• Gartner: Windows 7 security features have strings attached
  • Tokenization vs encryption: RSA touts tokens to reduce PCI DSS pain
  • Gartner: Companies shouldn't bother banning Facebook, social networking
  • Trustwave buys Breach Security for WAF technology
  • PCI Standards to be updated on new three-year cycle
  • Gartner: Enterprises must learn to detect botnet threats
  • Adobe focuses on secure software development lifecycle
  • NuBridges update enables simultaneous data center tokenization
  • Frustration growing over limited ability to shut down botnets
  • Attackers can take out critical infrastructure, but profit lies elsewhere, researcher says
  • Next Cyberstorm exercise to stress international cooperation on security
  • For Google, DNS log analysis essential in Aurora attack investigation
  • Google bug hunter discovers serious Windows XP flaw
  • Check Point acquires Liquid Machines for enterprise rights management
  • Gartner: IT security spending to remain steady, but not a top CIO priority
  • Microsoft emphasizes three critical updates on patch-heavy Tuesday
  • Adobe warns of critical security flaw in its products
  • Microsoft to issue 10 security bulletins, three critical
  • Malware discovered in freely distributed Mac applications
  • Network forensics tools increasingly aid security response teams
  • Report: Google to phase out Windows, cites security issues
  • PCI tokenization guidance could benefit payment processors
  • McAfee to acquire Trust Digital for smartphone security
  • KHOBE attack technique fails to gain major security threat status
  • Shavlik moves patch management systems to the cloud
  • Oracle buys database firewall vendor Secerno
  • Judge orders permanent shutdown of rogue ISP, forfeit $1 million to FTC
  • Microsoft issues advisory for Windows display driver flaw
  • VeriSign to sell authentication unit to Symantec for $1.28 billion
  • Report: Symantec set to buy VeriSign security unit
  • New tool enables botnet command and control via Twitter
  • Cigital expands software security model, includes data from 30 major firms
  • Adobe fixes 21 security flaws, issues updated Shockwave Player
  • Study on security in cloud computing shows angst, rogue users
  • Microsoft repairs critical Outlook Express, Visual Basic vulnerabilities
  • Cybersecurity legislation creates position with budgetary authority
  • Trojan poses as Windows 7 compatibility tool
  • Microsoft to issue two critical bulletins, SharePoint to remain vulnerable
  • Antispam technologies remain typical, but hosted model gains footing
  • For enterprise firewalls, performance outweighs security functionality
  • Sophos sells majority stake to private equity group
  • PCI compliance encryption includes hardening key management systems
  • Microsoft warns of serious SharePoint cross-site scripting zero-day
  • Symantec acquires PGP, GuardianEdge for encryption, key management
  • Latest Storm worm variant poses little security threat
  • Creating data destruction policies to protect sensitive company data
  • Private sector can take lessons from federal network security projects
  • Security expert predicts criminals to take cyber extortion tactics to the U.S.
  • PCI security compliance experts share ways to get compliance 'done right'
  • Microsoft, Symantec reports mirror global information security trends
  • Researchers demonstrate cell phone vulnerabilities to track user movements
  • Researchers aim to smarten Web application security scanners
  • Windows-based attack bypasses file restrictions, network detection
  • Feds must take action on Cyber Storm exercise lessons, expert says
  • Companies falling behind on IT access governance, survey finds
  • Active drive-by attacks target new Java zero-day flaw
  • Adobe fixes 15 flaws in Reader, Acrobat
  • Metasploit creator sees no end to software security vulnerability issues
  • Microsoft fixes critical drive-by media handling flaws
  • Secure software development lifecycle still lacking at dev firms
  • Microsoft to repair 25 flaws in Windows, Office and Exchange
  • Outsourced security extends to wealth of services, study finds
  • PCI Council readying end-to-end encryption guidance
  • Security spending survey finds misaligned IT security budgets
  • Botnet research suggests progress in cybercrime war
  • Google researchers out kernel bugs in Windows, Linux and VMware
  • Microsoft emergency patch addresses IE vulnerabilities, zero-day
  • Stolen portable media device blamed in breach of 3.3 million
  • Emergency Microsoft patch fixes IE zero-day vulnerability
  • TJX hacker gets 20 years in prison in Heartland case
  • Researcher develops new technique for SQL injection defense
  • Twenty-year prison sentence in TJX hacking case
  • Researcher's fuzz testing finds dozens of Apple, Microsoft flaws
  • Hackers to target mobile phones, Web browsers in Pwn2Own contest
  • Apple iPhone, Microsoft IE 8 get hacked in Pwn2Own contest
  • Static analysis tools boost security, but integration still an issue
  • Despite IE6 security concerns, browser use still high at enterprises, study finds
  • Patch for Microsoft Virtual PC weakness unlikely
  • The pros and cons of cyber identity and attribution on the Internet
  • Major ISPs can remove botnets, malware, CISO says
  • Microsoft Virtual PC zero-day flaw weakens virtual sessions
  • Social networks, financial firms getting used in phishing, brand abuse
  • Survey stresses need for information security career plan
  • MD5 hash vulnerability is expert's top Web security flaw
  • Zeus botnet temporarily disrupted, but back in full force
  • Experts see DNSSEC deployments gaining traction
  • Social networking risks, benefits for enterprises weighed by RSA panel
  • Microsoft repairs Excel flaws, warns of new IE vulnerability
  • PCI tokenization push promising but premature, experts say
  • Medical identity fraudsters target health care info, experts say
  • Experts laud IPS virtual patching, but warn against misuse
  • At RSA Conference, experts dismiss end-to-end encryption claims
  • Microsoft to address eight security vulnerabilities in Windows, Office
  • Trustwave seeks SIEM technology upgrade with Intellitactics deal
  • FBI asks for more private-sector help reporting cybercrime cases
  • Social networking threats put new pressure on healthcare CSOs
  • Companies urged to share data breach information
  • Privacy protection essential in fight against cybercriminals, experts say
  • Customer gets say during responsible vulnerability disclosure panel
  • Three security themes to watch for at the 2010 RSA Conference
  • More