Security News Archive |
 |
| 09 Nov 2009 |
|
| |
How to use Internet security threat reports
Security threat reports help drive security vendor business, but they can also provide some useful information for IT security pros. |
|
|
| |
Healthcare security spending remains sluggish, report shows
Billions for electronic healthcare records aren't driving security budgets up, according to the Healthcare Information and Management Systems Society. |
|
|
| |
Israeli Mossad add Trojan Horse to Syrian laptop
(Security Bytes blog)
Data stealing malware helped Israeli spies reap data from official's laptop. |
|
|
| |
iPhone worm Rickrolls jailbroken phones
(Security Bytes blog)
The ikee worm uses SSH default passwords to hack the smartphone and change the wallpaper to a Rick Astlee photo. |
|
|
| 06 Nov 2009 |
|
| |
Microsoft to address flaws in Windows, Office for Mac
Vulnerabilities affecting Windows and Microsoft Office will be updated next week, according to the software giant's advance notification. |
|
|
| 05 Nov 2009 |
|
| |
Cloud computing data security starts with internal strategy, experts say
EMC's Eric Baize says companies should consider security early and establish trust with the cloud provider. But many factors hinge on an enterprise's specific security strategy. |
|
|
| |
Expert calls SSL protocol vulnerability a non issue
The researchers who discovered the SSL vulnerability warn that it could have far reaching affects and are working with a consortium of vendors to coordinate an industry-wide fix. |
|
|
| 04 Nov 2009 |
|
| |
Two-factor authentication, vigilance foil password theft
Password stealing Trojans, keyloggers and other malware are reaping account credentials by the thousands forcing some to rethink password policies and develop new defenses. |
|
|
| 03 Nov 2009 |
|
| |
NERC CSO warns of cybersecurity threats, risk to electric grid
(SearchCompliance.com)
Growing cybersecurity threats to critical infrastructure and the electric grid have put a new focus on NERC regulations, as well as FISMA, warns NERC's chief security officer. |
|
|
| |
Microsoft fixes security update that breaks Internet Explorer
An update released Monday corrects two issues that affect the proper display of Web pages. |
|
|
| |
Modern malware, stealthy botnets, adapt quickly, expert says
As network intrusion detection systems evolve so does the malware they're designed to detect, continuing the cat and mouse game between security professionals and cybercriminals. |
|
|
| |
M86 buys Web security gateway vendor Finjan
The company plans to develop its U.S. channel, but faces market and integration challenges, according to an industry analyst. |
|
|
| |
Despite recession, information security certification pay continues to climb
Pay for information security certifications continued its uptick despite a volatile IT market. Compliance and the desire to retain good security pros contributed to the rise. |
|
|
| 02 Nov 2009 |
|
| |
FTC announces fourth Red Flags Rule extension
(SearchFinancialSecurity.com)
Members of Congress asked FTC to delay enforcement of identity-theft regulation for organizations the FTC governs |
|
|
| |
Web-based attacks skyrocket, pirating sites surge, security firms say
Reports highlight surge in spam as well as an increase in malicious Web pages attacking visitors with Trojan malware and downloaders. |
|
|
| |
New ransomware Trojan pushes victims to buy software
(Security Bytes blog)
The Ramvicrype Trojan doesn't ask for money in exchange for keys, but sends victims to software that can eliminate the malware file extension, according to Symantec. |
|
|
| |
Computer worm infections up, scareware antivirus down, Microsoft says
Microsoft's biannual report finds rogue antivirus infections and Trojan and downloader attacks down in the first six months of 2009. |
|
|
| 31 Oct 2009 |
|
| |
Squad: Tokenization, Phishing and the Feds
(Security Squad podcast)
SearchSecurity.com editors discuss Microsoft's record breaking patching month, DHS plans to hire cybersecurity pros, the FBI crackdown on a massive phishing ring and tokenization. |
|
|
| 29 Oct 2009 |
|
| |
Kaspersky system analyzes malicious URLs on Twitter for malware
Kaspersky Krab Krawler analysis finds users fueling the number of malicious links on Twitter by posting URLs to infected websites. |
|
|
| |
US-CERT warns of BlackBerry snooping software
PhoneSnoop can configure the BlackBerry speakerphone to function as a listening device for a remote hacker. |
|
|
| |
Chip and PIN adoption serves lesson for U.S. payment industry
As payment processors offer plans for end-to-end encryption, the UK is finding success with chip and pin deployments. The U.S. payment industry should take notice, expert says. |
|
|
| |
Mozilla update repairs Firefox buffer overflow vulnerabilities
(Security Bytes blog)
Repairs fix several critical memory corruption errors and buffer overflow flaws that could cause the browser to crash and leave users vulnerable to attack. |
|
|
| 28 Oct 2009 |
|
| |
Silon malware intercepts Internet Explorer sessions, steals credentials
A new malware variant called Silon has been has been associated with attacks against large banks, according to an advisory issued by Trusteer researchers. |
|
|
| |
McAfee survey finds faults in midmarket enterprise security
(Security Bytes blog)
McAfee report estimates that mid-sized businesses in the U.S. spent $17.2 billion fixing IT security incidents in 2008. |
|
|
| |
Researchers find thousands of flawed embedded devices
Columbia University researchers found thousands of devices, from home routers to video conferencing units at risk. They say their research has implications for enterprises. |
|
|
| 27 Oct 2009 |
|
| |
Pushdo botnet uses Facebook to spread malicious email attachment
A phony message warns users that their Facebook password has been reset. |
|
|
| |
Cisco acquires SaaS security vendor ScanSafe
Move complements Cisco line of IronPort appliances by offering customers Web security gateway services in the cloud. |
|
|
| |
Group to shed light on secure identity management threats
Identity management technologies are struggling to keep pace with constantly evolving nature of attacks, according to the Center for Applied Identity Management Research (CAIMR). |
|
|
