A new Trojan exploiting the Microsoft RPC flaw propagates automatically through networks and finds cached passwords.

Microsoft issued an out of cycle update, plugging a dangerous hole that could be used to craft a worm attack.

Microsoft said it plans to release a critical security update out of its normal patching cycle to plug a hole that affects Windows 2000, XP, and Windows Server 2003.

IBM released updates for its DB2 database management system, fixing a variety of flaws that could be exploited by hackers to bypass security controls.

Cisco Systems warned customers Wednesday that its Adaptive Security and PIX Security appliances contained flaws affecting the security of VoIP and VPN connections.

The new Laptop Guardian tracks the location of lost or stolen laptops and gives IT pros the ability to wipe the hard drive remotely.

Penetration tester Chris Nickerson talks about the fun of penetration tests, the risks of outsourcing and unveils how ethical hacking helps companies with risk assessments.

Layoffs, mergers and acquisitions are forcing some IT security pros to look closely at the internal threats posed by disgruntled employees and mishandled data.

An inspector general audit criticizes the IRS for deploying a customer data and account management system with known security vulnerabilities. The IRS tried to have the report suppressed.

McAfee addresses its NAC gaps while customers seek ways to meld network and endpoint security technologies.