Security News |
|
04 Jun 2009 |
|
|
Microsoft plans 10 security updates, fixing IE, Word, Excel vulnerabilities
The software giant plans to issue six critical bulletins repairing flaws in Internet Explorer, Word, Excel and Office. |
|
|
|
DHS fills National Cybersecurity Center post
Former Microsoft executive Philip Reitinger will lead the DHS' cybersecurity operations, filling a post vacated by Rod Beckstrom. |
|
|
|
ATM malware lets attackers take over machines
(SearchFinancialSecurity.com)
Trustwave investigators say sophisticated malware used in Eastern Europe allows attackers to steal track data, PINs and cash from infected ATMs. |
|
|
03 Jun 2009 |
|
|
Experts optimistic of Obama cybersecurity plan
(Security Wire Weekly podcast)
Information Security magazine's Michael Mimoso reported on the Obama cybersecurity announcement. He interviewed security experts Howard Schmidt, Paul Kocher and Patricia Titus. |
|
|
|
Stolen FTP credentials likely in massive website attacks
The latest website attack techniques use stolen user credentials instead of website vulnerabilities to crack websites and spread malware. |
|
|
|
IT pros can detect, prevent website vulnerabilities, thwart attacks
Until vendors release a cohesive set of tools to protect against website attacks, IT security pros have a number of ways to detect vulnerabilities. |
|
|
|
Sophos integrates encryption into endpoint security
(SearchSecurityChannel.com)
Sophos Endpoint Security and Data Protection is the first software to integrate encryption from its acquisition of Utimaco in 2008. |
|
|
02 Jun 2009 |
|
|
Examining Conficker: When a worm becomes a botnet
Conficker may be backed by a well funded group or government intending to silently collect information. Though the hype has waned, Conficker could lead to a much larger threat. |
|
|
|
WH cybersecurity plan needs private sector guidance
The job of critical infrastructure protection must include guidance from the private sector to put best practices to work at the federal level. |
|
|
29 May 2009 |
|
|
Hackers targeting unpatched Microsoft DirectShow flaw
Software giant is investigating a newly discovered flaw in DirectShow's QuickTime parser that could allow an attacker to execute code remotely |
|
|
28 May 2009 |
|
|
Trust eroding as social engineering attacks climb in 2009, says Kaspersky expert
Kaspersky Lab researchers have tracked more than 25,000 malware samples spreading through social networks in 2009. |
|
|
|
Simple information security mistakes can cause data loss, says expert
(SearchSecurity.co.uk)
It doesn't take the latest technology to stop a data breach. Many times, your threat profile can be reduced by following these often neglected basic security practices. |
|
|
|
RIM patches serious BlackBerry Attachment Service flaws
Multiple flaws in the BlackBerry Attachment Service could allow an attacker to pass a malicious PDF file and gain access to system files. |
|
|
27 May 2009 |
|
|
EMC adds configuration management with Configuresoft acquisition
EMC said it would move Configuresoft into its Resource Management Software Group. The software could detect configuration changes in both virtual and physical environments. |
|
|
26 May 2009 |
|
|
White House cybersecurity czar faces major hurdles
A new cyberczar must reduce interagency squabbles, work with Congress on legislation, but avoid getting bogged down in red tape and bureaucracy, experts say. |
|
|
|
Organizations struggle with data leakage prevention, rights management
Employee use of Web-based services and poor judgment can easily defeat the technologies. But better use of the audit, discovery and reporting features can make them more effective. |
|
|
21 May 2009 |
|
|
Adobe shifts to Microsoft patching process, incident response plan
Adobe Systems Inc. said it would bolster its patch management strategy, issuing quarterly updates for its adobe Reader and Acrobat PDF software. |
|
|
|
RBS WorldPay regains spot on Visa's PCI compliance list
(SearchFinancialSecurity.com)
Payment processor returns to Visa's list of service providers that are compliant with the PCI Data Security Standard. |
|
|
20 May 2009 |
|
|
IT managers under pressure to weaken Web security policy
A new survey suggests senior and mid-level executives want to expand use of social networking platforms, cloud-based collaboration tools and other applications. |
|
|
19 May 2009 |
|
|
US-CERT warns of Gumblar, Martuz drive-by exploits
Websites poisoned with the Gumblar and Martuz drive-by download exploits could pass on malware to users who don't have their patches up to date. |
|
|
|
Microsoft warns of IIS zero-day vulnerability
A zero-day flaw in Internet Information Services (IIS) could be exploited to elevate privileges and gain access to sensitive data. US-CERT warns of active attacks in the wild. |
|
|
Security News Archive |