Archive for the ‘security’ Category.
June 11, 2002, 9:32 pm
White House Stressing Unorthodox in IT Security Fight
Richard Clarke, cybersecurity adviser to the White House, has presented the
possibility that unorthodox approaches may be taken by policy makers to induce
private sector owners and operators of national critical infrastructures to
harden and secure these assets. The administration is considering the idea of
cybersecurity insurance for companies, coverage that would only be available if
the company meets specific security criteria. Additionally, representatives
from Clarke’s office have been considering the development of private sector
certification program for cybersecurity companies. Cybersecurity companies
could be certified to guarantee that there is a certain level of security
expertise and knowledge. Clarke and other members of his office have been
holding town meetings across the country to help foster a dialogue between the
various parties responsible for the national critical infrastructure.
May 30, 2002, 8:57 am
vnunet:
Microsoft software expelled by top college
Newnham women’s college, Cambridge, has banned Microsoft Outlook and Outlook Express because it is tired of cleaning up after virus attacks.
The college, which has around 700 users, took the decision after the latest Klez virus outbreak.
May 29, 2002, 1:03 pm
Atlanta Journal-Constitution: The rise of hackers vs. colleges:
Security being bolstered for university computer systems
May 24, 2002, 3:47 pm
Six arrested over ‘Nigerian email’ frauds:
Six people were arrested in South Africa last weekend on suspicion of being involved in the infamous Nigerian email and letter fraud.
May 24, 2002, 12:46 pm
Network World, Daniel Blum:
Is Your Forest Burning?
Over time, Microsoft has backed away from the single-forest concept, finally publishing this past winter a white paper disclosing that service administrators in one domain can’t be isolated from other domains in the forest. Since then, Microsoft has done a security-threat analysis. It determined that a serious hacker’s goal is to gain physical access to a domain controller, or network access to a service administrator account.
Microsoft also has been doing disaster planning. Recently, it wiped out the domain controllers on its entire development group forest, which serves thousands of users, and tested the procedures necessary to bring it back online. And at Microsoft’s recent TechEd conference, a speaker went so far as to advise large companies that “if you don’t have a single CIO, you shouldn’t have a single forest.”
