For more information about the site, see the Site Index

• Adobe JBIG2 exploits being spammed, IBM warns
• Firms muddle security breach response, expert says
• Third QSA firm placed in remediation by PCI SSC
• Microsoft Threat Management Gateway has some drawbacks
• Portable security storage device could replace OTP devices
• Number-driven risk metrics 'fundamentally broken'
• Flaw disclosure debate polarizes SOURCE Boston panel
• Serious holes in Mac OS X memory, researcher shows
• Financial expert sees value in new security firms
• Microsoft patches critical Windows kernel flaw
• Apple iPhone app could boost two-factor
• Cyberattack mapping could alter security defense strategy
• Adobe issues patch to block zero-day flaw
• Inside MSRC: Microsoft updates DNS, kernel
• PCI QSA assurance program penalizes assessors
• Mozilla repairs URL spoofing, memory corruption flaws in Firefox
• Microsoft to patch critical Windows vulnerabilities
• PCI Council issues priority tool for compliance
• Cisco brings email security appliances closer to SaaS
• Cisco offers more email security choices, but lacks vision
• Conficker worm targets Southwest Airlines
• HIPAA changes force healthcare to improve data flow
• Conficker botnet ready to be split, sold
• VM servers affected by Intel TXT exploit method
• Adobe updates Flash Player to fix clickjacking, buffer overflow flaws
• Laid off workers likely to steal company data, survey warns
• Sourcefire issues Adobe zero-day patch to block attacks
• Attackers target Microsoft Excel zero-day flaw
• Microsoft Conficker worm offers attack prevention lesson
• Group identifies top 20 security controls to thwart cyberattacks
• Hacker sentenced for stealing millions from U.S. credit cards
• Attackers target new Adobe zero-day flaw
• SMS mobile worm attacks Symbian smartphones
• New hacking method stealthily attacks Macs with malware
• Smartphone security lacking at many businesses
• Firms show DLP interest to monitor social networking traffic, survey finds
• CVS pays $2.25 million HIPAA violation settlement
• Intel Trusted Execution Technology is flawed, Black Hat researchers show
• Trustwave acquires NAC appliance vendor Mirage Networks
• SSLstrip hacking tool bypasses SSL to trick users, steal passwords
• Virtualization challenges traditional security concepts
• Virtualization security moves to the fore in 2009
• Four ways to prioritize security programs in bad economy
• Massachusetts data protection, encryption law extended
• Kaspersky website hacked multiple times, expert says
• Finjan, Citrix highlight different gateway approaches
• BlackBerry maker to acquire encryption firm
• Coalition forms to battle Microsoft worm attack, $250K reward offered
• Microsoft offers $250K bounty for Conficker writer
• RIM warns of serious vulnerability in BlackBerry Web loader
• F-Secure latest security vendor hacked
• Report offers security strategy tips to overcome funding problems
• Inside MSRC: Microsoft foldout explains IE, Exchange patches
• Microsoft fixes critical IE 7, Exchange flaws
• Finjan adds DLP, content caching to Web security gateway
• Kaspersky website hacked, customer activation codes exposed
• SQL injection attacks targeting Flash, JavaScript errors
• OpenDNS to step up fight against Conficker worm
• Cisco corrects serious Wireless LAN flaws
• Heartland breach highlights PCI limitations
• Microsoft to patch serious IE, Exchange Server flaws
• Firefox version 3.0.6 update fixes dangerous flaws
• Fuzzing tool helps Oracle DBAs defend against SQL injection
• Encrypt now to meet new Mass. data protection law
• Malware engine breaks Google search results
• Data breach costs rise as firms brace for next loss
• Security skills pay increases despite economic downturn
• Sensitive data insecure abroad, McAfee report finds
• VA could pay veterans $20 million for security breach
• Symantec CEO Thompson could be next commerce chief
• Microsoft Conficker worm hits peak, but payload awaits
• First lawsuit filed in Heartland data security breach
• Educators see secure coding training challenges, improvements
• Websense acquires Web 2.0 antispam platform Defensio
• Barracuda Networks expands backup service with acquisition
• Archer Technologies buys IT GRC competitor Brabeion Software
• IPv6 move could cause network problems, threaten cybersecurity
• Monster.com discloses database breach
• Apple fixes critical QuickTime flaws
• Retailers boost data collection, but data privacy issues persist
• Shavlik apologizes for hyped Microsoft patch analysis
• Payments processor discloses massive data breach
• 2009 spam outlook: After McColo, attackers exploit alternative methods
• New York drafts language demanding secure code
• Oracle patches dangerous WebLogic, Secure Backup vulnerabilities
• Inside the MSRC: Microsoft describes Server Message Block update
• RIM fixes serious BlackBerry PDF handling flaws
• AVG acquires HIPS vendor Sana Security
• Microsoft updates critical SMB server flaws
• Oracle to release 41 security fixes
• Security experts identify 25 dangerous coding errors
• Microsoft RPC worm spreads in corporate networks
• TJX suspect convicted in Turkish court
• Phishing scams for money? Don't bet on it
• Microsoft to issue critical Windows patch
• SAP issues update to correct critical ActiveX flaw
• Trend Micro gets more competitive with BigFix deal
• CA steers DLP towards access, identity management
• Twitter tries to shore up security in wake of hack attack
• VeriSign addresses MD5 flaw



• More