Massive 'Fake AV' Attack Launched
Scareware campaign targets consumers' credit card information with bogus offers of free antivirus services, warns Sophos.
InformationWeek (August 26, 2010)

Skeletal Scans Explored For Crime Fighting
Add biometrics of people's bone structures to the list of methods considered for identifying terrorists, criminals, or trusted individuals.
InformationWeek (August 26, 2010)

Novell Releases Cloud Security Service
Enforces access control and relays activity and compliance monitoring to identity management systems.
InformationWeek (August 25, 2010)

Vulnerability Disclosures Increase By 36% In 2010
IBM report finds "escape to hypervisor" attacks a growing virtualization concern.
InformationWeek (August 25, 2010)

Facebook Spam Conversion Rate Hits 47%
Return rate far exceeds e-mail, but people are starting to develop a resistance to clicking on Facebook and Twitter virally spreading links, finds F-Secure.
InformationWeek (August 24, 2010)

Microsoft Confirms Windows DLL Hijacking Vulnerabilities
Proof-of-concept code for the remote execution attack hits the wild; numerous applications at risk.
InformationWeek (August 24, 2010)

Adobe Patches Zero Day Vulnerabilities
Out-of-cycle updates fix bugs in Reader and Acrobat affecting Windows, Mac, and Unix.
InformationWeek (August 23, 2010)

Malware Contributed To Plane Crash
Investigation into Spanair flight 5022 finds that monitoring server had been disabled by Trojan application.
InformationWeek (August 23, 2010)

Cameron Diaz Is The Web's Most Dangerous Celebrity
New McAfee report investigates the most trendy noteables for cyber attacks, finds Barack Obama and Sarah Palin are among the safest.
InformationWeek (August 19, 2010)

Scareware Tricks Users Into Removing Antivirus Software
Version of the widespread "retrovirus" CoreGuard Antivirus, called AnVi Antivirus, aims for many well-known AV programs, warns Symantec.
InformationWeek (August 19, 2010)

Scareware Using Bing Results To Expand Attack
Mass rogue antivirus campaign tricking search engines to return malicious links using results from Microsoft's search engine.
InformationWeek (August 18, 2010)

Malware Spewing Widget Hacks 500,000 Websites
Security expert estimates that up to 5 million domains parked by Network Solutions are actively serving threats.
InformationWeek (August 17, 2010)

Spyware Hidden In Android Snake Tap Game
Free app is paired with GPS Spy, software that monitors a targeted device's location.
InformationWeek (August 17, 2010)

Passwords Quickly Hacked With PC Graphics Cards
Georgia Tech researchers find that high-end, readily available graphics processing units are powerful enough to easily crack secret codes.
InformationWeek (August 16, 2010)

Botnet Operator Comes Clean About Casino Scam
Busted GhostMarket.net member posted on an underground forum how he stole nearly $30,000 with credit card fraud.
InformationWeek (August 16, 2010)

Americans Expect Emergency Responders To Monitor Social Media
Red Cross finds that in a disaster many people would post cries for help on Facebook and Twitter, assuming they'd be answered.
InformationWeek (August 13, 2010)

Anti-Malware Gives Biggest Bang For Security Buck
Antivirus software, firewalls and having a CISO also deliver high returns, finds the Ponemon Institute.
InformationWeek (August 13, 2010)

Symantec Finds 92% Of All E-Mail Is Spam
Report also says phishing is down despite the rise of a new Live-Chat based attack that tries to trick people into giving up personal details.
InformationWeek (August 12, 2010)

Hackers Deflate Auto Tire-Pressure Sensors
Monitors in fast-moving cars can be damaged using spoofed wireless signals, leading to security, privacy, and safety threats.
InformationWeek (August 12, 2010)

Guidance Intros Forensics For Live Control Systems
Determines whether system failures are due to cyber attacks or benign problems, without taking mission-critical infrastructure offline.
InformationWeek (August 11, 2010)

Touchscreen Smudges Pose Security Risk
Residual fingerprint oils on smartphones, ATMs, and other devices may reveal passwords and other confidential data, find security researchers.
InformationWeek (August 11, 2010)

Green IT Making a Comeback
You may remember green IT, which made a big splash a few years back: Reduce carbon footprints, minimize energy consumption, rethink architecture, help the environment. Then the worst economic recession since the Great Depression threw everyone off of their game. Now, green may be making a comeback.
Dice (August 10, 2010)

McAfee Says Security Industry Failing On Cybercrime
Report outlines proactive, offense-based strategy needed to battle increasingly sophisticated threats.
InformationWeek (August 10, 2010)

Microsoft Investigating Color Management Bug In Windows 7
Vulnerability could provide an attacker with kernel-level access, but Microsoft's Patch Tuesday won't have a fix.
InformationWeek (August 10, 2010)

Web Browser Privacy Settings Flawed
Private and anonymous settings in Firefox, Internet Explorer, and others can expose more details than users expect, security researchers find.
InformationWeek (August 9, 2010)

Estonian Bank Hacker Extradited To U.S.
Sergei Tsurikov charged with masterminding sophisticated, $9 million computer fraud of RBS Worldpay system.
InformationWeek (August 9, 2010)

SonicWall Names Top 2010 Cybercrime Threats
Web-based attacks and threats to corporate cloud computing spiked spiked dramatically in the first half of 2010 according to a report from the firewall vendor.
InformationWeek (August 6, 2010)

Microsoft Previews Record-Setting Patch Tuesday
Redmond is expected to release 14 bulletins, addressing 34 vulnerabilities across Windows, Office, IE, SQL and Silverlight.
InformationWeek (August 6, 2010)

Most IT Pros Circumvent File Transfer Security Policies
Survey finds 69% of IT managers regularly send highly sensitive information -- payroll, customer, or financial data -- via unsecured e-mail, finds Ipswitch study
InformationWeek (August 5, 2010)

Data Retention Policies Absent Or Partially Implemented
Almost 90% of IT and legal pros value data retention plans, but less than half their organization have them and many fail to follow through with required technology, finds Applied Research survey.
InformationWeek (August 5, 2010)

Advocates Propose Child ID Theft Prevention Database
Database, to be shared with credit reporting agencies, would verify if a social security number belongs to a minor.
InformationWeek (August 4, 2010)

Security Specialists Support Cyberwarfare
Two-thirds of information security aficionados back government-promulgated online spying, hacking, or surreptitious malware installs, finds Sophos.
InformationWeek (August 3, 2010)

Microsoft Patches Windows Shell Vulnerability
With the out-of-band release, Microsoft also disclosed Office documents at risk from the "no user input required" shortcut icon attack.
InformationWeek (August 3, 2010)

IT Admins Say Web 2.0 Undermines Enterprise Security
Spending on Internet security technology lags perceived risk, finds Check Point-sponsored study from Ponemon Institute.
InformationWeek (August 2, 2010)

UK Government Stays With IE6
Experts say Microsoft Internet Explorer 6 is a security risk and should be replaced with newer browser.
InformationWeek (August 2, 2010)

Snort Creator Slams Open Source IDS Suricata
Martin Roesch expressed disappointment with the Open Information Security Foundation's efforts, and touted Razorback, Sourcefire's open source analysis and detection engine, as truly innovative.
InformationWeek (July 30, 2010)

Symantec Revenue Flat, McAfee Profits Up 4%
TenCube, developer of the WaveSecure mobile security service platform, will be acquired by McAfee, the company announced, to broaden its security capabilities.
InformationWeek (July 30, 2010)

How to Score a Job in Mobile Gaming
Want to break into mobile games? (Screenshot at right: Plants versus Zombies on an iPad.)
Dice (July 29, 2010)

Oracle Patches Bug Crashing Eclipse
Changing the company field name from Sun to Oracle in latest Java update caused the Eclipse software development environment to fail.
InformationWeek (July 29, 2010)

Mariposa Botnet Creator Arrested
Developer of the malware, used to create almost 10,000 unique pieces of malicious software, was busted in Slovenia.
InformationWeek (July 29, 2010)

WikiLeaks Tests Feasibility Of Government Data Security
Governments will always face the twin challenges of balancing the need for secrecy with the need to collaborate, say experts.
InformationWeek (July 28, 2010)

Security Pros See Cloud As Top Risk
Fewer than 2% have seen serious incidents caused by employee mobile device or social network use, finds RSA survey.
InformationWeek (July 28, 2010)

Sophos Blocks Windows Shell Attacks
Malware protection tool doesn't blank out shortcut icons like Microsoft's proposed workaround for the active exploit.
InformationWeek (July 27, 2010)

Scientists Reveal Location Based Cryptography
Quantum mechanics used to encrypt and decrypt data at a secure location without pre-sharing any cryptographic keys.
InformationWeek (July 27, 2010)

Zeus Malware Anti Piracy Measures Thwarts Competitors, Researchers
Zbot financial malware only works when executed on one specific machine and from one specific path, similar to hardware-based licensing systems employed by major software companies.
InformationWeek (July 26, 2010)

Mobile Security, Privacy Concerns Decreasing
U.S. consumers remain reluctant to conduct financial transactions on their phones, finds KPMG survey.
InformationWeek (July 26, 2010)

Windows Shell Attacks Increase
Microsoft and Siemens released tools to combat the zero-day exploits which autorun malicious code from USB drives.
InformationWeek (July 23, 2010)

Imperva Identifies Cloud Based Phishing Kit
Cybercriminals can create attacks spoofing 16 sites, including Facebook, RapidShare and Skype, using the next-generation phishing toolkit.
InformationWeek (July 23, 2010)

Employees Influencing Enterprise IT
Demand for consumer-oriented devices in the workplace causing IT leaders to rethink how they procure and secure technology, a new survey finds.
InformationWeek (July 22, 2010)

Dell Shipped Malware Infected Motherboards
W32.Spybot worm discovered in flash memory on some replacement PowerEdge server motherboards.
InformationWeek (July 22, 2010)

McAfee Releases Mac Security Tools
Internet Security and Family Protection for Apple Mac aimed at making Web browsing safer.
InformationWeek (July 21, 2010)

Cybersecurity Expert Shortage Puts U.S. At Risk
Presidential commission proposes overhauling certifications to increase cybersecurity professional quality and quantity.
InformationWeek (July 21, 2010)

IBM Adds Web App Firewall To IPS Appliances
The 4.1 firmware release for the Security Network Intrusion Prevention System line of appliances includes client-side application protection, data security, web application protection and application control.
InformationWeek (July 16, 2010)

Malware Spreading Via USB Drives
The Stuxnet rootkit launches even with AutoRun and AutoPlay disabled and is known to affect Windows 7 Enterprise Edition x86 operating systems.
InformationWeek (July 16, 2010)

Mozilla Disables Firefox Add-On, Recommends Upgrade
The disabled Mozilla Sniffer was intercepting login data and transmitting it to a third-party website; upgrading to the latest version of the CoolPreviews add-on is recommended due to security vulnerability.
InformationWeek (July 15, 2010)

McAfee Launches Identity Theft Protection Service
The subscription service includes daily monitoring of the three major credit-reporting agencies, public records, Internet scanning and suspicious activity alerts.
InformationWeek (July 15, 2010)

US Extends Spam Lead
Twice as much spam comes from the United States as any other country in the world, finds Sophos.
InformationWeek (July 14, 2010)

Cybercrime Threats Gaining Complexity
As current attacks become less effective, there's a corresponding increase in more difficult-to-detect combined attacks, finds M86 study.
InformationWeek (July 14, 2010)

Oracle Patches 59 Vulnerabilities
Sun Solaris product suite, Oracle Database Server, Fusion Middleware, and Supply Chain Products Suite vulnerable to remote exploitation, with no authentication required.
InformationWeek (July 13, 2010)

Social Networking Weakens Enterprise Security
Trend Micro survey finds 24% of employees access social networks from their business computers.
InformationWeek (July 13, 2010)

Microsoft Ends Support For Windows XP SP2
Almost half of all PCs still run the operating system, which could leave organizations exposed to new malware, with no way of patching the vulnerabilities.
InformationWeek (July 13, 2010)

Microsoft Reveals Source Code To Russia
Government Security Program allows access to software code to facilitate development of secure national computing infrastructures.
InformationWeek (July 12, 2010)

Phishing, Spam Containing Malware Increase
Spammers seeking to rebuild botnets after legal actions shut down several zombie networks are driving a surge in malware-containing spam according toe Symantec.
InformationWeek (July 9, 2010)

ID Thefts Go Unreported Despite Notification Laws
The Identity Theft Resource Center says one-third of breaches appear to be malicious, but a lack of transparency and accountability may be masking true extent of problem.
InformationWeek (July 9, 2010)

NIST Updates Federal Cybersecurity Guidelines
National Institute for Standards and Technology simplified security assessment and control procedures to focus on near-real-time risk management.
InformationWeek (July 8, 2010)

Firewall Market To Grow 6.7% Annually
An emerging fourth generation of products will propel the uptick through 2016, finds Frost & Sullivan.
InformationWeek (July 8, 2010)

Internal Sabotage Security Risks Rising
Snooping by IT administrators is also increasing, according to a survey from Cyber-Ark Software.
InformationWeek (July 7, 2010)

Microsoft Challenged By Security Researchers
Group dubbed Microsoft-Spurned Researcher Collective promises open and free disclosure of vulnerability information.
InformationWeek (July 7, 2010)

McAfee Signs Deal To Secure USB Drives
Two thirds of worldwide USB manufacturers have agreed to ship McAfee security software on their devices to guard against malware.
InformationWeek (July 7, 2010)

Croatian Beaches in 5...
Never mind that the beaches are mostly made of pebbles and rocks, Croatia’s islands, off the coast of Dalmatia, make for a singular beach getaway that won’t wreck your budget.
Fox News (July 6, 2010)

Botnet Viruses Target Symbian Smartphones
Nokia, Samsung and Sony Ericsson smartphones are among those running the two Symbian operating systems vulnerable to attack according to NetQin.
InformationWeek (July 6, 2010)

Security Managers Report Weak Threat Defenses
Many organizations don't realize when they're being hit by zero-day and other advanced attacks, and they aren't responding effectively either, the Ponemon Institute reports.
InformationWeek (June 29, 2010)

Novell Releases Log Management Software Appliance
Sentinel Log Manager records events from physical, virtual, and cloud environments, either as a virtual appliance or loaded on dedicated hardware.
InformationWeek (June 29, 2010)

Social Network Security Policies Lacking
Symantec survey finds half of social networking at work is for business purposes, but many organizations don't have appropriate security policies or enforcement.
InformationWeek (June 28, 2010)

Network Security Threats Increasing
IT managers say mounting vulnerabilities combined with insufficient budgeting and staffing put their organizations at risk.
InformationWeek (June 25, 2010)

Comodo Warns Of VeriSign SSL Vulnerability
VeriSign said the supposed certificate request flaw is actually a feature and accused Comodo of not following standard vulnerability disclosure guidelines.
InformationWeek (June 25, 2010)

White House Preparing National Online ID Plan
The proposed system for authenticating people, organizations and infrastructure on the web at the transactional level will require an identity ecosystem.
InformationWeek (June 25, 2010)

V.i. Labs Launches SaaS Software Piracy Tool
For small and midsize independent software vendors, CodeArmor Software Intelligence Online collects usage data and tracks unlicensed copies.
InformationWeek (June 25, 2010)

Palo Alto Introduces Security For Cloud, Mobile Users
GlobalProtect applies firewall policies to users when they use PCs, mobile devices and in the cloud.
InformationWeek (June 22, 2010)

Teens Engage In Risky Online Behavior
McAfee study finds teenagers often share personal information, including their name, location, or cell phone number, with strangers.
InformationWeek (June 22, 2010)

Trend Micro Announces Hybrid SaaS Email Security
The InterScan Messaging Security Virtual Appliance combines a virtual appliance with SaaS-based inbound email security.
InformationWeek (June 22, 2010)

Symantec SMB Study Shows Security Concerns Rising
SMBs rank information loss and online attacks as their leading worries with more than 40% losing data in the past year and more than 70% victimized by cyberattacks.
InformationWeek (June 22, 2010)

Apple Increases Mac OS X Malware Protection
Defenses against the HellRTS Trojan were included -- but not documented -- in the Mac OS X 10.6.4 update this week.
InformationWeek (June 18, 2010)

Internet Fraud Alert Program Launched
Microsoft, FTC, PayPal back program for sharing information on compromised account credentials.
InformationWeek (June 18, 2010)

More Firms Outsourcing Security To MSSPs
Managed security service provider market is expected to reach $3.9 billion in 2016 because of increased attacks and economic pressures.
InformationWeek (June 17, 2010)

Social Networks Pose E-Discovery Risks
Growing corporate use of Twitter, Facebook, and cloud-based applications are creating new e-discovery demands, but c-level awareness of risks remains scarce.
InformationWeek (June 17, 2010)

Juniper Releases SSL VPN Client For Mobile Devices
Enterprise networks gain secure connections with laptops, netbooks, and mobile devices including Windows Mobile, Symbian, and iPhone 4G.
InformationWeek (June 16, 2010)

Corporate Boards Weak On Security, But Improving
Study finds more than half of Fortune 1000 companies lack a CISO, but the number of organizations with cross-functional teams for managing security and privacy is up significantly.
InformationWeek (June 16, 2010)

Symantec Releases Norton Family Monitoring Software
The free service is meant to block inappropriate Web sites and monitor kids' social networking habits.
InformationWeek (June 15, 2010)

Facebook Hit With Clickjacking Attack
The social network is not doing enough to stop the worms, Sophos poll reveals.
InformationWeek (June 15, 2010)

SQL Injection Attacks Return
The malicious iFrame attack infected 1,000 web pages by exploiting vulnerabilities in web applications.
InformationWeek (June 15, 2010)

Sophos Releases iPhone Security News App
Free application features quick, graphical look at the top viruses, spam, and malware in circulation.
InformationWeek (June 14, 2010)

World Cup IT Security Follows Swiss Rules
Mahindra Satyam, the soccer tournament's official IT services provider, is responsible for safeguarding 160,000 users, the distribution of 3 million tickets, and 40 terabytes of data.
InformationWeek (June 11, 2010)

Microsoft Security Vulnerability Disclosed
A Google security researcher revealed the flaw; Microsoft may release out-of-cycle fix.
InformationWeek (June 11, 2010)

Sophos Extends Antivirus To Cloud
Live security lookups and a refined host intrusion prevention system scan for viruses, malware, and malicious Web sites.
InformationWeek (June 10, 2010)

IBM Boosts Secure Development Practices
Focus is on making security an integral part of software, Web services, cloud, and portal development practices.
InformationWeek (June 10, 2010)

Massive Malware Hits Media Web Sites
Security researchers estimate that roughly 7,000 Web pages were compromised in a SQL injection attack this week, including The Wall Street Journal and Jerusalem Post.
InformationWeek (June 10, 2010)

Microsoft Patch Tuesday Brings Slew Of Fixes
Ten advisories detailing 34 vulnerabilities -- 6 deemed "critical"-- round out the June security patch cycle.
InformationWeek (June 9, 2010)

Passwords' Value Lie In Psychology, Not Security
Poor password security and rampant reuse means less-secure Web sites are a gateway to high-value targets for attackers.
InformationWeek (June 9, 2010)

Palo Alto Offers 'Read Only' Facebook Access
Next-generation firewalls are increasingly blending not just packet inspection, but also IPS, policy enforcement, and better security intelligence.
InformationWeek (June 8, 2010)

Trend Micro Launches Antivirus For Virtual Desktops
The goal is to prevent a performance hit from 100 virtual desktops all scanning and "phoning home" at once.
InformationWeek (June 7, 2010)

Zero Day Attack Targets Adobe
No patches yet while exploits are actively targeting Adobe's Flash, Acrobat and Acrobat Reader
InformationWeek (June 7, 2010)

Panda Intros Cloud Antivirus Service
The majority of Panda's virus, worm, malware, and Trojan signatures are stored in the cloud, reducing PC processing requirements.
InformationWeek (June 5, 2010)

FTC Settles With Spyware Firm
CyberSpy is barred from advertising that its kelogger can be installed on a PC without the owner's knowledge.
InformationWeek (June 5, 2010)

Facebook Clickjacking Worm Persists
Spread via status messages, there's no mention of the 'likejacking' attack on Facebook's security page.
InformationWeek (June 3, 2010)

Android Malware's Potential Detailed
Rootkits like the proof-of-concept developed by researchers could be used for eavesdropping or forcing smartphones to reveal its GPS coordinates.
InformationWeek (June 3, 2010)

SMB Security Monitoring Gaining Sophistication
Preventing breaches and attacks is increasingly driving security information and event management tool adoption for small and midsize businesses.
InformationWeek (June 2, 2010)

IE6 Browser Remains Attack Magnet
More than one-quarter of all Web traffic still flows to Microsoft's Internet Explorer 6 browser, which lacks a number of current security features, study shows.
InformationWeek (June 1, 2010)

Radware Security Appliance Targets Hybrid Attacks
APSolute Attack Prevention combines intrusion prevention, network analysis, denial-of-service prevention and on-call security expertise.
InformationWeek (June 1, 2010)

Feds Bust 'Scareware' Ring
Three men allegedly used fake antivirus warnings and advertisements to sell $100 million worth of bogus software.
InformationWeek (May 28, 2010)

IBM Distributes Malware At Security Conference
Promotional USB thumb drives carried an unintended freebie: a keystroke-monitoring Windows worm.
InformationWeek (May 28, 2010)

Cheap Botnets A Boon To Hackers
Easy access to cheap botnet rentals and sophisticated attack tools are lowering the barriers to entry for criminals who can’t code.
InformationWeek (May 28, 2010)

Symantec Enhances SMB Security Suite
For small and midsize businesses, Symantec will offer improved endpoint security, backup capabilities, disaster recovery and messaging security this summer.
InformationWeek (May 27, 2010)

McAfee To Buy Trust Digital
The deal arms McAfee with enterprise mobile management and security software including the capability to manage enterprise iPhones.
InformationWeek (May 26, 2010)

Twitter For iPhone Attracts Malware
Hackers are deploying Trojans within links in tweets. One aims to swipe users' banking information.
InformationWeek (May 25, 2010)

Novell ID Manager 4 Spans Enterprise, Cloud
Identity Manager 4 targets automated ID management ecosystem, including tie-ins to Salesforce.com and Microsoft's SharePoint.
InformationWeek (May 25, 2010)

Paris in 5...
Learn how Parisians have their cake and eat it, on the cheap.
Fox News (May 24, 2010)

SmartCarving Technique Aces Data Recovery
The forensic data retrieval method reconstructs 99% of images stored on hard drives or media cards, and can be extended to text.
InformationWeek (May 13, 2010)

Symantec Offers SaaS Endpoint Security
The cloud-based service offers to secure PCs and servers with antivirus, antispyware, firewall, and HIPS.
InformationWeek (May 13, 2010)

Guidance To Buy Tableau For $12.3 Million
The deal to buy the forensic hardware maker Tableau aims to provide Guidance Software with 'write-blockers' to protect data during computer forensics evidence-gathering.
InformationWeek (May 12, 2010)

Software Piracy Dips, Despite Recession
In 2009, the United States recorded the lowest level of software piracy worldwide.
InformationWeek (May 12, 2010)

Malware Attack Bypasses Major Defenses
Almost all known anti-virus PC security suites are vulnerable to the bait-and-switch attack which cloaks attack code from security scanners.
InformationWeek (May 11, 2010)

Cybersecurity Summit Ends With Call To Action
Despite threats of infrastructure attacks, scant attention was paid to control systems during a global security conference.
InformationWeek (May 11, 2010)

Rise of the Service Catalog Manager
Is it time to run IT like a business?
Dice (May 10, 2010)

ATM Hack Demo Planned For Black Hat
A banned demonstration of remote and local ATM vulnerability exploits is set to resurface at the Black Hat Security Conference July 24th - July 29th in Las Vegas.
InformationWeek (May 10, 2010)

Symantec Posts 4Q Profit
Strong enterprise demand for hosted services, data loss prevention, backup, and archiving help push security vendor into black.
InformationWeek (May 7, 2010)

Sony Blocks Linux On PS3
Removal 'for security reasons' of the 'Install Other OS' capability prompts a class action suit from PlayStation 3 owners.
InformationWeek (May 6, 2010)

Express Airport Security Set To Resume
Alclear purchases assets of popular -- but defunct -- airport express security provider, Clear, and prepares to restart the service this autumn.
InformationWeek (May 6, 2010)

Cybersecurity Summit Targets Public, Private Cooperation
A gathering of tech industry leaders, policymakers, and national security officials aims to address the risks of cyberattacks on infrastructure.
InformationWeek (May 4, 2010)

China Missing From Top Spammers List
The majority of spam produced globally comes from the United States, followed by India and Brazil. China isn't in the top 15, says a Sophos report.
InformationWeek (May 3, 2010)

The Rise of Self-Encrypting Drives
Automated drives protect at-rest data, but are they ready for business use?
Dice (March 16, 2010)