I’m starting another new section on my blog where I highlight some of the days interesting information from the blogosphere. The sites I link to may contain breaking news, helpful tips, new products, important patches, and even the occasional joke or comic. I may not be able to release a new post every day but I will certainly try (on slow news days I may just end up combining a couple of days together). Enjoy!

Sophos: China fixing spam problem; U.S. is not

The amount of spam pumping out of China dropped precipitously in the first three months of 2007, security vendor Sophos reported Wednesday.

A third of IT managers report data breaches: survey

In a recent survey of 83 corporate IT managers, 28 acknowledged having had to cope with a data breach, and half of those respondents reported significant related costs.

Slavasoft FSUM and Hashcalc md5 & File Integrity for Windows

FSUM is a fast and handy command line utility for file integrity verification. It offers a choice of 13 of the most popular hash and checksum functions for file message digest and checksum calculation.

Effective Vulnerability Management (Part 1)

Vulnerability assessment scanning has been the primary means for the majority of organizations to attempt to determine their security posture against an external threat environment. Essentially the security group will scan the environment against a database of known vulnerabilities and then request the operations team resolve the vulnerable conditions.

German Police Want the Right to Hack Computers

German Interior Minister Wolfgang Schaeuble has confirmed plans to seek a change to the constitution to allow the state secret access to the computers of private individuals, in an interview published Thursday.

Obscure Email Security Issue: 5 Lessons About Re-using Email Addresses

Does your organization ever re-use email addresses whenever someone leaves the company? Do you know that some of your customers’ and personnel’s email service providers re-use email addresses when their subscribers leave? Probably more than you realize.

Introduction to Identity Management – Part I

Depending on where you sit, Identity Management (IDM) is irrelevant, a holy grail, or a complete boondoggle. Having experienced all three situations at one time or another, and more recently seeing it actually work, it’s time to demystify the subject matter. In this article, we will cover the conceptual framework of Identity Management, and touch on some of the more important terms and methodologies.

New Vulnerability in Windows Help Files

Just in time to coincide with Microsoft Tuesday Patches, another new vulnerability is released to the world. This time the vulnerability was found in Windows Help (.hlp) files. This flaw enables an attacker to make use of a heap overflow in order to achieve arbitrary code execution.

The C-I-A Triad – weighed and found wanting

Believe it or not, the field of Information Security has changed! Foundational concepts, such as the traditional C-I-A triad (Confidentiality, Integrity, and Availability) are being challenged and supplanted by a more inclusive model known as the Parkerian Hexad