Stories about: TippingPoint

Microsoft's impending announcement at Black Hat on the 7th of this month, titled "Secure the Planet! New Strategic Initiatives from Microsoft to Rock Your World", being delivered by some of the best security names inside Microsoft, has already gained the attention of many in the wider community.

A group of security researchers Wednesday said they have infiltrated one of the world's biggest botnets and can snatch control of compromised machines from the hackers.

The security researcher who walked away with US$10,000 last week by hacking a MacBook Air in less than two minutes said he chose to attack Apple's operating system for one simple reason.

The security conference that last year made headlines with a hack challenge whose winner walked away with a US$10,000 prize is reprising the contest next week -- this time with more money at stake, the contest's organizer said.

Microsoft issued four critical updates Tuesday that quashed 12 bugs in Office, the company's business suite, including a flaw in Excel that has been exploited by attackers for more than two months.

The man who launched both of the security industry's major bug bounty programs Thursday defended the idea of paying for vulnerabilities, but also said he has responded to critics by putting a tighter lid on bug details to make sure they don't fall into the wrong hands.

Users of the open-source Samba software are being urged to patch their code following the discovery of a critical bug in the file-and-print software.

A hacker managed to break into a Mac and win a US$10,000 prize as part of a contest started at the CanSecWest security conference in Vancouver.

Becoming the chief information security officer (CISO) of a corporation makes you a strategic IT advisor to business management, the chief information officer, and the rest of the information technology staff. Just as no company is the same as another, the job of CISO -- or alternately, "chief security officer," which might include physical security as well -- isn't either. The four security professionals who share their priorities with us make it clear there's nothing cookie-cutter about the top IT security job.

VOIP gear from major vendors can be made secure, but it doesn't come out of the box that way, experts warned at RSA Conference 2007.

Drowning in signature libraries and reactive event information that is of little value in locating attacks in progress, network security managers are fed up with signature-based intrusion-detection systems that have been the backbone of network security. Amid an ever-shrinking time gap between vulnerabilities and exploits, signature-matching IDS already has become obsolete, analysts and users say.