Stories by: Ellen Messmer

Step 1: Identify a computer virus specimen. Step 2: Create a "signature" to detect and eradicate the virus, and push the signature file out to a computer. Step 3: Repeat steps 1 and 2 again and again for new viruses and their variants.

Cybercriminals operating worldwide are benefitting from ineffective law enforcement and a growing economic recession that could make jittery people more susceptible to cybercrime scams.

The criminal market online for buying and selling stolen credit cards, pirated software and information about financial accounts is thriving, according to a report published Monday by Symantec.

The University of Texas at San Antonio Tuesday announced a technology incubator aimed at fostering IT security-based start-ups within the state.

The PCI Security Standards Council Monday unveiled a plan to sharpen oversight of the hundreds of security-service providers now authorized to evaluate merchant networks under the organization's Payment Card Industry data standards.

They are etched into the conventional wisdom of IT security, but are these 12 articles of faith (to some) actually wise, or are they essentially myths? We've assembled a panel of experts to offer their judgments.

McAfee on Monday announced an agreement to acquire Secure Computing in a transaction valued at US$465 million that is expected to be completed by year-end.

Best Western International Monday acknowledged it suffered a data breach that exposed sensitive customer information at a European hotel, but strongly disputes claims that an attacker gained access to 8 million customer records with credit-card numbers. Best Western insists no more than a dozen customer records were compromised.

Open source software is a significant security risk for corporations that use it because in many cases, the open source community fails to adhere to minimal security best practices, according a study released Monday.

The unfolding cliffhanger in San Francisco this week -- in which a city network administrator has been arrested for allegedly holding the network hostage -- represents an extreme example of the insider threat that IT security vendors and others have been sounding the alarm about for years.

Security issues often seem to smolder more than burn, but these six are certainly capable of lighting a fire under IT professionals at a moment's notice. Handle with care.