Skip Links

Security Breaking News

  • Valentine's Day Patch Tuesday: Microsoft to issue 9 patches, 4 critical
    Microsoft Thursday said that the second Patch Tuesday of 2012 will see nine security bulletins, four of which were deemed critical.
  • Foxconn said to have been hacked by group critical of working conditions
    Hackers claimed to have stolen internal data from Apple supplier Foxconn, and leaked the information online, in response to media reports of poor working conditions at the electronics manufacturer's factories in China.
  • Free Web tool consolidates data on code vulnerabilities
    Enterprise coders can now use an open source Web application that lets them consolidate software vulnerability data from a range of scanning and test tools. With a centralized view, and reporting and management tools, ThreadFix speeds the work needed to fix software bugs and vulnerabilities, including those in proliferating mobile apps.
  • Symantec verifies stolen source code posted by Anonymous is "legitimate"
    Symantec is in an ongoing fight against hackers in the group Anonymous that last January attempted to extort a payment of around $50,000 from Symantec in exchange for not publicly posting stolen Symantec source code they had stolen for various older Symantec security products dating to 2006.
  • Anonymous claims to have released source code of Symantec's pcAnywhere
    Hacker group Anonymous claimed late Monday that the source code of Symantec's pcAnywhere had been uploaded on The Pirate Bay site.
  • Data breach? Blame your third party's remote access systems
    An in-depth study of data-breach problems last year where hackers infiltrated 312 businesses to grab gobs of mainly customer payment-card information found the primary way they got in was through third-party vendor remote-access applications or VPN for systems maintenance.
  • Armored-truck company entrusts tracking software to Windows Azure cloud
    U.K.-based cash-transport firm G4S is trusting the security of Microsoft's Windows Azure cloud service to keep safe the application that tracks where the money is as it travels to and from customers and the company's vaults in armored trucks.
  • Mobile device management: Apple's extra little tricky requirement
    Anyone wanting to buy mobile-device management (MDM) software to manage Apple iOS devices will find they need a special digital certificate from Apple to activate it, a requirement that doesn't apply to the same MDM software that would be used to manage Google Android devices, for instance.
  • Lawsuit raises questions about email privacy at work
    A recent lawsuit filed against the U.S. Food and Drug Administration is drawing attention to the question of whether employees have a reasonable expectation of privacy when using personal email accounts on workplace computers.
  • Google finally scans malware-ridden Android Market
    The Bouncer service analyzes apps in Android Market for known malware, spyware, and trojans
  • VeriSign admits multiple hacks in 2010, keeps details under wraps
    VeriSign, the company responsible for guiding most of the world's Internet users to the correct websites and once the largest encryption certificate issuing authority, was successfully hacked several times in 2010.
  • HTC Android phone flaw fix not coming until next week for some
    Some users of HTC Android phones will have to wait until next week to get a fix for a problem that could leak credentials used to gain access to Wi-Fi networks, including corporate networks.
  • 4 Ways to Prevent Domain Name Hijacking
    On the night of Monday, January 23, the hacktivist group UGNazi hijacked Coach.com, the Internet domain name of luxury goods manufacturer Coach. For several hours, fashionistas who wanted to ogle Coach's new Willis handbag on Coach.com or get a deal on its Penelope shoulder bag at Coachfactory.com were redirected to UGNazi's cryptic website. Imagine the confusion--and frustration--the redirect must have caused in their coiffed little heads--not to mention the wear and tear on their manicured nails as they typed and retyped coach.com and coachfactory.com into their browser windows.
  • IRS helps bust 105 people in massive identity theft crackdown
    The Internal Revenue Service and the Department of Justice teamed up for a coast-to-coast crackdown on identity thieves this week.
  • Feds say Megaupload user content could be deleted this week
    Federal prosecutors say that two companies hosting Megaupload's servers in the U.S. could begin deleting all user content on them as early as Thursday.
  • McAfee Mobile 2.0 moves beyond virus protection
    Intel-owned McAfee has released Mobile Security 2.0, which allows users of Android-based smartphones and tablets to keep better track of what applications are up to, the company said on Monday.
  • F5 says Big-IP is a network firewall
    F5’s Big-IP application delivery controllers are now certified as network firewalls, meaning they can replace separate network firewalls businesses might already have in place to meet regulators’ requirements.
  • Lookout Security rebuts rival's Android malware claims
    Researchers from Lookout Security disagreed with rival Symantec that 13 apps on the Android Market were malicious, instead saying that they showed the same behaviors as other ad-supported apps.
  • Google, Microsoft, Facebook, Bank of America team to wipe out phishing
    Can industry heavyweights Google, PayPal, Microsoft and AOL -- along with 11 others in high-tech such as Facebook and LinkedIn, as well as the financial world's Bank of America and Fidelity Investments -- succeed in stopping phishing attacks right in their tracks? In uniting behind an effort called DMARC.org unveiled today, the group says it can through policy-based steps filter out spoofed email that attackers use for phishing.
  • Security roundup: The triumph of hactivists, the sorrow of Symantec
    It was another busy week for hactivists attacking the online targets of their ire. This time, hackers under the banner AntiSec appeared to have hacked the website of OnGuardOnline.gov, the U.S. government's online security website, in protest against the much-railed-against legislation Stop Online Piracy Act (SOPA) as well as other bills regarding intellectual protection. Similarly, the group Anonymous is believed to be behind the distributed denial-of-service attack on Thursday that brought down the European Parliament's website in what is thought to be retaliation for European support for the shutdown of the Megaupload file-sharing site the week before. Anonymous also opposes a treaty being ratified in Europe now called the Anti-Counterfeiting Trade Agreement. That deals with infringement of intellectual property rights.
  • CloudPassage launches new security product for public clouds
    CloudPassage is launching a new security product for virtual servers in public clouds such as Amazon Web Services that it says takes care of the all-important need for security when using services from infrastructure providers.
  • EU privacy overhaul: Small businesses get exemptions
    Most start-ups and small businesses with fewer than 250 employees will be exempt from a new obligation to appoint a data protection officer, according to the European Union's (EU) new data privacy proposals.
  • A vision for secure mobility management in the enterprise
    There's been a lot of buzz lately about secure mobility in the enterprise, but often the focus is on just one or two aspects of the entire mobile device security landscape. While malware protection, mobile device management (MDM) and VPN are certainly valuable tools in protecting mobile devices, each of these strategies alone can provide only partial protection. And in a bring your own device (BYOD) corporate environment, the risks of "only partial protection" can be quite large.
  • Can cloud-based collaborative data-sharing be secure enough for defense systems?
    Though wariness about the perceived lack of security in cloud-based services is often voiced, there are some situations where the opposite is the case. Some businesses mindful of security say the cloud services that are important to them have done a lot of work to meet their expectations about security.
  • 2011 'eventful year for Mac malware'
    2011 was an eventful year for Mac malware, seeing the release of the 'most effective and widespread malware' targeting Macs to date, according to Intego.

Most Read

View more Most Read

Videos

rssRss Feed

Latest News

rssRss Feed