September, 2006:

• For endpoint security, 'neighborhood watch' must be formed
• Ingredients for hiring a good information security professional
• Exploits for another Microsoft flaw in the wild
• Attacks on IM networks continue to rise
• USB devices threaten UK business
• CA warranty will pay customers if they're victimized
• To ensure compliance, be able to defend the authenticity of your electronic records
• Six charged for phishing, spamming AOL users
• Poll says few firms encrypt data on mobile devices
• Most firms satisfied with security, but still looking to improve, says survey
• Mozilla adds security features to Firefox 2 release candidate
• Only one of three CFOs 'very confident' of IT spending returns, study says
• Spam a man-made email security disaster in its own right
• Microsoft sues DRM hackers
• Legislation to protect veterans' personal information passes House
• For best patch management, get operations in sync
• Cybertrust launches external monitoring service
• PowerPoint exploit adds to Microsoft's busy week
• Laptop with personal info of 55,000 GE workers stolen
• Many large UK firms forgetting email management
• Microsoft releases out-of-cycle patch for Internet Explorer VML flaw
• Spammers using geek speak to bypass filters, trick IT pros
• AOL members sue over posted search data
• Microsoft considers early patch for VML flaw, now exploited through various vectors
• When compliance and outsourcing collide
• New zero-day exploits for Internet Explorer in the wild
• Scammers adding layers to image spam
• Symantec Threat Report says home users squarely in hackers' crosshairs
• SANS threat level back to green after yellow weekend caused by VML attacks
• VeriSign: Microsoft VML exploit attacks increasing; third-party patch released
• XSS flaws jump to top of CVE rankings, but is the threat overblown?
• Google confirms phishing flaw
• Experts: Keep an eye on employee IM use
• From Interop: Survey shows 40 percent of organizations experienced a breach last year
• Symantec: Awareness growing over application security
• Hot or not: Laptop theft
• Dell and Symantec team up on email security solution
• From Interop: Automation, integrated frameworks growing on execs for compliance needs
• More malicious sites spread Internet Explorer VML exploit
• SecureWorks, LURHQ tie the knot
• Study: Few marketers act on security concerns
• Botnet-boosting worm targets AOL instant messenger users
• IE flaw bypasses fully patched systems
• Garcia appointed new DHS cyberczar
• EMC finishes RSA buy, also picks up Network Intelligence
• Citrix finds flaw, offers hotfix
• Report: HP surveillance a tech-savvy operation
• eEye execs shuffle offices
• Princeton prof says mini-bar keys open Diebold voting machines
• McAfee: Spammers cycling more quickly through domains
• Update: Firefox flaws fixed in update
• Hack code published for Internet Explorer vulnerability
• Quartet of spam distributors settle with FTC
• Feds have lots of work to do, say information security experts
• Public, private sectors must partner to defend against cyberattack
• Researchers believe spam should be fought at network level
• Compliance programs must keep up with changing technology
• Latest QuickTime version fixes several flaws
• Pair jailed for role in Zotob attack
• Study shows increase in orphaned lure sites
• Symantec, Juniper join forces for network, endpoint solutions
• Patch Tuesday sees three new fixes, none for Microsoft Word
• Cybertrust: Most businesses fear partners' security impact, but few do anything about it
• AT&T acquires USi for $300 million
• Industry views: Homeland Security directive to drive use of authentication devices
• TSA contractor sends personal information to wrong former employees
• California Wi-Fi law waits on governor's signature
• Was Schwarzenegger's office hacked?
• Five years after 9-11, most believe feds unprepared for cyberterrorism
• Cisco and Microsoft team up on NAC
• Former spyware company settles with FTC for $2 million
• What's changed in the three years since SoBig spread?
• Payment card companies announce new PCI organization, update standard
• Trio of fixes due on Patch Tuesday
• From The Security Standard: How financial world will react to FFIEC deadline still uncertain
• Cover story: PCI persists
• Know your client
• Does testing matter?
• Core Security: Multiple flaws in AOL messenger
• Lost elections and missing legislation
• News briefs
• Debate
• Criminals join myspace.com
• Company news
• Me and my job
• Needed: A holistic approach
• Elbow grease, not money
• Do you know where your data is?
• The show must go on
• Three days in the valley
• A virtual Tower of Babel rises
• IT admins scramble after faulty CA AV update
• Digital Resolve to add real-time phishing warnings to Internet Explorer 7
• Gromozon rootkit has infected 250,000 PCs
• New "extremely critical" unpatched flaw reported in Microsoft Office
• New "extremely critical," unpatched flaw in Microsoft Office reported
• Letter: Don't ignore the opinions of CSOs
• Events: Seminars
• Recruitment: People on the move - Appointment at Integralis
• Recruitment: People on the move - Appointment at ConSentry Networks
• Recruitment: People on the move - Appointment at PatchLink
• Recruitment: People on the move - Appointment at Internet Security Systems
• Recruitment: People on the move - Appointment at Deloitte
• Letter: Left phishing for answers
• Letter: Compliance on a budget
• The Month: ThreatStats - Virus landscape is dominated by strong pair as peak outbreak season approaches
• The Month: Briefs - Industry round-up
• The Month: Threat of the month - Flaw in Windows Server service
• The Month: Anti-virus software - Growing market
• The Month: The Poll
• The Month: Global snapshots
• The Month: HSBC launches review of customer security setup
• The Month: Researchers raise concern over RFID security
• The Month: Online multiplayer games at risk from hackers
• The Month: US Senate ratifies Convention on Cybercrime
• The Month: New threat to businesses emerges
• The Month: Symantec reports weaknesses in Windows Vista
• The Month: Twice as safe at Barclays
• MS06-040 exploits appear...again
• SonicWALL: Users can't consistently identify phishing messages