View Full Version : Security News



  1. Most small businesses can't restore all data after a cyber attack
  2. Google researcher publishes Windows 0-day exploit
  3. Not the Mobile Antivirus You Were Looking For
  4. Cloud security for Windows, Android and iOS
  5. Google researchers publish Windows 0-day exploit
  6. Is data fragmentation putting businesses at risk?
  7. BIND 9 Update fixing CVE-2013-3919, (Wed, Jun 5th)
  8. Wireshark 1.10.0 Stable Released http://www.wireshark.org/download.html, (Wed, Jun 5th)
  9. Windows 8.1 bolsters biometrics for authentication
  10. Researchers find Java users woefully tardy on patching
  11. Apple fixes irritating Mountain Lion bugs, firms up Java defenses
  12. Mac OS X 10.8.4 fixes iMessage ordering issue, more
  13. Review: Bad Data Handbook
  14. Windows 8.1 will allow locking folders with a finger
  15. Most businesses experienced a mobile security incident
  16. The need for a collaborative effort against cybercrime
  17. Internet-savvy Turkish protesters turn to anti-censorship apps
  18. Cyberespionage campaign 'NetTraveler' siphoned data from hundreds of high-profile targets, researchers say
  19. Researchers find Java users woefully tardy on patching
  20. Exclusive research: IT commits to cloud computing
  21. Possibly related DDoS attacks cause DNS hosting outages
  22. Spyware sold to foreign governments aimed at U.S. woman critical of Turkish movement
  23. Net neutrality soon to be on EU's agenda
  24. Cyberespionage campaign targeting government-affiliated organizations
  25. Apple releases OS X 10.8.4
  26. Managed services for web, cloud and mobile app security
  27. Solution for Active Directory-based single sign-on
  28. Online password manager for business
  29. Damballa now detects malicious P2P communications
  30. Windows Sysinternals Updated http://technet.microsoft.com/en-us/sysinternals/default.aspx, (Wed, Jun 5th)
  31. Google biometrics tests show there's no magic pill for passwords
  32. FBI warns car buyers against scammy online deals
  33. E-voting system used in French election is flawed
  34. Our Mac Team Wants Beta Users
  35. Web developer devises new phishing trick
  36. Defending against exploit kits
  37. Plugging network leaks
  38. Malware going retro in 2013, security firm finds
  39. Maine may be first state to require a warrant for cellphone tracking
  40. Changes to the Java security model
  41. U.S. judge orders Google to share user info with the FBI
  42. The rise of the Koobface social networking worm
  43. Deloitte acquires Vigilant's cyber security services business
  44. The enterprise security time bomb
  45. Security software market grew 7.9% in 2012
  46. LinkedIn unveils optional 2-step verification
  47. Google won't allow facial recognition on Glass
  48. Knowing where to look for the owner of an offending IP address, (Mon, Jun 3rd)
  49. McAfee sees surge in spam, Koobface samples, MBR attacks
  50. What Google, Facebook and Twitter are doing right with website security
  51. Google nixes Glass facial recognition due to privacy concerns
  52. Exploit Sample for Win32/CVE-2012-0158, (Sat, Jun 1st)
  53. Security analytics will be the next big thing in IT security
  54. 7 things you can do to make Internet Explorer more secure
  55. Google zero-day disclosure change slammed, praised
  56. Oracle's Java security improvements don't quite satisfy
  57. LinkedIn aims to keep hackers out with two-factor login
  58. Oracle reveals plans for Java security improvements
  59. Largest ever DDoS attack directed at financial firm, Prolexic reports
  60. Beware of Android Defender mobile scareware
  61. Police and FBI must return seized materials to Kim Dotcom
  62. VMware releases new and updated security advisories, (Fri, May 31st)
  63. Becoming a computer forensic examiner
  64. Software vendors should respond to actively attacked vulnerabilities within seven days, Google says
  65. Dropbox goes down for more than an hour
  66. Mobile phone security no-brainer: Use a device passcode
  67. Motorola is working on electronic tattoos and authentication pills
  68. Questioning Google's disclosure timeline motivations
  69. Employees continue to use risky apps on mobile devices
  70. Amazon launches sign-in service
  71. Parents should be concerned about app security
  72. University of Illinois CS department machines compromised
  73. ISACA releases guide for performing business-relevant assessments
  74. Real-time identity alerts reduce fraud losses
  75. Apache server bug allows remote code execution
  76. University fined $400,000 after disabled firewall put medical records at risk
  77. Twitter SMS authentication security won't stop attacks, say experts
  78. When malware strikes: How to clean an infected PC
  79. Online money laundering bust casts light on Bitcoin
  80. Timely malware: How spammers turn a profit from our misfortune
  81. Microsoft plugs security systems into its worldwide cloud
  82. Reveton 'police virus' malware still being used by multiple gangs
  83. Evernote rolls out 2-factor authentication for paying customers
  84. Profiling modern hackers: Hacktivists, criminals, and cyber spies
  85. Drupal resets account passwords after detecting unauthorized access
  86. FAQ on global supply-chain security standard to prevent IT tampering, counterfeiting
  87. McAfee offers business endpoint security suites for broader protection
  88. F-Secure Globe
  89. Microsoft moving bot-busting fight to the cloud
  90. How Top CIOs Tackle Big Data, Analytics and Cloud Security
  91. Amazon Web Services integrates with Google, Facebook for easier logins
  92. Signature-based endpoint security on its way out
  93. Phishing gang jailed for plundering woman's $1.6 million life savings
  94. Decryption disclosure doesn't violate Fifth Amendment, judge rules in child **** case
  95. Private retaliation in cyberspace a 'remarkably bad idea'
  96. Migration and monitoring of Microsoft environments
  97. Google defines disclosure timeline for actively exploited bugs
  98. Drupal.org forces password reset following breach
  99. The social smart lock of the future
  100. Automate your way out of patching hell
  101. GFI Software buys online backup vendor IASO
  102. Drupal.org & group.drupal.org password disclosure, (Thu, May 30th)
  103. Chinese army announces drill to test its digitalized forces
  104. Running Snort on VMWare ESXi, (Wed, May 29th)
  105. Judge orders **** suspect to decrypt his hard drives
  106. Ruby on Rails bug is being exploited in the wild, researcher warns
  107. Harvard dean who okayed secret faculty email search steps down
  108. Anonymous member pleads guilty to Stratfor hack
  109. The Future: No Hiding Place
  110. Hackers exploit Ruby on Rails vulnerability to compromise servers, create botnet
  111. Anonymous hacker Jeremy Hammond pleads guilty
  112. Review: Online password management with my1login
  113. Liberty Reserve laundered $6 billion through illegal transactions
  114. Addonics releases CipherUSB family of hardware encryption solutions
  115. Backup large data with Big Cloud
  116. McAfee unveils Complete Endpoint Protection suites
  117. How to Secure USB Drives and Other Portable Storage Devices
  118. US weapons system designs were reportedly viewed by Chinese hackers
  119. Can mobile malware be activated via sensors?
  120. U.S. weapons systems designs reportedly stolen by hackers
  121. How secure is quantum cryptography?
  122. Brazilian govt sites found serving malware
  123. Carder's BIN-checking app sold on Apple's App Store
  124. PayPal denies ****ager reward for finding website bug
  125. Commission wants to turn tables on IP thieves by crippling PCs with extortion-style lock-outs
  126. Twitter's two-factor authentication implementation can be abused, researchers say
  127. DNS anomaly detection: Defend against sophisticated malware
  128. Commission wants to minimize U.S. IP theft economic impact
  129. Mac Spyware Bait: Lebenslauf für Praktitkum
  130. A spotlight on grid insecurity
  131. Webinar: Monday, May 13th
  132. Big Hangover
  133. Twitter's 2FA: SMS Double-Duty
  134. Liberty Reserve founder arrested, site and service inaccessible
  135. Western Australia police silent on charges for 17-year-old hacker
  136. Plugging the trust gap
  137. Week in review: Scanner that identifies malware strains, Twitter offers 2FA
  138. Schnucks wants federal court to handle data breach lawsuit
  139. UDP port 1434 directed attack to AS13489 IP ranges, (Fri, May 24th)
  140. Researchers warn of increased Zeus malware activity this year
  141. Layered defenses largely fail to block exploits, says NSS
  142. Researchers find unusual malware targeting Tibetan users in cyberespionage operation
  143. Twitter's 2FA: SMS Double-Duty
  144. Killer apps: The performance of networked applications
  145. Scanner identifies malware strains, could be future of AV
  146. Google to lengthen SSL encryption keys from August
  147. Microsoft brushes off claim Xbox Live accounts were compromised
  148. Could the Bitcoin network be used as an ultrasecure notary service?
  149. Twitter's two-step authentication a good start, experts say
  150. U.S. urged to let companies 'hack-back' at IP cyber thieves
  151. Twitter's two-step authentication a good start, experts say
  152. Mac Spyware Bait: Lebenslauf für Praktitkum
  153. Zeus variants are back with a vengeance
  154. Google set to upgrade its SSL certs
  155. Fighting cybercrime is on the right track
  156. IT security pros have trouble communicating with executives
  157. Facebook phishers target Fan Pages owners
  158. Nation's power grid under constant cyberattack, but Congress lax
  159. Google engineer bashes Microsoft's handling of security researchers, discloses Windows zero-day
  160. IT security vendors seen as clueless on industrial control systems
  161. Google researcher reveals another Windows 0-day
  162. MoVP II, (Thu, May 23rd)
  163. DHS employees' info possibly compromised due to system flaw
  164. SoftBank said to be in talks with US to allay national security fears
  165. Twitter aims to become safer with two-step sign-in
  166. ****s are into online sharing, but are also more privacy-aware
  167. Mac Spyware Bait: Lebenslauf für Praktitkum
  168. The dangers of downloading software from unofficial sites
  169. Mac Spyware Bait: Lebenslauf für Praktitkum
  170. Twitter finally offers 2-factor authentication
  171. Is it time to professionalize information security?
  172. Microsoft decrypts Skype comms to detect malicious links
  173. A spotlight on grid insecurity
  174. Wireshark 1.10.0rc2 is now available http://www.wireshark.org/download.html, (Thu, May 23rd)
  175. Chrome 24.0.1312.52 has been updated for Windows, Mac, Linux, and Chrome Frame, (Wed, May 22nd)
  176. Apple QuickTime 7.7.4 for Windows updated, MANY security vulnerabilities: http://support.apple.com/kb/HT1222, (Wed, May 22nd)
  177. Wireshark 1.8.7 and 1.6.15 Released http://www.wireshark.org/news/20130517.html, (Wed, May 22nd)
  178. Blue Coat Systems to acquire security analytics firm Solera Networks
  179. New Citadel malware variant targets Payza online payment platform
  180. Event: Cloud Security Alliance EMEA Congress 2013
  181. Growing mobile malware threat swirls (mostly) around Android
  182. Privilege escalation, why should I care?, (Wed, May 22nd)
  183. Review: Logging and Log Management
  184. Mac Spyware: OSX/KitM (Kumar in the Mac)
  185. Commission wants to minimize U.S. IP theft economic impact
  186. Researchers find critical vulnerabilities in popular game engines
  187. Microsoft may be scanning your Skype messages
  188. U.S. power companies under frequent cyberattack
  189. Opinion varies on action against Chinese cyberattacks
  190. Digital strongboxes won't solve whistleblower problem for journalists
  191. Guantanamo cuts off Wi-Fi access due to OpGTMO
  192. Free tool repairs critical Windows configuration vulnerabilities
  193. IT pros focus on cloud security, not hype
  194. Why BYOx is the next big concern of CISOs
  195. Experts highlight top data breach vulnerabilities
  196. NYPD detective accused of hiring email hackers
  197. Blue Coat to acquire Solera Networks
  198. APT1 is back, attacks many of the initial U.S. corporate targets
  199. Moore, Oklahoma tornado charitable organization scams, malware, and phishing, (Tue, May 21st)
  200. Chrome 27 stable released http://googlechromereleases.blogspot.ca/ some security fixes, (Tue, May 21st)
  201. U.S. DOJ accuses journalist of espionage
  202. A closer look at Mega cloud storage
  203. Big Hangover
  204. Aurora attackers were looking for Google's surveillance database
  205. Senate report: Apple claims subsidiaries with no taxing jurisdiction
  206. Successful companies embrace shadow IT
  207. IntegriCell's Aaron Turner: Security managers still don't get mobile security
  208. Pressure mounts for building in security during application development
  209. "NATO vacancies" phishing email also leads to malware
  210. CISOs need to engage with the board
  211. Find TrueCrypt and BitLocker encrypted containers and images
  212. Wi-Fi client security weaknesses still prevalent
  213. Sourcefire goes beyond the sandbox
  214. Safe - Tools, Tactics and Techniques, (Mon, May 20th)
  215. Ubuntu Package available to submit firewall logs to DShield, (Mon, May 20th)
  216. Researchers uncover new global cyberespionage operation dubbed Safe
  217. U.S. Congress has questions about Google Glass and privacy
  218. Sysinternals Updates for Accesschk, Procdump, RAMMap and Strings http://blogs.technet.com/b/sysinternals/archive/2013/05/17/updates-accesschk-v5-11-procdump-v6-0-rammap-v1-22-strings-v2-51.aspx, (Mon, May 20th)
  219. Jailed hacker designs device to thwart ATM card skimming
  220. Security Manager's Journal: NAC deployment means better access control at last
  221. Chinese hackers master art of lying low
  222. Yahoo Japan says 22 million user IDs may have been stolen
  223. Cyber espionage campaign uses professionally-made malware
  224. Digital Government Strategy progress and challenges
  225. Over 45% of IT pros snitch on their colleagues
  226. Form-grabbing rootkit sold on underground forums
  227. U.S. DOD decides iPhones and iPads can connect to its networks
  228. The CSO perspective on healthcare security and compliance
  229. Large cyber espionage emanating from India
  230. Week in review: Human sensors, IT security jobs, and hacking car charge stations
  231. Port 51616 - Got Packets?, (Sun, May 19th)
  232. Alleged tech support scammers settle FTC charges
  233. Police arrest Anonymous suspects in Italy
  234. Experts ding DHS vulnerability sharing plan as too limited
  235. Researchers uncover new global cyberespionage operation dubbed SafeNet
  236. SSL: Another reason not to ignore IPv6, (Fri, May 17th)
  237. "Get free followers" scam targets Instagram users
  238. New Mac spyware signed with legitimate Apple Developer ID
  239. LulzSec Sentencing in UK
  240. BBC News: LulzSec Hacker Interview
  241. Four former LulzSec members sentenced to prison in the UK
  242. In a sea of malware, viruses make a small comeback
  243. DMARC email standards help prevent brand abuse in phishing campaigns
  244. New Mac spyware found on Angolan activist's computer
  245. Ransomware adds password stealing to its arsenal
  246. A look into the EC Council hack
  247. Targeted data stealing attacks using fake attachments
  248. e-netprotections.su ?, (Fri, May 17th)
  249. Extracting signatures from Apple .apps, (Thu, May 16th)
  250. Booming mobile industry spawning global criminal marketplace