Security News Curated from across the world
Any statewide policy, however, would not apply to the legislative and judicial branches or to the state’s constitutional officers, although they could adopt it, the executive order states.
Other state governments have enacted similar P2P use policies.
http://www.fcw.com/article94067-04-13-06-Web
Internet Relay Chat (IRC) and chat-based attacks continue to dominate, but their share of all attacks dropped in favor of an increasing number of P2P attacks.
In February, Waltham, Mass.-based IMlogic Inc. and San Diego-based Akonix Systems Inc. released reports showing a dramatic spike in IM threats last year and an IT community that has yet to achieve an adequate defense.
http://searchsecurity.techtarget.com/originalContent/0,289142,sid14_gci1180006,00.html
The TPM is commonly used in enterprise workstations and laptop computers to enable security features and securely store encryption keys. Apple also uses the chip to limit the OS X operating system to Mac hardware, preventing consumers from running it on generic x86 computers.
Privacy advocates have criticised the chips because they could potentially be used to enforce digital rights management technology and prevent users from accessing certain applications or services.
http://www.vnunet.com/2153898
CompTIA also noted that in the last several years, organizations have equipped themselves with sophisticated security infrastructure that better detect and prevent attacks.
The study found that 96 percent of respondents use antivirus software while 91 percent have firewalls and proxy servers, in addition to disaster recovery plans, intrusion detection systems and information security policies.
http://www.zdnetasia.com/news/security/0,39044215,39350700,00.htm
To guarantee that the SA notification e-mails are received, institutions should ensure that their network spam filters are set to accept all e-mails from fdic.gov.
Institutions without Internet access may request to continue receiving SAs through the mail by completing the attached paper-delivery request form and faxing it to the FDIC at (703) 465-4314. The FDIC also offers electronic distribution of SAs through its online subscription service. Since this service is not secure, confidential SA attachments of fraudulent and genuine instruments are not included.
To decrease the number of unnecessary e-mails, institution users of this on-line subscription service may wish to discontinue receiving SAs through this mechanism.
http://www.bankinfosecurity.com/regulations.php?reg_id=220&PHPSESSID=0c468c65f2007d6227f7a3a2c3db0faf
They can be eavesdropped on by the people or organizations that own those computers, and they can be eavesdropped on by anyone who has successfully hacked into those computers. Do you want your competitors in on your conference calls?
Ultimately, Schneier concludes that the solution is twofold: encrypted VoIP and secure computers at the endpoints.
My first reaction to Schneier’s conclusions was, “We all want more secure operating systems, and for more than just VoIP.” My second reaction, though, is that the inherent insecurities of VoIP will eventually be addressed by the market once there’s enough demand.
http://arstechnica.com/news.ars/post/20060407-6552.html