March, 2007:

• Webroot: 40 percent of companies report disruptions due to malware
• Worm hides as fake Internet Explorer 7 beta download image
• MessageLabs: Junior sales employees commit most breaches
• eEye releases third-party patch for Microsoft Windows ANI handling flaw; active exploits tied to Chinese hackers, Super Bowl XLI attack
• Microsoft warns of Windows flaw that leaves users open to attack from malformed ANI files
• American Idol-mocking VoteForTheWorst.com slammed with DDoS attack
• 45.7 million-victim TJX Companies breach could lead to federal notification law
• Cisco patches VoIP flaws
• Kaspersky: Keylogger use up 500 percent in three-plus years
• Akonix: Instant messaging attacks up 200 percent in a year
• Cisco VoIP technology open to DoS attacks
• Sentencing in Connecticut teacher's 'porn or spyware' case pushed back
• Multiple flaws reported in IBM Lotus Domino products
• Ruby-written Metasploit 3.0 released
• Finjan: Developed countries host the most malware
• Layered defenses thriving in a post-Service Pack 2 world
• MySpace sues 'Spam King' for phishing
• Exploit code released for patched Microsoft Internet Explorer flaw
• Rudy Giuliani's campaign fixes SQL flaw on candidate's site; McCain MySpace page hacked
• SANS Institute to offer cert exams for application developers
• Phishing fraud emails target domain name owners
• Microsoft email application flaw targets Vista users
• Special Advertising Supplement: SC Essays - Protect your laptops
• Products: Specialised tools make comparison impossible
• Events & Seminars
• People on the move: Appointment at McAfee
• People on the move: Appointment at Sophos
• People on the move: Appointment at 7Safe
• People on the move: Appointment at MapInfo
• People on the move: Appointment at Northgate Information Solutions
• People on the move: Appointment at Teamphone
• Special Advertising Supplement: SC Essays - Enterprise Gateway Security
• The Month: New figures from APACS
• The Month: European Union fires warning shot
• The Month: Look behind the dot
• The Month: The Quote
• The Month: Global snapshots
• Analysis: Mark Mayne
• Analysis: The Poll
• Analysis: Lost identity - Theft is biggest risk
• The Month: Briefs - Industry round-up
• The Month: ThreatStats
• Letter: Remember the weakest link
• Letter: Start focusing on internal threats
• Digital certificates: Locked and loaded
• Infosecurity Europe: Listen and learn
• In association with Deloitte Webcast: PCI compliance
• Awards: Coming soon
• Special Advertising Supplement: SC Essays - Build a viable global response
• Special Advertising Supplement: SC Essays - Why one AV engine isn't enough
• Analysis: Threat of the month - Storm Worm
• The Month: UK internet service providers hit back
• The Month: EU Commission delivers results
• Users skeptical as Microsoft denies claims of Xbox Live hacks
• Oracle lawsuit claims rival SAP stole proprietary secrets
• Stration variant spreading through Skype
• SPI Dynamics creates script-based, self-propagating website vulnerability scanner
• Hacker accesses Social Security numbers of 71,000 Indiana health care workers, credit card info of 5,600 others
• Debian, Red Hat patch numerous OpenOffice flaws
• Mozilla fixes regression bugs in latest Firefox update
• Stolen TJX data used in Florida credit card fraud ring; Arkansas organization sues to see firm's data protection
• SecureWorks researcher discovers flexible Russian trojan, cache of stolen data from 10,000 accounts
• Taking the fight to end-user password insecurity
• How to protect against Web 2.0 threats
• The future of image spam
• Firms seeking PCI compliance face dilemma
• FBI: Web fraud cost more than $200 million in 2006
• PadaLabs: Trojan targets corporate data
• From InfoSec 2007: Effective biometrics solutions still face hurdles before widespread deployment
• From InfoSec 2007: Get company-wide support for successful security policy
• Hackers threaten month of MySpace vulnerabilities
• Symantec report: ID theft economy maturing
• Hot or not: Reverse code engineering
• Fortinet spots malware, phishing on Google Blogger.com pages
• Symantec begins layoffs
• Google to anonymize older search data
• Microsoft Internet Explorer XSS vulnerabilty could provide bite for phishers
• March Madness could lead to malware infection, experts warn
• Update: CD with personal information of 75,000 Empire Blue Cross members found
• California court drops charges against former HP chair Dunn
• OpenBSD flaw exploits IPv6 weakness
• FTC launches probe into TJX data breach
• SC Magazine CSO of the Year: Dennis Brixius, VP and CSO, The McGraw-Hill Companies
• Digital certificates and PKI have made a comeback
• With mergers and acquisitions taking hold, get used to ownership changes
• Keeping patch management under one roof
• Product section: SC Lab takes a look at email content filtering, policy management products
• Hot or not: Reverse code engineering
• Newspaper: Medical information of 75,000 Empire Blue Cross members lost
• Apple fixes 45 flaws on its own version of Patch Tuesday
• RSA Conference 2007: Showcasing the proof in the concept
• News briefs
• Viacom sues Google and YouTube over copyright infringement
• Debate
• Company news
• 2 minutes on...New flood of spam
• Me and my job
• Three E approach key to complicated compliance requirements
• Surveillance, biometric technology attracts venture capital investment
• Experts: Be aware of new Microsoft exploits despite patch-less Patch Tuesday
• Secret Service, Homeland Security team up on Alabama-based federal cybercrime education facility
• Indian trio charged with hacking, pump-and-dump stock scam
• Why organizations need software training
• Social networking sites a dangerous part of 'the college experience'
• Until all users are security-savvy, encryption is a sensible solution
• SEC freezes assets of unknown Eastern European scammers in pump-and-dump scheme
• Got something to say?
• Enlist a phased, proactive roadmap
• Few major daylight-saving time problems reported
• PandaLabs: Trojans, hybrid malware levels up in 2006
• GoDaddy hit by DDoS attacks, not daylight-saving time issue
• February DDoS attack 'badly damaged' two of 13 root web servers, says ICANN
• Symantec buys 4FrontSecurity, closer to completing Altiris deal
• Experts: IT professionals can't afford to ignore daylight-saving change
• Apple issues AirPort Extreme patch
• Microsoft says March to have a patch-free Patch Tuesday
• SEC halts trading of 35 stocks for pump-and-dump scams
• Core Security: GNU Privacy Guard flaw allows phishing-like attacks
• 'Highly critical' Citrix Presentation Server Client flaw reported
• LexisNexis hacker gets a year in jail
• Advanced Bayrob trojan targets eBay users
• Gartner: ID theft up 50 percent in three years
• Phishing scam uses other phishing scams to steal personal information
• IRC bot a growing threat to enterprise networks
• Marshal: Spam at an all-time high; Symantec: Porn spam at record low levels
• Mozilla releases updates for Firefox, SeaMonkey flaws
• Microsoft sews XBox privilege vulnerability
• Apple QuickTime update patches critical flaws
• Microsoft's Live OneCare brings up rear in anti-virus test
• McAfee names new president and CEO
• Survey: Most organizations believe insiders are biggest threat to intellectual property
• Six simple steps to managing privileged passwords
• Training for security beyond the PC and network
• Slow but steady market share increases for Firefox, Opera and Safari
• WordPress upgrades to fix flaw that allows malicious PHP code execution
• Windows Vista firewall weakness can be corrupted by attackers
• VeriSign iDefense: New attack blends rootkits with HTML-injections to phish users on the fly
• Expert: Mainstream media Rinbot reports overblown
• Texas A&M requires network-wide password change after attempted hacking
• Oracle to acquire Hyperion Solutions for $3.3 billion
• PatchLink's Harris buy could help both companies