full disclosure

TechRepublic Resources

• sort by:
• Relevance
• Date
• Popularity

Are BOTs aided by Open-Source model?

Dave Marcus ofMcAfee’s Avert Labs says that developers of malicious software includingTrojans and bots are benefiting from the open-source development model. Apparently developers of the Agobot malwarefamily are using CVS ConcurrentVersions System to manage source file and collaborate—this greatlyincreases the speed at which updates can be propagated and modificationschecked/tested.A...

Tags: bot, McAfeeÂ, open source

Blog posts 2006-07-28

Firefox/Mozilla/Netscape exploit code

posted."Mozilla/Firefox/Netscape Browsers IDN URI Buffer OverflowDescription: Exploit code has been publicly posted for the IDN URIbuffer overflow in Mozilla, Firefox and Netscape browsers"Exploit Codehttp://www.frsirt.com/exploits/20050922.PwnZilla.phpThis exploit was reported last week, the code was released this week.but not to worry:"FireFox, Mozilla and Thunderbird Remote Command InjectionAffected:On UNIX platforms:Mozilla Firefox 1.0.6 and priorMozilla...

Tags: Web browsers, E-mail clients, Mozilla Corp., Mozilla Thunderbird, Mozilla Firefox

Discussion threads 2005-09-23

Bug hunters, software firms in uneasy alliance

Bug hunters, software firms in uneasy alliancearticle rootBug hunters, software firms in uneasy allianceAccording to Microsoft's "responsible disclosure" guidelines, bug hunters should delay the announcement of security holes until the company has provided a fix. However, independent security researcher Tom Ferris says that Microsoft takes way too long to fix...

Tags: alliance, bugs, flaws, full disclosure, hunter, microsoft, Microsoft Corp., Microsoft Response, responsible disclosure, security, software, Sonja Thompson

Discussion threads 2005-09-06

Additional Resources

Microsoft fights with researcher over Full Disclosure

Who's right on full disclosure?Should zero-day exploits ever be disclosed even if the vendor decides to wait a long time for the patch? Who's side do you take on this?http://blogs.techrepublic.com.com/Ou/?p=465

Tags: Patches, george_ou@..., Microsoft Corp.

Discussion threads 2007-04-09

Best Practices in e-Discovery and e-Disclosure: Using ZyIMAGE as Your Corporate Discovery and Disclosure Tool

Familiarity with discovery and disclosure processes is, by necessity, increasing. Many ZyLAB clients work in, or perform functions consistent with, investigative, intelligence and legal fields, so these clients typically have some type of existing knowledge about discovery and disclosure. However, compliance, auditing and security regulations have forced the corporate sector...

Tags: Disclosure, Discovery, Best Practice, Tool, Organizational Structure, Human Resources

White papers 2006-02-17

non-disclosure form

the company is seeking external system integrator to help solve some network issues. as the engineers/consultants will be accessing to the network information, the company would like to have the system integrator sign a non-disclosure form.appreciated someone able to share sample of a non-disclosure form? also shall this form...

Tags: non-disclosure form

Q&A 2006-08-25

MailSniffer (exe)

Full control over your employees' correspondence and elimination of threats of information disclosure and insiders' activity by intercepting all incoming and outgoing e-mail. Full text search in heading, body and attached files. This version is the first release on CNET Download.com.

Tags: E-mail, Online Communications

Software downloads 2007-06-07

Need for Speed: Carbon: Prima Official eGuide (exe)

Complete track maps. Full stats for all upgrades so you can trick out your car for ultimate performance. All car stats give you the lowdown on each whip. Exclusive interview with Emmanuelle Vaugier. Expert strategies to rule all territories. Master unlock lists to help you get 100% of the cars....

Tags: Performance Management, Strategy, Human Resources, Workforce Management, Management

Software downloads 2007-08-06

Conflict of Interest Disclosure Policy

Concerned that a client, vendor, consultant, or employee might have an undisclosed conflict of interest which may cause problems for your company? Implement a Conflict of Interest Disclosure policy. Use this policy as-is or customize it to meet your needs. This download is available...

Tags: Policy

Download resources 2008-08-22

Consumers 0, Cybercriminals 1: The public disclosure debate

IF VIRUS WERE ENDED THE WHOLE THING WOULD STOPThis search for vulnerabilities is making engineers and proprietors nervous."Everything that we make in our corporation is perfect".You're looking everywhere but at the heart of the problem.It's like a room full of auto mechanics and nobody sees the flat tire.

Tags: SECURITY, BALTHOR

Discussion threads 2007-06-11

404 Path disclosure in IIS 6.0

When I scan my SMS 2003 Site Server with GFI Languard, there is a medium level vulnerability that shows up. Its the "Web 404 path disclosure" vulnerability. Anyone know how I can remedy that? I've tried googling it and technet and even followed the link that GFI 6.0 provides but...

Tags: lsmith1989, Microsoft IIS 6.0, Microsoft IIS Server, Path, security, vulnerability

Discussion threads 2005-06-01

Flaw in mail-list software leaks passwords

Stay on top of the latest tech news with our free IT News Digest newsletter, delivered each weekday. Automatically sign up today!By ...

Tags: OPEN SOURCE, SECURITY, UNIX, Patches, software, Mailman Web site, Mailman, password

Technical articles 2005-02-11

IT Manager Webcast: Microsoft IT Compliance: Policy, HBI, SOX, and PCI (Level 200)

Disclosure of High Business Impact HBI information might cause severe material loss to Microsoft, the information asset owner, or relying parties. The attendee of this webcast will learn how Microsoft developed HBI policy that complies with SOX and the Payment Card Industry PCI standards. The attendee will also learn how...

Tags: Webcast, Sarbanes-Oxley Act, Compliance, PCI, Microsoft Corp., Sarbanes-Oxley, Regulatory Compliance, Asset Management, Quality, Regulations, Operational Accounting, Government, Financial Accounting, Finance, Human Resources, Policies And Procedures, Operational Planning, Business Operations

Webcasts 2008-04-03

The anxious new dawn of cybersnooping

It's in thereAt the risk of showing faulty memory, I think the Privacy Act already does more than the article gives it credit. It has always referred to systems of records MAINTAINED by an agency, with no reference to how the records were created or acquired. If an...

Tags: agency, FEDERAL REGISTER, Privacy Act, privacy, juststaff, it management

Discussion threads 2006-05-04

A Guide to the Sarbanes-Oxley Act and Email Security

Email communication policy is an integral part of controls to safeguard information from unauthorized use, disclosure, modification, damage, or loss. Email communications is an important means of moving revenue and cost information to those analyzing it, a means of circulating financial reports internally, and communicating information to those who will...

Tags: Financial, Sarbanes-Oxley Act, E-mail Security, Email Communication Policy, Email Communication, E-mail, Cyberthreats, Sarbanes-Oxley, Regulatory Compliance, Online Communications, Security, Regulations, Government, Financial Accounting, Finance, Human Resources, Policies And Procedures

White papers 2004-11-01

Is OpenBSD security better than other operating systems?

At the beginning of the year I looked at the installationof OpenBSD as well as configuration of firewall and VPNservices. OpenBSD is one of the most secure operating systems out there, theyproudly claim on the front page of their website “Only one remote hole in the default install, in more...

Tags: OpenBSD, operating system, security, vulnerability

Blog posts 2006-06-27

Auto e

I'm running Exchange 2003 and need to embed a disclosure message for all outgoing e-mail. Can anyone tell me the easiest way to accomplish this task?

Tags: E-mail servers

Q&A 2005-02-10

Download this policy template to outline proper relationships with vendors

IT leaders and staff are continually interacting with vendors and establishing relationships. Download this conduct policy and disclosure form to use as a template for your own policy to ensure that your staff knows the proper conduct expected of them.Vendors plying their wares and products constantly approach tech leaders and...

Tags: Business structures, Judith N. Mottl, disclosure form

Technical articles 2002-04-12

Should breach of security notification be legislated?

Depending on whom you ask, you'll get various opinions about whether companies should be required by law to disclose computer security problems to their customers. Let's face it: No matter what you do to secure online information, there's always going to be someone trying to find a way to break...

Tags: Jonathan Yarden, security, software

Technical articles 2003-08-26

MS Word: Document-level Security

I am looking for a method to restrict access to a Microsoft Word document. The goal is to allow access to specified users via specified PCs. Password-protection will not help me because the password can be shared with an outsider. I have researched Microsoft's Rights Management tools and I think...

Tags: Microsoft Corp., Microsoft Word, rroenigk, security

Q&A 2005-03-11