Information Security News Page 6

For more information about the site, see the Site Index

Russian cybercriminal steals $3.2M from U.S. government with Zeus, SpyEye toolkit
NSA: Growing cybersecurity threats demand defenders think like attackers
Measurement first among secure software development benchmarks
Legal risks abound for firms without a mobile device security policy
Breach fears push federal cloud computing initiative to private cloud
Oracle issues out-of-band Apache update
PCI Council issues point-to-point encryption validation requirements
Intel demonstrates McAfee DeepSAFE security platform
Microsoft patches 15 flaws, blacklists additional DigiNotar certificates
Typosquatters continue to plague enterprises, trap victims
Microsoft prepares to tackle 15 flaws in September Patch Tuesday
Study tracks first signs of Android botnet infections
GlobalSign temporarily halts issuing certificates to investigate breach claim
Standardizing federal security regulations easier said than done
DigiNotar CA breach widens, Microsoft, Dutch government take action
New Java 7 features improve security
Sony appoints former Homeland Security official as CISO
PCI tokenization: Vendors need to iron out differences, expert says
Apache DDoS vulnerability requires immediate update to avoid threat
Survey: APT attacks a top concern, but many firms fail to enforce policies
Browser makers block rogue SSL certificate
Morto worm, an old-school Internet worm, spreading via RDP
In wake of Android Trojans, enterprises need Android security policy
Android attacks now outpace all other mobile platforms, says McAfee
IBM researchers push for secure open wireless networks
SpyEye source code leaks could fuel new wave of attacks
State IT security model for IRS compliance could work at federal level
PCI Council issues long-awaited PCI tokenization compliance guidance
RIM issues fix for BlackBerry vulnerabilities
Microsoft Patch Tuesday: Critical Internet Explorer, Windows DNS updates
Black Hat 2011: Money for secure application development proves elusive
Microsoft’s August 2011 Patch Tuesday to address 22 flaws
New GrayWolf tool sheds light on Microsoft .NET application security
Sophos software design, implementation critically flawed, says researcher
New Microsoft BlueHat Prize offers $250,000 for security innovation
Black Hat 2011: Dan Kaminsky reveals network security research topics
Chromebook security in question due to flawed Google Chrome extensions
Report warns of Android security issues, increased malware, Web attacks
Former CIA official cites rise in government cybersecurity awareness
McAfee’s Operation Shady RAT exposes national cybersecurity lapses
Black Hat 2011 to focus on new hacking techniques, software flaws
Stealthy attacks contribute to skyrocketing cost of cybercrime, report finds
New Veracode technology seeks to speed up SQL attack detection
Citrix patches severe XenDesktop, XenApp security flaw
New Google hacking tools on tap for Black Hat 2011
Automated attack toolkits single biggest threat to Web apps, report finds
Black Hat 2011: Hacking technique targets Windows kernel errors
Allesandro Acquisti to take down privacy with facial recognition at Black Hat
Kaspersky CTO: Open Apple iOS restrictions for security vendors
Google malware warning system alerts users about infections
The Obama administration’s Identity Ecosystem plan: What to expect
Black Hat 2011: Researchers to demonstrate Android attack
Internet Explorer 9 security surpasses rivals in blocking social engineering attacks
Microsoft offers bounty in hunt for Rustock spambot operators
New Android phone malware indicates transition to mobile platform attacks
Microsoft fixes Bluetooth vulnerability, Windows kernel flaws ahead of Black Hat 2011
Microsoft to repair 22 vulnerabilities across Windows, Office
Washington Post email breach affects more than a million job seekers
Data reduction software accelerates computer forensic investigations
Cisco: Targeted phishing helped hackers earn $150 million last month
High-profile attacks, inadequate defenses burden IT security programs
Eye On: CISO Management Issues
Top five themes from Gartner Security Summit 2011
Computer forensics growing part of Fed cybersecurity strategy
Gartner: Dodd-Frank regulations demand compliance bureau
Verizon launches Incident Analytics Service to meld DBIR data with risk analysis
Chertoff warns of growing information security attacks from small cyberattack groups
Attackers target Microsoft IE flaw in drive-by attacks
New Adobe sandbox hardens Acrobat family, adds Protected View
Citigroup attack highlights insufficient authorization error
Microsoft issues 16 bulletins, 9 critical including SMB, IE fixes
Microsoft and Adobe to issue major security updates
Microsoft gearing up for disruptive Patch Tuesday
Citigroup acknowledges data security breach
RSA responds to SecurID attack, plans security token replacement
Lagging IPv6 security features, vulnerabilities could hamper transition
Cigital acquires Consciere, brings in security vets
Cross-site scripting vulnerability discovered in Adobe Flash Player
Contractor attacks via SecurID tokens fuel call for data security reassessment
Data breach notification laws: Timing right for breach notification bill, experts say
Eye On: Virtualization Security
Reduce virtualization security risks by thinking physical, experts say
Smartphone theft, loss outweighs malware risk, McAfee report finds
PCI DSS survey finds need for credit card tokenization guidance
IPv6 connectivity: Innovations address IPv6 security concerns
Wikileaks insider threat: A lesson for government cybersecurity managers
ICASI publishes new vulnerability reporting framework
VMware acquires Shavlik Technologies for vulnerability, configuration management
Microsoft SIR finds decline in vulnerability disclosures, sharp rise in Java exploits
Microsoft SIR finds account credentials are king
Juniper Networks finds rise in Android phone malware, smartphone spyware
Tripwire acquired by investment firm
Microsoft patches critical server flaw, revises index
Sophos acquires Astaro for integrated network security, endpoint protection
Maiffret: Configuration changes, attack mitigation can reduce attack surface
Microsoft to issue critical Windows bulletin, revamps Exploitability Index
Security lab, pen testing key to proactive, creative cybersecurity
Sony attack: Sony expands scope of its massive data security breach
Attackers set sights on Mac OS X with Apple malware toolkit
Recent data breaches redefine failure, demand new approaches