As security firm Fortinet celebrates 10 years in business, Fortiguard Labs took a look at the 10 most intriguing threats during the past decade and showed how their feature sets have evolved, Darwin-like, over time.

A recent mass-spreading email worm demonstrated how far user education, industry collaboration and technology have come to fight malware, but it also served as a reminder that the criminals remain one step ahead.

To avoid unintended consequences, organizations considering moving applications, such as email, to the cloud must ask lots of questions.

A top Symantec engineer recounts one of the most exciting days of his career: Ten years ago this week, the ILOVEYOU, or LoveBug, worm spread across the world and crippled PCs.

In 2004 at the World Economic Forum, Bill Gates proclaimed: "Two years from now, spam will be solved." Six years later there is no indication that the spam problem will ever be solved. So what went wrong?

IT departments, when facing the possibility of a disaster, may want to take a page out of the U.S. military's playbook.

User names and passwords aren't secure, and momentum continues to build across the industry to solve this problem in a manageable way.

Research firms have been saying for quite some time that the antivirus/perimeter approach to security is dead, and targeted attacks could very well be the final nail in the AV coffin.

Humans are oftentimes gullible and inquisitive, and spammers are taking full advantage.

What happens when "good enough" just isn't good enough anymore?

It seems information security is getting to the front line of business imperatives. More than ever before, executives are giving IT security and data protection initiatives the attention they've required for some time

Hurtling into our annual Reboot edition, I became conscious of the break-neck speed at which 2007 has come to its end.

The screaming headlines have been running for years. Whether they're in press releases about cybercrime exceeding international drug profits or the billions of dollars lost to breach disclosures or videos highlighting the meltdown of power generators due to a myriad of vulnerabilities, the anti-malware industry has long relied on fear to move their products.

Looking out across the threat landscape, it is important to remain cognizant of the various threat vectors that are open and available for enterprising individuals to act upon.

As long as people have competed against others, whether commercially, militarily or athletically, their organizations have possessed information or practices that need to be kept secret.

Send your comments, praise or criticisms to SCfeedbackUS@haymarketmedia.com. We reserve the right to edit letters.

Although image spam is not new, it continues to grow both in sophistication and at alarming rates, so much so that it has become a major topic of concern among security industry experts.

Its the economy, stupid. It worked for spammers now, and it will work for spammers in the future.

In April 2006, after a five-year review, the Supreme Court approved changes to the Federal Rules of Civil Procedure (FRCP) that went into effect on Dec. 1, 2006.

When the subject of email security is mentioned, the first thought that comes to mind is spam or more appropriately anti-spam.

Webster defines security as, the quality or state of being free from risk of loss and that measures [are] taken to guard against espionage or sabotage, crime, attack or escape.

A new type of threat has emerged that poses a significant risk to businesses - this threat is real. There are examples of it in the news. There are security experts who are warning against the risk. So why are most companies ignoring it?

Secure Sockets Layer (SSL)-encrypted communications constitute a significant and growing percentage of the traffic in the enterprise LAN and WAN. However, as many IT managers are aware, the privacy benefits provided by SSL can be overshadowed by the vulnerabilities encryption brings to the enterprise network.

IT security has the potential to impact a business at every level. Few other business areas, if any, have the potential to damage customer relations, disrupt supplier dealings, lower employee productivity, lose revenue and even lead to the arrest of the CEO.

As a fast growing company that has developed its business around proprietary technologies, WebEx faced the same dilemma. We needed to prevent intellectual property (IP) and other sensitive information from leaving the company via the corporate network but didn't want to change or disrupt our working environment. We initially tried to handle network security and stem information leakage by communicating security policies to employees, but this approach gave us no way to monitor network usage or to enforce our written policies.

The internet has come under a sustained and significant threat from network malware, especially since the emergence of the global Windows network worm in 2001 with Code Red and Nimda. Prior to this, most network worms were on a small, localized scale.

The popularity of online streaming videos, social-networking and shopping sites have created new attack vectors for hackers to spread malicious code that could wreak havoc on company networks. Small to mid-size businesses (SMBs) across a variety of industries not only have to deal with everyday IT issues, but also face the challenge of securing and managing employee Internet access.

Although email spam has long been around, it has only recently become increasingly widespread and advanced. One would think that with the ever-advancing technology, there would be a way to combat these annoying pieces of email bombarding our inboxes. But as computer technology becomes more sophisticated, so too does spam.

We used to live in an analog world. We played records, radio stations had static interference, we flattened out dollar bills to work in vending machines and we anguished over hanging chads. Sure, everything was converted into bits and bytes in the end, but the world we interacted with was a physical one.

In the last six months, image-based spam has pushed its way to the forefront of spam technique discussions. Image-based spam is not new, but it is now wreaking havoc on the effectiveness of many anti-spam products.

The concept of organizations keeping a watchful eye on employees during company hours is nothing new. From the introduction of the time card 120 years ago, which required employees to clock in at the beginning and end of the work day, employee monitoring has evolved from simple confirmation that individuals are present and accounted for, to more detailed insight into employee activities taking place while "on the clock."

Today one out of four emails on the internet is an image spam message. This is not because spammers have just realized the marketing benefits of captive colors. Instead, this is because the spammers have identified a weakness in many anti-spam systems and are moving diligently to maximize this opportunity by fully exploiting this weakness.

It's pretty unlikely that employees wished this holiday season for even more email and spam messages to be waiting for them in their inboxes each morning. However, the reality is that organizations - across all industries - have experienced a dramatic increase in inbound email over the past calendar year, much of which is spam, and inbound email volumes will likely continue to increase at a rapid pace during 2007.

We've all heard about the recent rise in spam, and while I dislike spam as much as the next person, I recently received a spam message that got me quite excited.

The speed of change in IT security is intense and often seemingly chaotic. Security solutions today must constantly morph to reflect not only the shifting needs of customers, but also the advancing capabilities of security threats. The proliferation and progression of DoS attacks and phishing sites, to name a few, demand new means to detect and block criminals. Senior executives, meanwhile, want simplicity and better command and control over the many security solutions they implement. Despite this ever-changing landscape, there are, however, a number of general trends that, from our view as investors, are likely to organize and drive development of IT security products and services over the near and intermediate term.

The Yahoo-Cisco technology is expected to combat phishing and spoofing, but it's not a magic bullet that can kill spam.