A VoIP expert has unveiled new proof-of-concept software that allows an attacker to monitor other peoples' VoIP calls and record them for later review. Unencrypted VoIP really isn't very secure; if you have access to the raw network traffic of a call...

The SANS Institute released its top 20 security risks for 2007, which documents the security arms race between cyber criminals and the folks playing defense. But let’s focus on the big scourge–zero day attacks: http://blogs.zdnet.com/security/?p=691 ...

Research data says buffer overflow bugs outnumber Web app vulnerabilities, and some severe Microsoft bugs are on the decline. "And in case you were wondering, Microsoft's aggressive initiative to shore up its product security appears to be paying off...

WindowsSecurity.com article from Jakob H. Heidelberg on GPO stuff in Windows Server 2008: http://www.windowsecurity.com/articles/Group-Policy-related-changes-Windows-Server-2008-Part1.html http://www.windowsecurity.com/articles/Group-Policy-related...

...and why also the development of an AV solution needs to go through a Security Development Lifecycle (SDL)! The vulnerabilities in antivirus software make the programs as much a threat, as a help, to corporate network security: http://www.securityfocus...