Security News Archive |
 |
| 23 Oct 2009 |
|
| |
Trend Micro to address DLP after analyst report criticizes strategy
Trend Micro CEO Eva Chen said the company plans further development to its data leakage protection product, integrating it with its threat management appliance. |
|
|
| 22 Oct 2009 |
|
| |
Oracle delivers database fixes in Critical Patch Update
(SearchOracle.com)
Oracle has shipped 38 database fixes affecting 21 products in its most recent Oracle Critical Patch Update (CPU), including three critical security patches for its core database. |
|
|
| |
Heartland CIO on PCI, E3 project
(Security Wire Weekly podcast)
Heartland Payment Systems CIO Steve Elefant talks about the processor's new E3 security processes, end-to-end encryption, deployment and adoption issues. |
|
|
| |
Email archiving vendor sues Gartner over Magic Quadrant
(Security Bytes blog)
ZL Technologies is seeking $1.7 billion in damages from Gartner Inc. The analyst firm dismisses claims. |
|
|
| |
Web application firewall use goes beyond compliance, company finds
Web application firewall deployments have been mostly driven by the Payment Card Industry Data Security Standards, but one firm has discovered alternative benefits. |
|
|
| 21 Oct 2009 |
|
| |
DLP technology challenges security costs
Data leakage prevention requires more than just flipping a switch. If not implemented properly, DLP could return alerts that stymie business units and increase operational costs |
|
|
| |
Metasploit Project acquired by vulnerability management firm Rapid7
The popular Metasploit Framework remains a free and open source hacking tool. Creator HD Moore joins Rapid7 as CSO, Metasploit architect. |
|
|
| 20 Oct 2009 |
|
| |
ChoicePoint settles with FTC over second data security breach
(SearchFinancialSecurity.com)
Breach exposed the personal data of 13,740 people and violated a court order stemming from the massive 2005 ChoicePoint breach, Federal Trade Commission says |
|
|
| |
Gumblar Trojan drive-by exploits spike following Adobe update
The FTP harvesting Trojan is spreading through legitimate websites, infecting victims in a series of drive-by attacks targeting Web application vulnerabilities. |
|
|
| 19 Oct 2009 |
|
| |
Scareware report highlights successful business model
(Security Bytes blog)
Report finds cybercriminals well organized in coordinated rogue antivirus schemes. |
|
|
| |
Network traffic collection, analysis helps prevent data breaches
Companies get serious collecting massive amounts of network packets to investigate alerts and speed digital forensics. |
|
|
| 16 Oct 2009 |
|
| |
Breach forces payroll service provider PayChoice to shut down again
PayChoice, a payroll service provider, took its service offline for the second time in a month in response to a data breach. |
|
|
| |
Analyst DLP study finds maturity, ranks top DLP vendors
A Burton Group study identified the leaders in the data leakage prevention market and found some enterprises deploying the technology to educate end users about security policies. |
|
|
| 15 Oct 2009 |
|
| |
Analyst calls Barracuda-Purewire deal proof of cloud dominance
(Security Bytes blog)
Forrester analyst calls Barracuda's acquisition of Purewire poof that cloud computing has gone mainstream. |
|
|
| |
Some Facebook applications lead to Russian attack sites
(Security Bytes blog)
Poor coding on some Facebook apps lead to websites pushing malware, rogue antivirus. |
|
|
| |
Phishing protection begins with training, antiphishing evangelist
IT organizations can take a lesson from marketers by sending three phishing education emails to users before the holiday season. |
|
|
| |
Nuke and pave to eradicate botnets
(Security Wire Weekly podcast)
Security researcher Gunter Ollmann talks about the scourge of dangerous enterprise botnets and why the only method to eradicate them is by a method he calls "nuke and pave." |
|
|
| |
Enterprise botnets contain thousands of malware variants
Smaller and contained on company networks, enterprise botnets pose a greater danger because they are difficult to detect and remove, according to new research. |
|
|
| 14 Oct 2009 |
|
| |
Adobe fixes 29 flaws in Acrobat, Reader
Critical Adobe flaws could cause the applications to crash, enable an attacker to take full control of a victim's machine. |
|
|
| 13 Oct 2009 |
|
| |
Microsoft addresses critical SMBv2 flaw, fixes record number of flaws
Microsoft addressed three critical vulnerabilities in Windows Server Message Block. Thirteen bulletins addressed a record 34 flaws. |
|
|
| |
Barracuda acquires Purewire expanding Web security reach
The acquisition broadens Barracuda's delivery model for URL filtering and securing Web applications through software as a service (SaaS) and hybrid approaches. |
|
|
| |
Phishing attacks to remain a major problem, say security experts
The recent FBI raid halting an international phishing ring highlights the problem of eradicating phishers. Password management and two-factor authentication help reduce the risk. |
|
|
| 09 Oct 2009 |
|
| |
Adobe warns of critical update for Reader, Acrobat 9.1.3
An Adobe update next week will repair a critical zero-day flaw being actively targeted by attackers. |
|
|
