Information Security News Page 6

For more information about the site, see the Site Index

Microsoft prepares to tackle 15 flaws in September Patch Tuesday
Study tracks first signs of Android botnet infections
GlobalSign temporarily halts issuing certificates to investigate breach claim
Standardizing federal security regulations easier said than done
DigiNotar CA breach widens, Microsoft, Dutch government take action
New Java 7 features improve security
Sony appoints former Homeland Security official as CISO
PCI tokenization: Vendors need to iron out differences, expert says
Apache DDoS vulnerability requires immediate update to avoid threat
Survey: APT attacks a top concern, but many firms fail to enforce policies
Browser makers block rogue SSL certificate
Morto worm, an old-school Internet worm, spreading via RDP
In wake of Android Trojans, enterprises need Android security policy
Android attacks now outpace all other mobile platforms, says McAfee
IBM researchers push for secure open wireless networks
SpyEye source code leaks could fuel new wave of attacks
State IT security model for IRS compliance could work at federal level
PCI Council issues long-awaited PCI tokenization compliance guidance
RIM issues fix for BlackBerry vulnerabilities
Microsoft Patch Tuesday: Critical Internet Explorer, Windows DNS updates
Sophos software design, implementation critically flawed, says researcher
Black Hat 2011: Money for secure application development proves elusive
Microsoft’s August 2011 Patch Tuesday to address 22 flaws
New GrayWolf tool sheds light on Microsoft .NET application security
Black Hat 2011: Dan Kaminsky reveals network security research topics
Chromebook security in question due to flawed Google Chrome extensions
New Microsoft BlueHat Prize offers $250,000 for security innovation
Former CIA official cites rise in government cybersecurity awareness
McAfee’s Operation Shady RAT exposes national cybersecurity lapses
Report warns of Android security issues, increased malware, Web attacks
Black Hat 2011 to focus on new hacking techniques, software flaws
New Veracode technology seeks to speed up SQL attack detection
Stealthy attacks contribute to skyrocketing cost of cybercrime, report finds
Citrix patches severe XenDesktop, XenApp security flaw
New Google hacking tools on tap for Black Hat 2011
Automated attack toolkits single biggest threat to Web apps, report finds
Black Hat 2011: Hacking technique targets Windows kernel errors
Allesandro Acquisti to take down privacy with facial recognition at Black Hat
Kaspersky CTO: Open Apple iOS restrictions for security vendors
Google malware warning system alerts users about infections
Black Hat 2011: Researchers to demonstrate Android attack
The Obama administration’s Identity Ecosystem plan: What to expect
Internet Explorer 9 security surpasses rivals in blocking social engineering attacks
Microsoft offers bounty in hunt for Rustock spambot operators
Microsoft fixes Bluetooth vulnerability, Windows kernel flaws ahead of Black Hat 2011
New Android phone malware indicates transition to mobile platform attacks
Microsoft to repair 22 vulnerabilities across Windows, Office
Washington Post email breach affects more than a million job seekers
Data reduction software accelerates computer forensic investigations
Cisco: Targeted phishing helped hackers earn $150 million last month
High-profile attacks, inadequate defenses burden IT security programs
Eye On: CISO Management Issues
Top five themes from Gartner Security Summit 2011
Computer forensics growing part of Fed cybersecurity strategy
Verizon launches Incident Analytics Service to meld DBIR data with risk analysis
Gartner: Dodd-Frank regulations demand compliance bureau
Attackers target Microsoft IE flaw in drive-by attacks
Chertoff warns of growing information security attacks from small cyberattack groups
New Adobe sandbox hardens Acrobat family, adds Protected View
Citigroup attack highlights insufficient authorization error
Microsoft issues 16 bulletins, 9 critical including SMB, IE fixes
Citigroup acknowledges data security breach
Microsoft and Adobe to issue major security updates
Microsoft gearing up for disruptive Patch Tuesday
Lagging IPv6 security features, vulnerabilities could hamper transition
Cigital acquires Consciere, brings in security vets
RSA responds to SecurID attack, plans security token replacement
Cross-site scripting vulnerability discovered in Adobe Flash Player
Contractor attacks via SecurID tokens fuel call for data security reassessment
Data breach notification laws: Timing right for breach notification bill, experts say
Eye On: Virtualization Security
Reduce virtualization security risks by thinking physical, experts say
Smartphone theft, loss outweighs malware risk, McAfee report finds
IPv6 connectivity: Innovations address IPv6 security concerns
PCI DSS survey finds need for credit card tokenization guidance
Wikileaks insider threat: A lesson for government cybersecurity managers
ICASI publishes new vulnerability reporting framework
VMware acquires Shavlik Technologies for vulnerability, configuration management
Microsoft SIR finds account credentials are king
Microsoft SIR finds decline in vulnerability disclosures, sharp rise in Java exploits
Tripwire acquired by investment firm
Juniper Networks finds rise in Android phone malware, smartphone spyware
Microsoft patches critical server flaw, revises index
Sophos acquires Astaro for integrated network security, endpoint protection
Microsoft to issue critical Windows bulletin, revamps Exploitability Index
Maiffret: Configuration changes, attack mitigation can reduce attack surface
Security lab, pen testing key to proactive, creative cybersecurity
Sony attack: Sony expands scope of its massive data security breach
Attackers set sights on Mac OS X with Apple malware toolkit
Microsoft updates Malicious Software Removal Tool for Coreflood removal
Recent data breaches redefine failure, demand new approaches
Survey finds users re-evaluating two-factor authentication options
Software remediation can get caught in organizational issues
Adobe issues fix for Acrobat, Reader to block ongoing Flash attacks
Eye On: Secure Software Development
Security pros find software code security improvements, weigh next step
Software code analysis firm gives security vendors poor marks
As cyberattacks increase, so does need for penetration testing
Verizon data breach report 2011: Attackers refining their targets
Verizon DBIR: Cybercrime arrests factor in fewer lost data records