Anatomy of a Database Attack   12 Sep 2006 13:00 GMT
LIVE WEBCAST
Register to attend this live webcast; Anatomy of a Database Attack, presented by Aaron C. Newman, Co-Founder and Chief Technology Officer of Application Security, Inc., to learn the guidelines and best practices on how businesses can secure databases against unauthorized access. This webcast will air on September 28, 2006 at 02:00 PM Eastern Daylight Time.
Source: Computerworld

Crikey, he found a feisty one   12 Sep 2006 13:00 GMT
The death of the Crocodile Hunter brings a few security lessons to our columnist's mind.
Source: Computerworld

Survey: Most insider-related data breaches go unreported   12 Sep 2006 13:00 GMT
The main reason many breaches aren't reported is that companies just don't have the resources to devote to the problem, according to Larry Ponemon, author of the survey.
Source: Computerworld

Web Application Security: Automated Scanning or Manual Penetration Testing   12 Sep 2006 13:00 GMT
As web applications become increasingly complex, tremendous amounts of sensitive data - including personal, medical and financial information - are exchanged, and stored. The consumer not only expects, but demands, security for this information. Join the Watchfire's Security Analyst, Danny Allan, for the "Web Application Security: Automated Scanning or Manual Penetration Testing" web seminar where he examines a vulnerability detection methods - specifically comparing and contrasting manual penetration testing with automated scanning tools.
Source: Computerworld

MS06-054: Vulnerability in Microsoft Publisher Could Allow Remote Code Execution (910729)   12 Sep 2006 08:00 GMT
Bulletin Severity Rating:Critical - This update resolves a newly discovered, privately reported vulnerability. The vulnerability is documented in the "Vulnerability Details" section of this bulletin. If a user is logged on with administrative user rights, an attacker who successfully exploited this vulnerability could take complete control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights. We recommend that customers apply the update immediately
Source: TechNet

MS06-053: Vulnerability in Indexing Service Could Allow Cross-Site Scripting (920685)   12 Sep 2006 08:00 GMT
Bulletin Severity Rating:Moderate - This update resolves a newly discovered, privately reported vulnerability. The vulnerability is documented in the "Vulnerability Details" section of this bulletin. The vulnerability could allow an attacker to gain unauthorized access to information. Note that this vulnerability would not allow an attacker to execute code to elevate their user rights directly, but it could be used to produce useful information that could be used to further compromise the affected system. We recommend that customers consider applying the security update.
Source: TechNet

MS06-052: Vulnerability in Pragmatic General Multicast (PGM) Could Allow Remote Code Execution (919007)   12 Sep 2006 08:00 GMT
Bulletin Severity Rating: - Vulnerability in Reliable Multicast Program Could Result in Remote Code Execution (919007)
Source: TechNet

Schwarzenegger PC may have been hacked   12 Sep 2006 03:20 GMT
Police are investigating whether hackers illegally downloaded a private taped conversation from state computers.
Source: ZDNet

'Second Life' suffers real-world breach   11 Sep 2006 05:45 GMT
The online virtual world suffers a computer security breach that exposed the real-world personal data of its users.
Source: ZDNet

New Wrinkle in PLM Security Controls   11 Sep 2006 04:54 GMT
As a new PLM rollout is planned, a new requirement suddenly crops up. Data will be shared with outsiders, and Mathias Thurman wants it all done securely.
Source: Computerworld