Information Security News Page 2

For more information about the site, see the Site Index

FBI arrests attackers associated with Facebook cybercrime ring
Social engineering, employee gaffes require full attention, says expert
Lessons learned from real-world DLP technology deployments
Internet Explorer vulnerabilities fixed in December 2012 Patch Tuesday
UK job search website vulnerability allows unchecked job postings
Adobe issues critical Flash Player update
Deploying DLP technology requires hands-on approach, experts say
Converging audit and risk management programs a flawed approach, says expert
Twelve common software security activities to lift your program
Patch Tuesday: Five critical bulletins, Exchange Server fix expected
Study finds firms lagging in health care privacy, data security protections
Cutwail botnet spam campaign tied to Zeus banking Trojan
Experts develop protections for product piracy, intellectual property theft
Software development maturity driving down ZDI flaw submissions
Symantec launches Endpoint Protection 12.1, VDI support
NetWars CyberCity missions to improve critical infrastructure protection
Many in industry at odds over pending cybersecurity executive order
Study finds spear phishing at heart of most targeted attacks
Unrealistic expectations, skills gap mire market for IT security jobs
US-CERT warns of new Samsung, Dell printer threat
Study finds most antivirus products ineffective
Petraeus scandal holds lessons in email security policy, e-discovery
Go Daddy responding to malicious DNS entries
Phishing attack, stolen credentials sparked South Carolina breach
Deception, proactive defenses can better protect IP, says expert
RSA president: Better analytics, info sharing lifts enterprise security
PCI Council: Risk assessment methodology unique to company environment
Report highlights supply chain insecurities, downplays mobile threats
Custom, targeted malware attacks demand new malware defense approach
Identity fraud rings in the U.S. target wireless companies, banks
Government, industry leaders share cybersecurity funding priorities
NASA to deploy whole-disk encryption following breach
Adobe investigates scope of customer forum breach
Malware identified as latest Mac Trojan targeting activists
Enterprises can obtain value from red teaming exercises, expert says
Ransomware variant works on Windows 8, Symantec says
Eugene Kaspersky outlines secure operating system plans
Eugene Kaspersky: Enterprises must make hacking difficult, costly
Microsoft fixes critical issues in Internet Explorer, Windows Kernel
BYOD challenges deter enterprises from adopting policies, survey finds
Enterprises at core of vendor software security testing, Veracode finds
Report highlighting SCADA insecurities alarmist, says ICS expert
Adobe investigates zero-day that bypasses Reader X sandbox
November 2012 Patch Tuesday to include Windows 8 patch
Huawei security chief says vendor supports U.S. cyberespionage defense
Despite Windows 8 zero-day, vendors laud security of new Microsoft OS
Remote access Trojan evades detection using mouse functions
CrowdStrike advocates offensive security, proactive defense approach
Gary McGraw: Proactive defense prudent alternative to cyberwarfare
Cybersecurity legislation mired as executive order looms
DDoS, SQL injection discussions trending in hacking forums, study finds
Howard Schmidt warns private sector of cyberwar impact
State CISOs cite insufficient funding, lack of skilled IT professionals in survey
South Carolina breach affects millions
Report details insider threats, but enterprises can respond, says expert
Verizon DBIR: Identify insider threat warning signs, safeguard IP
Verizon DBIR analysis finds intellectual property theft takes years to detect
Users neglect enterprise mobile device security measures, survey finds
Lack of skilled security pros challenges CISOs to fill specialties
Public Wi-Fi hotspots pose real threat to enterprises, survey finds
Google no longer playing with Android malware
Spam campaign abuses flaw tricking thousands with shortened .gov URLs
Symantec study highlights complexity of risks posed by zero-day exploits
MiniFlame spyware extremely targeted, but could pose future threat
Web app design at the core of coding weaknesses, attacks, says expert
Application vulnerability disclosures rise, Microsoft finds
Rapid7 acquires Mobilisafe to assess mobile device risks
Microsoft addresses critical Word flaws, new RSA key length
Successful cyberattacks driving up cost of cybercrime, study finds
Chinese telecoms cannot be trusted, congressional study finds
Microsoft acquires multifactor authentication vendor PhoneFactor
Ten commandments for software security
October 2012 Patch Tuesday: One critical bulletin expected
Age-old vulnerabilities, attack techniques consistently trip enterprises
Expert urges security pros to speak out, educate upper management
Pen testers should broaden scope, focus more on people, expert says
Internet scan finds thousands of device flaws, system weaknesses
Adobe to revoke certificate following fraudulent use
Some activist DDoS attacks growing in sophistication, expert says
Research firm discovers new Java sandbox vulnerability
Targeted attackers often gain upper hand once inside, says Trend Micro
ESET calls Flashback Trojan threat now 'extinct'
Microsoft issues emergency security update for Internet Explorer
Microsoft to issue emergency Internet Explorer update Friday
Firms failing at mobile application development security, study finds
Little being done to prevent Web application threats, analysts say
Microsoft plans to release fix for IE zero-day vulnerability
New zero-day vulnerability targets Internet Explorer users
Malwarebytes Enterprise Edition debuts with features designed for the SMB
BSIMM study expands scope, identifies new software security activities
Data privacy issues present new data governance challenges
Microsoft disrupts Nitol botnet, outs hidden PC malware
Researchers begin analyzing Black Hole exploit kit revisions
KEYW inks deal to acquire SIEM technology supplier Sensage
PCI Council issues mobile application rules for software developers
AT&T applies new tactics to advanced persistent threat protection
RSA key length change should be priority in September 2012 Patch Tuesday
GoDaddy back online, affirms no data comprised
For Target, retailer's risk management program hinged on executive buy-in
GoDaddy investigates service disruption