Looking for data leaks in email, IM and web traffic is easy, but that does not even begin to solve the problem. These are just few applications among the hundreds of application that are capable of file transfer – peer-to-peer applications, skype, online backup services and gmail to name a few. There are many examples of organizations losing data through peer-to-peer networks, such as Walter Reed and the Tokyo Police department.

In this Read-Write-Web article, the author highlights what many corporations are struggling with: how best to balance the technology desires of the new generation of employees with the associated security and business risks. The old days of summarily blocking an unknown application is no longer an appropriate response since the user may be the CIO [...]

Microsoft announced their scheduled November security bulletin today at 10am PST which covers 4 Microsoft vulnerabilities. Palo Alto Networks released coverage for the Microsoft vulnerabilities covered in the November security bulletin in content version 94 which was released today at 1pm PST.
Here are the vulnerabilities that were released by Microsoft today:
Microsoft Windows SMB Authenticate by [...]

ANALYSIS – This ZeroPaid article projects some fairly aggressive growth for the use of P2P technology and in most markets, a 400% increase would be somewhat uplifting, particularly in this dismal economy. You see, 400% growth usually means increased revenue, profits, jobs etc. But in this case, 400% growth is not surprising and unfortunately, it [...]

ANALYSIS – This Lifehacker article, like many others this past week, highlights the long talked about move by Microsoft to make Office available as an in-the-cloud/web service or whatever the latest definition of this category is….
Tools like Google Docs, Zoho and other web-based productivity suites are gaining in popularity for several reasons. They are not [...]

Microsoft announced an unscheduled security bulletin today at 10AM PST that they have a critical vulnerability (MS08-067) which affects Windows 2000, XP, 2K3 Server, Vista, and 2K8 operating systems. This vulnerability is a buffer overflow in the Windows Server service. The vulnerability exists in the way the Server service handles Remote Procedure Call (RPC) requests. [...]

ANALYSIS – This SearchSecurity article discusses the need for businesses units to not only talk with security teams but to go so far as to establish a partnership that benefits the company bottom line. Just imagine, business units and security teams working together to enable application usage and move projects forward smoothly and efficiently as [...]

A couple of weeks ago, McAfee acquired Secure Computing for $465M. For those who missed the irony in it, McAfee had previously sold a big portion of its network security business to Secure Computing, leaving many customers in the lurch. Now, with this latest acquisition, McAfee is getting a messaging security business (originally Ciphertrust) which [...]

This week Google has announced the Chrome browser. I tried it. It is ok for now – not great – but ok. It’s fast and clean but missing some key features and many sites still don’t work with it. I think the importance of this Chrome browser is what it tells us about Google’s plans [...]

Does anyone out there share my feeling that innovation in network security has become quite scarce? I mean, look at it – the core of network security, the almighty firewall, hasn’t changed in almost 15 years. Not only is it still using the same good old Stateful Inspection to inspect traffic and control it (which [...]