'So 2005 has gone down as the worst year for data security breaches,' says Calum Macleod, European Director of Cyber-Ark. 'I suppose the good news is that we seemed to be less troubled by viruses, so either the virus developers have got bored, or our anti-virus technology has got better, or maybe we're simply not aware of them.' In an article describing the do's and dont's of security, he hopes that IT can avoid some of the unpleasantness of the year just past.

OpenPages, the leading provider of enterprisegovernance, risk and compliance management (GRCM) solutions, todayannounced that Carnival Corporation & plc has selected OpenPagesSarbanes-Oxley Express (SOX Express) for its Sarbanes-Oxley compliance initiatives.Carnival will deploy SOX Express to automate the company's ongoing test andreview of its internal controls documentation in order to reduce the timeand resource costs associated with Section 404 and 302 compliance.

Although it should not be a problem for those using personal firewalls on their laptop, vulnerability researcher Mark Loveless, a senior security researcher for the Vernier Threat Labs, has been drawing attention to a wireless security vulnerability in Windows XP and 2000.

Today's bulletin covers one vulnerability in Embedded Web fonts and one vulnerability in Microsoft Outlook and Microsoft Exchange. The most severe of these vulnerabilities, MS06-003, has two exploit scenarios involving both the client side, with vulnerable versions of Outlook, Office Language Interface Packs, Office MultiLanguage Packs or Office Multilingual User Interface Packs, and the server side, with vulnerable versions of Exchange.

McAfee has announced that its President, Gene Hodges, has submitted his resignation from his position as President, effective immediately, to pursue the role of chief executive officer of Websense. Hodges' team will work directly with George Samenuk, chairman and chief executive officer. 'Gene has been a valuable member of our team and McAfee would like to thank him for his leadership as well as the many contributions he has made to our business during his tenure,' said Samenuk. 'We wish Gene well in his future endeavors.'

Softek Storage Solutions, the leader innon-disruptive data migration solutions, today announced a new capabilityof the Logical Data Migration Facility (LDMF) data migration software thatsignificantly expands the qualified storage arrays supported by theindustry's only on-line dataset-level migration software.

'Security update MS06-001,' originally planned to be released on Tuesday, January 10, as part of its regular monthly release of security bulletins, has been released early. Testing 'for quality and aplication compatability' has been completed earlier than anticipated, said Microsoft.

Consumer customers who use Automatic Updates will receive the update automatically and do not need to take any additional actions. Consumers can also manually download and deploy the update by visiting Microsoft Update or Windows Update. Consumers can also get more information at Microsoft's Security At Home Web site. Enterprise customers who are using Windows Server Update Services will receive the update automatically. In addition, the update is supported by Microsoft Baseline Security Analyzer 2.0, Systems Management Server and Software Update Services. Enterprise customers can also manually download the update from the Download Center. Microsoft will hold a special webcast on Friday, Jan. 6, 2006, to provide technical details about MS06-001 and answer questions.

McAfee has reached a settlement agreement with the U.S. Securities and Exchange Commission (SEC) resolving charges filed against the company in connection a formal investigation launched in 2002 in connection with its results in the year 2000 and prior. Under the settlement, McAfee has agreed, without admitting or denying any wrongdoing, to pay a $50 million penalty and not to violate in the future provisions of the United States securities laws. The settlement does not require additional restatement of the company's results. (McAfee had already recorded a charge of $50 million, in the quarter ending September 30, 2005, in anticipation of the penalty to be paid.)

Do you frequently wonder if you purchased the right media for recording data files, music or videos from your computer or DVD recorder? Do you often wonder if the product you bought will continue to work if your kids get ahold of it? Do you want a product that's easy to use, is sleek and complements your lifestyle? Don't fret. Imation Corp is here to help create a more positive experience that will help you to make a smart choice every time.

'Microsoft has been carefully monitoring the attempted exploitation of the WMF vulnerability since it became public last week,' the company said in a recent statement, 'through its own forensic capabilities and through partnerships within the industry and law enforcement. Although the issue is serious and the attacks are being attempted, Microsoft's intelligence sources indicate that the scope of the attacks is limited. In addition, attacks exploiting the WMF vulnerability are being effectively mitigated by anti-virus companies with up-to-date signatures.Based on strong customer feedback, all Microsoft's security updates must pass a series of testing processes, including testing by third-parties, to assure customers that they can be deployed effectively in all languages and for all versions of the platform with minimum down time.'

'Real-time communication solutions like instant messaging are powerful collaboration tools that create a new attack vector for threats to enter an enterprise network and new forms of digital communication with the same government, legal, and business requirements to retain and retrieve as email,' said Enrique Salem, senior vice president of Security Products and Solutions, Symantec. 'With the best-of-breed instant messaging management and compliance software from IMlogic, Symantec will be the first and only vendor to offer a complete security and archiving solution to help customers manage all their messaging requirements.'

Brocade Communications Systems, Inc. (Brocade(R)) , the world's leading provider of storage infrastructure solutions, announced that it is positioned in the 'Leaders' quadrant in the Fibre Channel Storage Area Network (SAN) Switch Magic Quadrant* for 2005, published by Gartner, Inc. Magic Quadrant (MQ) reports evaluate a company's vision and ability to execute.

The Finnish-based antivirus company F-Secure is recommending that systems administrators block access to all WMF files at HTTP proxy and SMTP level, as the WMF vulnerability reported on Monday is confirmed as still applying to all the main versions of Windows: Windows ME, Windows 2000, Windows XP and Windows 2003. As of yesterday there had still been no patch issues by Microsoft.

The 'vacation ownership' division and subsidiary of Marriott International has reported that backup computer tapes containing data pertaining to approximately 206,000 associates, timeshare owners and timeshare customers are missing from the corporate office in Orlando, Florida.

'We have a number of sites that we have found with this exploit,' said Alex Eckelberry, CEO of Sunbelt Software, as a new exploit emerged yesterday in the wild, capable of affecting fully patched Windows XP SP2 systems. The vulnerability in the WMF graphics rendering engine: 'These image files can be modified very easily to download any malware or virus,' Eckelberry warns.

About 20,000 systems were infected by a worm written by Anthony Scott Clark, 21, of Beaverton, OR, who pleaded guilty to launching DoS attacks against eBay and other companies in 2003. He faces as many as 10 years in prison and a $250,000 fine.

There are many anti-spam solutions available to the e-mail administrator, resulting in a daunting task when attempting to pick an anti-spam solution. Some general classifications of anti-spam solutions include (examples in parentheses): > Open source (SpamAssassin) > Standalone commercial applications (Sophos PureMessage for Unix) > Closely integrated with an existing e-mail solution (McAfee Spamkiller for Exchange) > Anti-spam gateway appliance (Ironport X1000) > Anti-spam service

Adaptec, Inc. (NASDAQ: ADPT), aglobal leader in storage solutions, today announced that it hassigned agreements with Sanmina-SCI, a leading electronicsmanufacturing services (EMS) provider, establishing a multi-yearcontract manufacturing relationship for the manufacturing ofAdaptec data protection, connectivity and storage products alongwith the sale of certain Adaptec Singapore manufacturing assetsand inventory to Sanmina-SCI.

Option (Euronext: OPTI, OTC: OPNVY), the wireless technology company, and Nortel [NYSE: NT , TSX: NT] have completed the industry's first successful demonstration of live HSDPA data card calls reaching a wireless transmission rate of 3.6Mbps - faster than the majority of current broadband connections. The test calls were carried out on commercial HSDPA network equipment at Nortel's research campus in Chateaufort, France.

In a statement today, Oracle spokesperson Bob Wynne said, 'We are very pleased with the Commission's decision and believe we are on track to complete this merger and begin serving our combined customer base in the first quarter of '06, as scheduled.'

Backup is the most important method for protecting mission-critical data. Traditionally, a backup system meant a tape drive attached to a server or mainframe. Software on the server regularly dumped an image of the entire set of disks to the tape each night. If things went well, someone pulled the tape out in the morning and put a new one in before going home at night. Advances in tape backup centered around making this process more efficient and safe by adding digital tape, encryption, automation, and compression. The core technologies - magnetic tape, tape drives, SCSI, and server software - didn't change. Even the addition of networked tape backup, either over a LAN or a Storage Area Network, only extended the old-fashioned model.

Remarkably, as we work with clients we discover that they rarely analyze the component costs of their operations. So let me make this easy: the bulk of the money is in whatever you do for data protection. But even if you know this, have you looked at the details of what you're protecting and how it flows through you systems? What components make up the bits you write? How often do you write them and why?

Michael Splain is one of only 12 Sun Microsystems Fellows. He is also a senior vice president and chief technologist at the company's scalable systems group, reporting to executive vice president David Yen and over to Sun CTO Greg Papadapolous. Splain explained how the company developed its recent 'Niagara' servers and held forth on a number of other topics in an exclusive interview.

The Sun 'Niagara' server announcement in New York marked what could be the most significnt change in direction for Sun since the company decided to re-name its operating system to Solaris. This change, however, is all about the hardware...or is it?

Oracle and Forum aim at conducting an Online webinar sharing first-hand experience from market leaders on SOA, BPEL and Service-Oriented Security Solutions.

Astaro Corporation has announced that the company's Astaro Security Gateway Firewall has entered the second phase of the Common Criteria certification process. Common Criteria for IT Security Evaluation (CC), also known as ISO standard 15408, was developed by the national security organizations of the United States, Canada, the United Kingdom, France, Germany and The Netherlands. It provides a broad range of evaluation criteria for many types of IT security products. Other countries around the globe also accept the standard.

Imation Corp, a provider of removable data storage media, has announced it is finalizing the development of both HD DVD and Blu-ray optical recordable media, with plans to utilize its proprietary hard coat protective disc coating in the development of both formats.

Forum XWall Web Services Firewall Service-Oriented Architecture security solution integrates market-leading Web services security policy enforcement with CA's eTrust TransactionMinder for transactional identity management; CA's eTrust Antivirus for virus management; and CA's Web Services Distributed Management for service provisioning.

Coraid has announced that Fiberlink Communications Corp., a leading innovator and trusted enterprise partner for secure mobile workforce solutions, has selected the Coraid 3U SATA-RAID EtherDrive Storage appliance to archive its stand-by offsite cold databases.

The recent detection of additional, severe security flaws in Internet Explorer is apparently helping drive record downloads of Opera 8.51, the latest version of Opera's award-winning Web browser - which, since its debut less than one week ago, has been downloaded by more than one million people.

Firmwware version 1.5 of the new Sony PlayStation Portable (PSP) has been hacked, and can now run unauthorized programs for those in the know. An earlier version had also been hacked, although Sony has also provided a version 1.51 that has apparently not yet fallen.

QuickSec Unified Anti-Virus is seamlessly integrated into QuickSec Unified, the only integrated OEM security platform on the market that enables networking equipment manufacturers to build complete unified security appliances that include SSL VPN, IPSec VPN, Firewall, intrusion prevention and anti-virus protection all in a single device, with optional hardware security acceleration for enterprise-class performance.

Responding to strong interest from Independent Software Vendors, Oracle has announced a series of seminars on Oracle Database 10g and Oracle Fusion Middleware 10g specifically tailored to the ISV community. Beginning in North America and moving into the EMEA, LAD and APAC regions in 2006, the sessions are designed to provide ISVs with the knowledge and skills they need to utilize Oracle technology, with content ranging from high-level overviews to in-depth technical training sessions.

Oracle has announced additions to its best-in-class identity management suite designed to meet the diverse needs of organizations across all industries. With the acquisition of Thor Technologies, a leading provider of cross-platform provisioning solutions and OctetString, a leading provider of virtual directory software, Oracle has significantly strengthened its portfolio of industry-leading identity and access management products.

GridApp Systems, a provider of database automation software and solutions, has appointed William Clifford and John Stevenson to its Board of Directors. The executives bring deep expertise in IT strategy and infrastructure management with more than 50 years combined experience leading world-renowned IT organizations. GridApp also announced the appointment of David Maples, formerly General Manager of DataSynapse, as vice president of business development. Maples will lead GridApp's channel and partner business development from Silicon Valley, California.

Oracle has announced that leading Independent Software Vendors and solution providers continue to show strong support for Oracle OLAP. AITG, arcplan, SolStonePlus and Vlamis, all members of the Oracle PartnerNetwork, are taking advantage of the embedded OLAP capabilities in Oracle Database 10g to quickly and easily deliver powerful, enterprise-class analytic solutions to help customers understand which factors are driving their business.

SafeNet, setting the standard for information security, has announced that it was ranked Number 228 on the 2005 Deloitte Technology Fast 500, a ranking of the 500 fastest growing technology companies in North America. Rankings are based on percentage revenue growth over five years, from 2000-2004. SafeNet grew 698 percent during this period.

'Dear Sir/Madam,' opens the latest e-mail atempting to wreak Sober-worm havoc across the Internet, 'We have logged your IP-address on more than 30 illegal Websites.' It is signed Steven Allison, Federal Bureau of Investigation-FBI...and it's in reality an in-the-wild worm.

LiveTime Software, a leading provider of Java 2 Enterprise Edition based service management software, has announced the general availability of the LiveTime Appliance, the industry's first service management appliance. Designed exclusively for 64 bit operation, the appliance has been specifically optimized for high concurrent access, fault tolerance and security and is based upon the Solaris 10 Operating System from Sun Microsystems.