Information Security News Archive |
 |
| 15 Feb 2010 |
|
| |
Microsoft blue screen affecting few corporate PCs
Corporate PCs with standard configurations do not appear to be returning a Blue Screen of Death, despite reports of the issue related to Microsoft's latest round of patches. |
|
|
| |
Microsoft patches SMB flaws, Hyper-V problem in big update
Microsoft issued 13 bulletins, patching more than two dozen flaws across its product line, including critical Server Message Block flaws and a hypervisor DoS vulnerability. |
|
|
| |
New Community Security Policy aims to reduce computer misuse
The ACPO has unveiled a Community Security Policy, which aims to reduce computer misuse in the police force. Learn how one police force has met the new compliance standard. |
|
|
| |
Websense integrated security system aims to simplify security management
Websense Inc. has announced its new integrated security system, dubbed Triton. The product combines Web content filtering, email security and data leakage prevention into one conso... |
|
|
| 08 Feb 2010 |
|
| |
Google to pay for Chrome browser vulnerabilities
Google follows Mozilla's FireFox vulnerability reward program, offering a base reward of $500 for eligible browser bugs. |
|
|
| |
CISOs take measured steps to reduce social media risks
With sales and marketing teams using social networks to connect with clients and potential customers, CISOs need to meet business needs while addressing risks. |
|
|
| |
Microsoft to fix 26 flaws in Windows, Office
The Microsoft Advance Notification warns of five critical bulletins across its product line. A total of 13 bulletins address 26 vulnerabilities. |
|
|
| |
Full disk encryption: Safer and easier than file and folder encryption
A security expert says full disk encryption is one way to ensure a lost corporate laptop doesn't cause a damaging data breach. Learn about the findings of one investigation into fu... |
|
|
| 01 Feb 2010 |
|
| |
PCI DSS requirements: Get ready for stricter enforcement, fines
Companies that are not taking the PCI DSS requirements seriously take note: Credit card companies are cracking down on non-compliant retailers. At a recent PCI DSS user group, reta... |
|
|
| |
PCI QSAs, certifications to get new scrutiny
The PCI Security Standards Council now has a team of five reviewing PCI assessments for inconsistencies and has increased funding for its QSA oversight program. |
|
|
| |
No major PCI DSS revision expected in 2010
The next revision of PCI DSS will contain clarifications, but no major revisions, according to Bob Russo, general manager of the PCI Security Standards Council. |
|
|
| |
Thin-client technologies surge thanks to easier security, says Deloitte
Thin-client technologies are on the rise as a result of the simplified security procedures they provide, according to a Deloitte report. Find out what security aspects are made sim... |
|
|
| |
Upsurge in infosec jobs for 2010
Infosec jobs are on the rise this year, and not a moment too soon for many industries. Find out which job sectors are hiring the most information security professionals, and which ... |
|
|
| 25 Jan 2010 |
|
| |
Adobe issues alert on Shockwave Player 3D graphics flaws
Vulnerabilities could allow an attacker to infect victims with malware and take control of an infected machine. |
|
|
| |
Data breach costs continue to rise in 2009, Ponemon study finds
A Ponemon Institute study of 45 businesses found data breach costs increased last year to $204 per compromised record, a rise of $2 per customer record over 2008 costs. |
|
|
| |
Security architects fear savvy botnet attacks, IPv6 security issues
An Arbor Networks Inc. survey finds angst over botnet attacks targeting underlying systems, including DNS, load balancers and other back-end infrastructure. |
|
|
| |
Microsoft issues critical security update, blocks IE 6 attacks
Eight critical vulnerabilities in Internet Explorer were repaired in Microsoft's rushed security update. All supported versions of IE are affected. |
|
|
| |
Multifunction security device safeguards SOA, streamlines company's infrastructure
An Edinburgh insurance and pensions company has used an appliance to improve its application security and to streamline its infrastructure. Learn what the application security tool... |
|
|
| 18 Jan 2010 |
|
| |
Data Protection Act breach could cost companies 500,000 pounds
The Information Commission's Office recently announced new penalties for Data Protection Act breaches. Find out when the new penalties will come into play and what the penalties wi... |
|
|
| |
Chinese hacker attacks target Google Gmail accounts, top tech firms
Up to 33 Silicon Valley tech firms, financial companies and government contractors have been breached by a sophisticated attack believed to have originated in China. |
|
|
| |
Facebook, McAfee partner to fix social network security issues
Facebook beefs up its account remediation process with a free malware scanning tool, security education and a free antivirus trial followed by a subsidized price on the software. |
|
|
| |
Latest zero-day attacks only target IE 6, Microsoft says
Security protections in newer versions of Internet Explorer help defend against ongoing attacks. Software giant urges users to implement workarounds. |
|
|
| 11 Jan 2010 |
|
| |
College learns lessons in choosing the right NAC appliance
After deciding to open up the wireless network to students, Tim Hanks of Stroud College realized he would need to install a NAC appliance to make sure the network stayed secure. Fi... |
|
|
| |
Microsoft to patch single Windows 2000 vulnerability
Patch for a Microsoft Server Message Block zero-day vulnerability in Windows 7 is still being tested, the software giant said. |
|
|
| |
Another PDF attack targets Adobe zero-day vulnerability
Trend Micro discovers malware attempting to exploit Adobe's latest zero-day vulnerability. A patch is due out next week |
|
|
| |
Security report finds rise in banking Trojans, adware, fewer viruses
Panda Security's 2009 annual report finds banking Trojans and account credential stealers dominating the threat environment. |
|
|
| |
PDF attack code complicates security analysis, skirts detection
Only 8 of 40 antivirus vendors can detect the latest PDF attack, which uses sophisticated coding to complicate security analysis and enable the author to push malware updates. |
|
|
| 04 Jan 2010 |
|
| |
Annual security reports offer some hope
U.K. Bureau Chief Ron Condon reviews end-of-the-year predictions from top vendors and reveals what he thinks may be in store for 2010. |
|
|
| |
GSM cell phone encryption crack may force operators to upgrade
Karsten Nohl, a widely known encryption expert, has cracked the GSM encryption algorithm and claims software is available for hackers to eavesdrop on calls. |
|
|
| 28 Dec 2009 |
|
| |
Gridsure finds global deal for its pattern-based authentication
Following a licensing agreement with CryptoCard Inc., Cambridge-based Gridsure Ltd. has received a major boost for its pattern-based authentication. |
|
|
| 23 Dec 2009 |
|
| |
Safend expands data leakage prevention product to plug more gaps
With the introduction of two new modules to its DLP suite, Safend Inc. says its product can now help identify sensitive data, and also inspect email and instant messages. |
|
|
| 18 Dec 2009 |
|
| |
Conficker-infected machines now number 7 million, Shadowserver finds
Despite inactivity, the number of bots created by the fast spreading Conficker/Downadup worm is in the millions, according to the Shadowserver Foundation, which monitors botnets. |
|
|
