Offering regional and national programs, CIO (and CSO) events bring together some of the most respected names and thought leaders in information technology and security. Presented by CIOs and other senior level executives, these invitation-only programs offer timely topics and strong networking. Learn More »
Social Responsibility's Strategic Benefits
December 15, 11:30 AM - 12:30 PM US/Eastern (GMT-5)
Join Ed Granger-Happ, CIO of Save the Children, for a discussion of how creating an organization that is socially responsible improves staffing, retention, leadership development and overall corporate health.
Working With and Communicating to Your Board of Directors
January 13, 2009, 4:00 PM - 5:00 PM US/Eastern (GMT-5)
CIO panelists who will share tips and experiences working with their boards: Twila Day of SYSCO; Jeff O'Hare, West Corp.; Marc West, formerly with H&R Block.
IT's Role in Growing Mid-Market Companies
January 14, 4:00 PM - 5:00 PM ET (GMT-5)
Mid-market Council members will share their companies' stories and challenges in driving or coping with growth. Panelists represent Veterinary Pet Insurance, Medicis Pharmaceutical, and Intrax Cultural Exchange.
Learn more about the CIO Executive Council »
Apply today for a FREE subscription to CIO Magazine!
April 21, 2008 — IDG News Service —
A notorious online gang known for its prolific phishing operations has expanded its means of attack, potentially putting more PC users at risk of losing personal data.
The Rock Phish gang surfaced around 2004, becoming well-known for its expertise in setting up phishing sites, which seek to trick people into divulging sensitive data, as well as for selling phishing kits designed for less technical cybercriminals.
Now, the phishing sites linked with the Rock Phish gang are being rigged with a drive-by download, a type of attack that can infect a PC with malicious software without any interaction by the user, researchers from vendor RSA said Monday.
The one-two punch means that even people who go to the phishing site but aren't fooled into inputting their personal details could still be infected, wrote Uriel Maimon, a senior researcher, on RSA's blog.
The phishing Web site tries to exploit any software vulnerabilities, and if it finds one, will then load the Zeus Trojan onto the PC. Zeus is particularly dangerous: it can collect data on forms, take screen shots, pilfer passwords from browsers and remotely control the computer, Maimon wrote.
Zeus also comes in at least 150 flavors. One of the phishing kits being sold now for US$700 masks how Zeus appears to security programs. That kit uses a binary generator, which creates a new binary file for Zeus for every kit.
Antivirus programs uses signatures, or data files, that describe what malicious programs "look" like in order to be detected. But creating new binaries can render security programs blind. Most of the popular antivirus programs can't detect the variants.
"These files are radically different from each other, making them notoriously difficult for antivirus or security software to detect," Maimon wrote.
Copyright © 2008 IDG News Service. All rights reserved. IDG News Service is a trademark of International Data Group, Inc.
This report shows the findings of a recent Proofpoint and Forrester Consulting study on e-mail security, data loss prevention, and includes statistics on electronic risks.
Learn how Proofpoint delivers a dedicated, hosted e-mail security solution that combines state-of-the-art anti-spam and virus control.
Learn about the key e-discovery challenges facing legal and IT departments today and how businesses can develop an e-mail archiving strategy to deal with e-discovery requests.
Download this paper to learn why e-mail encyrption is critical to an organization's overall security architecture and the advantages of identity-based encryption.
This whitepaper discusses the latest global regulations that impact the e-mail security policies and strategies of today's enterprises, universities and government organizations.
Operational Excellence Is Key to Maximizing IT Investments
The Business Case for Web Application Firewalls, by Ken Tyminski, former VP and CISO for the Prudential Insurance Company of America
Optimizing Infrastructure Control
File Integrity Monitoring: Secure Your Virtual and Physical IT Environments
Configuration Assessment: Choosing the Right Solution
Effective Security with a Continuous Approach to ISO 27001 Compliance
Want to Improve your Global Organization's Agility? Leverage the Power of ECM
Protecting Sensitive and Confidential Information with Endpoint Security
Endpoint Security: Compliance at the Endpoint
Cash in on the promise of virtualization - without the management risks.
IDC on the Blueprint for the Future Data Center
Data Protection: Challenges for the Traveling User
Resource Alerts
Get instant email notifications by topic when white papers, webcasts, and case studies are added to our library.
Clearwire, Sprint Close WiMax Deal
Netbooks: Small, Cheap -- and Fast?
Clearwire, Sprint Close WiMax Deal
'Social Mobile' Applications: the Missing Book
Vista SP2 Due Next April, Says Report
Fear of More Attacks Could Hurt Business in India
London Hospitals Almost Back Online After Worm Infection
Google Earth Used By Terrorists in India Attacks
Microsoft and Yahoo Dismiss Report of Search Deal
China'S NetDragon Teams with EA on Online Game
Just the basics, please. Sometimes we all need a refresher or we need to make sure our team and our colleagues are all on the same page.
Over 25 tutorials on everything from business intelligence to virtualization.
- CIO|
- Computerworld|
- CSO|
- DEMO|
- Game Pro|
- Games.net|
- IDG|
- IDG UK|
- IDG Connect|
- IDG Tech Network |
- IDG World Expo|
- Industry Standard|
- InfoWorld|
- ITworld|
- JavaWorld|
- LinuxWorld|
- MacUser|
- Macworld|
- Network World|
- PC World|
- Playlist|
- CIO UK|
- CIO Germany|
- CIO China|
- CIO Sweden|
- CIO Australia|
- Other CIO Sites
