Phishing botnet expands by hacking legit sites
The Asprox botnet is now using a SQL injection attack tool aimed at hacking legitimate Web sites to try to add more hijacked PCs to its collection, a security researcher said today. Read more...

Security researcher devises rootkit for Cisco's routers

Microsoft fixes critical Windows, Word flaws

Phishers scamming IRS rebates, Burma donors

Restaurant chain served up payment card data to hackers

Srizbi grows into world's largest botnet

Google takes Street View snaps in Paris; lawsuits could follow

Windows Vista more secure than XP, says security company

Google launches Web security for corporations

Microsoft to patch four bugs on Tuesday

More Spam, Malware and Vulnerabilities Stories

Opinion: Battling information-security Stockholm syndrome
Hating the PCI-DSS security standard when it exists only to help consumers and merchants is a sign that the security industry's not quite right in the head, says Ben Rothke.

Response team boosts open-source security
The oCERT project, founded in March, aims to bridge the communications gaps that bedevil security on open-source projects.

Opinion: Malware vs. anti-malware, 20 years into the fray
Steven J. Vaughan-Nichols takes stock of the malware/anti-malware landscape nearly 20 years after the very first Internet worm and spotlights how the two sides are approaching the battle.

Opinion: Phishing in the backyard
A nasty new scam tactic involves gaining access to internal corporate e-mail, then phishing employees of the company. What's to be done when you can't even trust messages from your co-workers?

Opinion: Sequoia & e-voting... the best government money can buy
Robert X. Cringely beholds the mess in Jersey and asks if our votes count when corporate and public interests collide.

Opinion: Government and industry unite in cybercrime battle
Cyber Storm II, underway this week, attracts participants from both the private and public sectors. Representing one of those participants, McAfee's Carl Banzhof explains what it's all about.

Opinion: Goodbye to the Year of the Fire Pig
The year ahead? Expect fast-paced improvements in security technology, says Jon Espenschied -- also, slashed budgets, "tactical" security fixes, and continued consumer obliviousness.

Opinion: Mixing open- and closed-source, managing risk
Talk about the worst of both worlds: When Jon Espenschied tried to untangle a malware attack on his dual-boot system, he found out just how vulnerable combining open- and closed-source software can leave a machine.

A Business Problem
Frank Hayes argues that IT needs to convince management that security is a business issue more than a technical or people problem.

Attention, Shoppers
It's almost December, and that means users are facing personal and professional pressures that could push them over the edge. Frank Hayes suggests taking a friendly, proactive approach to help them cope; you could start by offering them tips on safe online shopping.

Specialists have retrieved about 99% of the data on a disk drive on board the crashed space shuttle Columbia. Don't miss the photographs of the recovered drive. These big ideas were supposed to revolutionize technology, but they never actually appeared. In a few cases, you'll be glad they didn't. Nearly 20 years after the first Internet worm, Steven J. Vaughan-Nichols takes stock of the malware/anti-malware landscape and spotlights how the two sides are approaching the battle. Though some thought it was released too soon, Mac OS X 10.5 has matured into a solid operating system, says reviewer Michael DeAgonia.

Reviews, analyses, how-tos, visual tours, hot issues and predictions about Microsoft's new OS.

More Continuing Coverage After 9/11: Homeland SecurityAsk a Premier 100 IT LeaderBlackBerry Legal BattleData Security BreachesElectronic VotingFirefoxH-1B VisasHP's Boardroom ScandalHandheld DevicesHurricane Katrina AftermathMicrosoft Legal IssuesMicrosoft's VistaOpen SourceRFID TechnologySCO's Linux FightSarbanes-Oxley ActSpamVoice Over IPWi-FiWindows Meta File VulnerabilityWindows XP Service Pack 2

Four years from now, the IT field will be a vastly different place. Will you be ready?

The New Foundation of Storage: Xiotech's Intelligent Storage Element (Source: Xiotech) The underlying elements of data storage remain more or less the same and have been unable to keep pace with changing business requirements. Xiotech offers a fresh approach with its Intelligent Storage Element: A storage foundation that sets new standards for reliability, performance, and scalability. Web Security SaaS: The Next Generation of Web Security PRIMEQUEST Overview New Fujitsu High-End Itanium Windows- and Linux-Based PRIMEQUEST Servers Offer the Utmost in High Availability New Fujitsu High-End Itanium-Based PRIMEQUEST Servers Offer Industry-Leading System Management for Linux and Windows Symantec State of the Data Center Report 2007 Case Study: St. Clare's Hospital VMware and 3PAR: Using VMware Infrastructure 3 with 3PAR Utility Storage in Datacenter Deployments IDC Report: Major Considerations for Deploying a Thinly Provisioned Storage Solution Taneja Group Report: Next Generation Fibre Channel Storage Systems Market ESG Report: 3PAR Company Profile Storage virtualization and the HP StorageWorks Enterprise Virtual Array Edison Group Compares Virtual Arrays The Power of Pen Taneja Group Report: Must-Have Storage Requirements for VMware Deployments Aberdeen Group Report: Lowering Costs and Increasing Efficiency in the Data Center Business Continuity: Symantec Intelligent Application Recovery Solutions Guide The Fast Track to Data Center Optimization When The BI You Know Isn't The BI You Need Transferring Best Practice Analytics from Experts to Everyone Gaining Insights Through Analytics More White Papers

E-mail Address: (Required)  Security  Networking Security  Virus and Vulnerability Roundup  Security: Issues and Trends  Infrastructure & Control

"You see, this is why we love our Macs. I had a good chuckle when I read..." Read more "Dear me. Just because I recently talked about Windows XP SP3's virtues and vices, some people seem to think I've..." Read more "Pop quiz: The RIAA's claim last week that digital rights management (DRM) is the Wave Of The Future was......" Read more "Your Kevin Mitnicks, your Frank Abagnales, your Jerome Kerviels -- what are we supposed to do with our hackers, especially..." Read more More Security Blogs See all Computerworld Blogs

Free MessageLabs Trial The business risks from email and web use are widespread. But what's the reality of the situation for your business? Complete the short form to find out with a FREE MessageLabs Trial. During the trial, we will monitor all your inbound and outbound email and web traffic and provide you with a complete picture of the risks facing your business every day. Register for this trial now.

In Security There's plenty of talk about how to behave during a Customs search of your computer and gear, but Jon Espenschied's got tips for securing your data (and privacy) before you reach the border. Click here to read the latest column by Jon Espenschied

Long Tail Supplier Collaboration - What's In It For You? Long Tail Supplier Collaboration - What's In It For You? Download this webcast, free, compliments of Sterling Commerce Go to the webcast

Computerworld Executive Bulletin: Building a Robust Antivirus Defense Download this Executive Bulletin (a $49.95 value) for free, compliments of MessageLabs. (Source: MessageLabs) Antivirus software alone isn't enough to prevent today's speedy, sophisticated virus attacks. Security managers should consider multitiered approaches that include behavior scanning, appliances that check e-mail for worms, and restricting user access to dangerous Web sites. Download this Executive Bulletin (a $49.95 value) for free, compliments of MessageLabs, to learn more. Download this executive briefing

Universal Threat Management - Because Conventional UTM is Not Enough! Get this white paper now! (Source: Juniper Networks) This white paper, written by Mark Bouchard of Missing Link Security Services, examines the challenges confronting today's enterprises with respect to managing threats on a network. It also discusses the need for "Universal Threat Management", which is a security solution approach for all physical locations within an enterprise that require threat protection. Download this white paper

White Papers Read up on the latest ideas and technologies from companies that sell hardware, software and services. Web Security SaaS: The Next Generation of Web Security PRIMEQUEST Overview New Fujitsu High-End Itanium Windows- and Linux-Based PRIMEQUEST Servers Offer the Utmost in High Availability View more whitepapers

The Spy Files For Congress to do anything that helps protect consumers and the critical Internet infrastructure as a whole, it must pass laws that require proactive processes to protect computers, not that tell people how to deal with the resulting mess, says Ira Winkler. Click here to read the latest column by Ira Winkler