Information Security News Page 5

For more information about the site, see the Site Index

Infosec certifications valuable in security job market, (ISC)2 finds
Remote administration software weaknesses plague businesses
February 2012 Patch Tuesday to address 21 vulnerabilities
Marty Roesch pushes collective analysis, underscores cyberthreat intelligence
Longstanding network security problems plague enterprises, Trustwave finds
Adobe issues support for Flash Player sandboxing in Firefox
Nothing funny about SCADA and ICS security
Adobe makes pitch for defensive security research to cripple exploit writing
SEC filing: VeriSign security breach in 2010 was limited, execs say
Symantec issues new pcAnywhere security guide following flaw resolution
IBM enters mobile device management market via BigFix integration
Cridex Trojan breaks CAPTCHA, targets Facebook, Twitter users
Phoenix Exploit Kit responsible for mass WordPress compromises
Email providers push DMARC email authentication to combat phishing
Malicious Android applications may have infected millions, Symantec warns
Fake Firefox update delivers malware, exploit kits
McAfee adds SMS filtering, smartphone threat intelligence to Android security app
Understanding data security breaches eclipses preventing them
Symantec pulls pcAnywhere, man-in-the-middle attacks are possible
Kelihos botnet operator named in Microsoft botnet lawsuit
New Epsilon CISO to expand security team, assess security practices
Twitter acquires Dasient in security buying spree, Android platform focus
Black Hole kit fuels drive-by attacks, rogue antivirus declines, Sophos finds
HP TippingPoint revamps Pwn2Own hacking contest, removes mobile hacks
Facebook users targeted by transformed Carberp Trojan
Symantec breach: Data breach basis of Norton source code leak
Oracle repairs two database flaws, issues 78 patches to product line
Website weaknesses at fault in T-Mobile hacktivist attack
RSA SecurID breach: Executives attempt to repair tarnished image
Symantec acquires LiveOffice for online data archiving
Android app malware exploits Carrier IQ controversy
Stratfor unveils new website, improves security following breach
Tools, services emerge for enterprise DNSSEC adoption
Readiness team warns of spoofed US-CERT email addresses in phishing campaign
Adobe repairs critical Reader, Acrobat flaws, adds JavaScript control
Microsoft January 2012 Patch Tuesday issues Windows Media fix, resolves SSL protocol weakness
Ramnit malware data out-of-date, social network says
Symantec source code theft: Threat is low to current products, vendor says
Ramnit financial malware rips Facebook credentials
January 2012 Patch Tuesday: Microsoft to fix eight flaws in Windows, developer tools
Care2 resets millions of account credentials following security breach
Tilded platform responsible for Stuxnet, Duqu evasiveness
Year’s top 5 security podcasts highlight security breaches of 2011
Multifunctional malware, staged drive-by attacks to rise in 2012
Microsoft emergency update to address hash collision attacks
Cybersecurity career experts: Mobile app security skills hot in 2012
Security intelligence firm Stratfor investigates hacktivist attack
Spear phishing attacks likely key in U.S. Chamber of Commerce breach, experts say
Critical Windows 7 zero-day vulnerability could lead to iFrame attacks
Why businesses should care about proposed Protect IP, SOPA pirating laws
GlobalSign hack update: Certificate authority finds no rogue certs
December 2011 Patch Tuesday sees 13 Microsoft bulletins, Duqu patch
Google tosses malicious Android apps from Android Market
Top 5 mobile phone security threats in 2012
Microsoft prepares for 14 bulletins, no indication of Duqu repair
Android app security: Study finds mobile developers creating flawed Android apps
Malware, lost or stolen devices top mobile phone security threats
Adobe security update being issued for zero-day in Reader, Acrobat for Windows
Carrier IQ spyware controversy highlights mobile app access missteps
Duqu Trojan attackers cleaned their tracks well, analysis finds
Adobe Flex update patches flaw in Flex application development framework
HP printer vulnerabilities leave millions of printers susceptible to attack
HTML 5 security issues pose challenges for enterprises, experts say
New Facebook worm poses as a screensaver
Twitter acquires WhisperSystems mobile security technology
Mobile device management market offers mobile device security options
ISC issues temporary patch for zero-day BIND 9 DNS server flaw
New malware signed with government digital certificate
Confusion over APT attacks leads to misguided security effort
Without enforcement, a mobile device security policy alone falls short
FBI takes down DNS Changer botnet; aided $14 million click fraud scheme
One critical bulletin, no Duqu patch, in November 2011 Patch Tuesday updates
Study: Signature-based antivirus can't stop polymorphic malware, unknown malcode
No Duqu zero-day patch yet, but Microsoft offers workaround
Duqu installer contains Microsoft Windows zero-day vulnerability
Next generation SIEM could boost network visibility, but platforms must scale, experts say
New Duqu Trojan analysis questions Stuxnet connection
Web application risks exacerbated by social media ties, says ISACA
Researchers break W3C XML encryption algorithm, push for new standard
McAfee DeepSAFE technology not yet a game changer, say analysts
New Duqu malware shares Stuxnet Trojan code similarities
Zero-day exploits are low in number, but pose big threat, experts say
IT security pros acknowledge network security weaknesses, configuration issues
Microsoft’s October 2011 Patch Tuesday fixes 23 flaws, releases SIRv11
Symantec outlines potential smartphone fraud schemes targeting Android users
New Android malware uses blog platform to communicate with cybercriminals
Microsoft gears up for 23 flaws in October 2011 Patch Tuesday
DHS cloud computing: Homeland Security’s model private cloud strategy
IBM, McAfee add SIEM security capabilities with acquisitions
Developing IT risk management decision-making criteria an ongoing challenge
Firms struggle to address social networking security risks, survey finds
Verizon PCI report finds firms struggling to maintain compliance
Oracle-owned MySQL.com hacked, serves malware to visitors
Cigital BSIMM 3 study provides software security metrics data
FBI makes LulzSec arrests in Sony breach investigation
For smartphone security issues, consumers, enterprises rely on carriers
Adobe Flash Player security update repairs dangerous XSS issue
Advanced Cyber Security Center for IT security launches in Mass.
DigiNotar files bankruptcy protection in wake of certificate breach
NIST guidelines seek to minimize risk of BIOS attacks