation of the bug is following trends similar to the Windows Metafile (WMF) and Vector Markup Language (VML) vulnerabilities that were patched in the other two updates, according to director of Microsoft's Security Response Center, Mark Miller.
Microsoft had seen only Web-based exploitation of the .ani flaw, Miller said. "There have been some indications that email has been used, but we haven't seen anything on that front."
It was first notified of the flaw in December 2006 by security vendor, Determina.
Earlier this week, a Determina executive said Microsoft would have been better off issuing a patch for the .ani flaw sooner, rather than waiting for the April update and forcing customers to rush an emergency fix. "The customers are now going to incur the same cost as they would before, except that they are going to have to do this in panic," Determina's vice-president of marketing, Nand Mulchandani, said. "I have no idea why they didn't do this earlier."
Miller defended Microsoft's decision. He said that because the .ani flaw could affect other applications it required a great deal of testing. "The amount of time taken to patch was appropriate given the level of quality we were trying to release with," Miller said.
Windows users are strongly encouraged to install the patch, because the .ani flaw can be used to exploit computers running virtually any version of Windows, including Vista, even if they are running non-Microsoft browsers like Firefox and Opera, Mulchandani said.
Discover how SOA can create smarter outcomes for your business.
Attend and learn:
- How SOA is helping leading companies to become more agile
- Where you should be applying SOA processes in your company
- The top SOA implementation mistakes to avoid
Click here for more information.
- +
CIO Live Podcast #79: Brent D Taylor, author of The Outsider's Edge: The Making of Self-Made Billionaires Part II 05 October, 2007 06:00:00
For his new book, The Outsider's Edge: The Making of Self-Made Billionaires, social researcher Brent D Taylor spent four years of intensive research investigating the psychological make-up and backgrounds of some of the world's richest men and women, including IT luminaries Bill Gates, Larry Ellison and Steve Jobs. Taylor discovered that, despite working in different industries and coming from different upbringings, they all have one thing in common -- they are all outsiders. - +
CIO Live Podcast #78: Brent D Taylor, author of The Outsider's Edge: The Making of Self-Made Billionaires 28 September, 2007 17:34:25
For his new book, The Outsider's Edge: The Making of Self-Made Billionaires, social researcher Brent D Taylor spent four years of intensive research investigating the psychological make-up and backgrounds of some of the world's richest men and women, including IT luminaries Bill Gates, Larry Ellison and Steve Jobs. Taylor discovered that, despite working in different industries and coming from different upbringings, they all have one thing in common -- they are all outsiders. - +
CIO Live Podcast #77: Panasonic Speeds Up Trans-Pacific File Transfers, Part III 21 September, 2007 07:00:00
Part three in our three-part special report from CIO's sister publication Network World in the US, as Paul Desmond reports from the Network World IT Roadmap Conference in Santa Clara, California. With development teams in the US and Japan, Panasonic needed a more efficient way to move very large files between the two locations. Iben Rodriguez, IT consultant for Panasonic Research and Development, explains how a storage-area network and virtual server technology helped speed up WAN performance. - +
CIO Live Podcast #76: Panasonic Speeds Up Trans-Pacific File Transfers, Part II 14 September, 2007 07:00:00
Part two in our three-part special report from CIO's sister publication Network World in the US, as Paul Desmond reports from the Network World IT Roadmap Conference in Santa Clara, California. With development teams in the US and Japan, Panasonic needed a more efficient way to move very large files between the two locations. Iben Rodriguez, IT consultant for Panasonic Research and Development, explains how a storage-area network and virtual server technology helped speed up WAN performance. - +
CIO Live Podcast #75: Panasonic Speeds Up Trans-Pacific File Transfers, Part I 07 September, 2007 07:00:05
Part one in our three-part special report from CIO's sister publication Network World in the US, as Paul Desmond reports from the Network World IT Roadmap Conference in Santa Clara, California. With development teams in the US and Japan, Panasonic needed a more efficient way to move very large files between the two locations. Iben Rodriguez, IT consultant for Panasonic Research and Development, explains how a storage-area network and virtual server technology helped speed up WAN performance.
- +
Data-center security tools to not overlook 10 October, 2008 11:37:00
With the rise of security suites, it's time to consider some emerging security tools and rethink othersProtecting a corporate data center is like trying to keep an elephant safe from a swarm of flies. Despite your best efforts, bites happen. As the staples of security -- such as firewalls, antivirus software, spam and spyware filters -- come together in suites of products that allow for sophisticated management, there are other security tools either emerging or worth a rethink. - +
IBM, Secret Service, others study identity/cybercrime issues 09 October, 2008 10:09:00
Center for Applied Identity Management Research organization teams experts in criminal justice, financial crime, biometrics, cybercrime and cyberdefense, data protection, homeland security and national defense.IBM, LexisNexis and the Secret Service are among a group of corporations, government agencies and academic institutions that has formed to study and help solve identity management challenges around cybercrime, terrorism and narcotics trafficking. - +
Strange account management at Amazon 09 October, 2008 09:51:00
A careless login led to the discovery of some strange ccount management practices at one of the Internet's largest retailers.Via the RISKS mailing list comes an interesting tale of poor online account management at a major online retailer. According to Graham Bennett, accounts with Amazon display an odd behaviour that doesn't seem to have attracted much attention in the past. - +
Cambridge lab sets quantum key world record 09 October, 2008 07:51:00
Researchers can now shift encryption keys around at speeds of 1Mbps.The hugely promising security technology of Quantum Key Distribution (QKD) has moved an important step closer to commercialization with the announcement by UK-based researchers that they can now shift encryption keys around at speeds of 1Mbps. - +
Palin hacking charge flawed, lawyers say 09 October, 2008 07:28:00
Case considered a misdemeanor offence not a felony.David Kernell is facing five years in prison for allegedly hacking into Alaska Governor Sarah Palin's Yahoo e-mail account, but lawyers watching the case say that the felony charge against him is a bit of a stretch.
F-Secure achieves excellent results in Internet security suite comparison 10 October, 2008 14:37:00
Lock It Up With Maxtor BlackArmour, Hardware Encrypted Storage Provides Government Grade Security For Consumers 10 October, 2008 09:04:00
Pitney Bowes MapInfo Launches New Version of AnySite 10 October, 2008 05:58:00
IOGEAR Gears Up in Australia 09 October, 2008 20:18:00
Internet Service Providers offer new unlimited Online Backup from F-Secure 09 October, 2008 19:42:00
|
||
|
||
|
|
||
|
Dude! You Say I Need an Application-Layer Firewall?!
Proxy firewall technologies have proven time and again to be more secure than “stateful” firewalls. They will also prove to be more secure than “deep inspection” firewalls. High-performance proxy firewalls are available today which are easily capable of handling gigabit-level traffic. Discover more by reading on.
Subscribe to CIO
