Security Breaking News

Blue Coat slashes staff, buys S7 services company

Security-appliance vendor Blue Coat Systems is laying off of close to 20 percent of its staff and restructuring its business in a drive to increase profitability.
Is the Cisco MARS mission going into abort on non-Cisco security devices?

Is Cisco freezing support for any new non-Cisco security devices in the Cisco Security Monitoring, Analysis and Response System (MARS) appliance?
Major coding errors in Facebook, MySpace by developers

Social-networking sites MySpace and Facebook have apparently fixed coding errors that could have allowed an attacker access to all of their users' data and photos.
Apple seeks new sheriff to lock up iPhones

Just as a new hack, blacksn0w, promises to unlock iPhones with the latest Apple software from AT&T's wireless network, Apple is looking for a sheriff to lock the smartphones back up again, permanently.
Catbird tunes security software for public clouds

Catbird's new version of its security software for virtual environments can monitor resources running in Amazon's EC2 cloud.
Cable modem hacker busted by feds

An expert on cable modem hacking has been arrested by federal authorities on computer intrusion charges.
After one year, Conficker infects 7 million computers

The Conficker worm has passed a dubious milestone. It has now infected more than 7 million [m] computers, security experts estimate.
Facebook awarded $711 million in spammer case

Facebook was awarded US$711 million in damages from a convicted spammer on Thursday, but the social networking site is hoping a separate criminal action will eventually send him to jail.
Google Apps scores in L.A., with assist from Microsoft

Los Angeles City Council approved a $7.25 million five-year deal Tuesday in which the city will adopt Gmail and other Google Apps.
Internet phone systems become the fraudster's tool

Cybercriminals have found a new launching pad for their scams: the phone systems of small and medium-sized businesses across the U.S.
New spam: Your bank has failed, download this Trojan

Spam that tells victims their bank has failed urges them to on a link that will tell if their accounts are insured but that really tries to trick them into downloading a Trojan that will turn their machine into a bot.
Cisco buying Web security firm ScanSafe for $183 million

Cisco has announced plans to buy privately held ScanSafe, a maker of software-as-a-service (SaaS) Web security services for enterprises and small-to-midsize businesses, for $183 million.
Guardian jobs site falls victim to 'sophisticated' hack

A major U.K. newspaper has notified 500,000 people that details they posted to the newspaper's employment site may be in the hands of hackers.
Trend Micro bolsters virtualization security options

Trend Micro's Deep Security firewall/intrusion-protection system software for VMware's ESX server can protect multiple virtual machines on one physical server.
NIST SP800-53 Rev. 3: Key to Unified Security Across Federal Government and Private Sectors

Standards play a critical role in information assurance. Given the impossibility of defining a deterministic model that includes billions of users, millions of computers, and thousands of programs and protocols potentially interacting with each other unpredictably, we have to rely on human consensus about best practices if we are to progress in our field. Standards also provide a basis for demonstrating due care and diligence in fulfilling our fiduciary responsibilities to stakeholders.
NIST SP800-53 Rev. 3: Key to Unified Security Across Federal Government and Private Sectors

Standards play a critical role in information assurance. Given the impossibility of defining a deterministic model that includes billions of users, millions of computers, and thousands of programs and protocols potentially interacting with each other unpredictably, we have to rely on human consensus about best practices if we are to progress in our field. Standards also provide a basis for demonstrating due care and diligence in fulfilling our fiduciary responsibilities to stakeholders.
Gaping security hole turned 64,000 Time Warner cable modems into hacker prey

A blogger helping to tune a friend's wi-fi network uncovered a gaping security hole in Wi-Fi cable modem routers installed in 64,000 Time Warner subscribers' homes, leaving them open to attack.
IT pay cuts: Are you next?

As more companies enforce across-the-board pay cuts and unpaid furloughs, a rising tide of IT professionals is seeing its annual compensation decline and must decide whether to switch employers as a result.
Gartner on cloud security: 'Our nightmare scenario is here now'

Virtualization and cloud computing shaking up the old order, and the customary control is slipping away from security managers as the revolution unfolds.
Symantec calls 'SpywareGuard' and 'AntiVirus' top scareware threats

Fake security software "SpywareGuard" and "AntiVirus" are said to be the top two scareware programs out of about 250 fake security programs detected, according to a Symantec report.
Mozilla blocks Microsoft's sneaky Firefox plug-in

Mozilla late Friday blocked the Microsoft-made software that had put Firefox users at risk from attack.
Week in security: NASA fails, Microsoft sneaks, Zeus phishing, cyber security fiction?

A look back at the week's biggest security-related news stories.
Hacked Facebook apps lead to fake antivirus software

New applications are turning up on Facebook. Unfortunately, some of them are fake antivirus programs.
Understanding and implementing information security metrics

One of the cornerstones of the scientific method is measurability: a focus on defining the ways of counting or measuring aspects of reality that we hope will be strongly associated with the phenomena we are trying to understand.
Understanding and implementing information security metrics

One of the cornerstones of the scientific method is measurability: a focus on defining the ways of counting or measuring aspects of reality that we hope will be strongly associated with the phenomena we are trying to understand.