Security


Duqu Flaw Looks To Go Unpatched in November's Light Patch Tuesday Release

Microsoft's Patch Tuesday is looking somewhat light for next week.

Automated Socialbots Invade Facebook

University of British Columbia researchers were able to gain access to Facebook with a herd of automated "socialbots."

Windows Zero-Day Exploit Linked to Duqu Worm

A zero-day vulnerability discovered on Tuesday by Microsoft is being targeted by attackers as an open door to spread the Duqu malware.

The 2011 Redmond Readers Choice Awards

Your picks for 2011's best Windows IT products in a wide variety of categories.

'Nitro' Botnet Targeted More Than 48 Companies

Close to 50 industrial companies were attacked in recent months by a readily available Trojan designed for information gathering.

Linux Community Offers Secure Boot Ideas

The Linux Foundation, along with Red Hat and Canonical, has staked out positions on the secure boot procedure.

China Asserts No Involvement in US Satellite Hacks

A congressional report claiming that the Chinese military may have hacked into two U.S. satellites was denied by Chinese officials and said the U.S. government had unspecified "ulterior motives"in blaming the country.

Microsoft Settles with Alleged Malware Culprit

Lawyers for Microsoft have come to an out-of-court settlement with Czech Republic-based Dotfree Group and its owner over involvement in the Kelihos botnet ring.

Security Experts Place Blame on China for RSA Hack

According to a report presented to Congress, China was the origin of an attack that targeted RSA security and 760 government agencies and companies in March.

Researchers Demo XML Encryption Hack

Researchers last week described a cipher-block chaining (CBC) attack via the XML Encryption standard that could compromise secure online transactions

Google Downplays 'Sandbox' Vulnerability Flaw

A newly discovered hole in Google Chrome's built-in sandbox protection could lead to a remote code execution, according to Acros Security.

Trojan Relative of Stuxnet Hits Web

A Trojan apparently being used to gather information for a future Stuxnet-style attack, was found in European industrial systems, according to Symantec.

Researchers Outline Hurdles for Mobile Security

According to a newly released security advisory report out of Georgia Tech, attacks against smartphone applications and browsers will continue to rise as the adoption of tablets and smartphones increase.

City of Los Angeles Faults Google Apps on Security Compliance

Google's contract to provide the city of Los Angeles with cloud-based applications faces completion issues after nearly two years.

Federal Government Researching Guidelines for Botnet Crackdowns

The Homeland Security and Commerce departments are evaluating a list of possible voluntary industry standards that may be implemented to combat malicious networks of compromised computers controlled by online criminals.

Research Describes Advanced Techniques To Bypass Firewalls

New security evasion techniques can be used to get through firewalls, researchers contend.

'Critical' Fixes for Internet Explorer, Silverlight in Microsoft's October Security Bulletin

Microsoft today released its October Security Bulletin, which includes eight bulletins that address 23 vulnerabilities -- with two bulletins labeled "critical" and six "important."

Microsoft Downplays Risks of Zero-Day Exploits

Zero-day software vulnerabilities may be alarming, but a new report from Microsoft sees them as not the biggest risk for organizations and PC users. 

Microsoft Readies Eight Fixes for October's Security Bulletin

Microsoft released information on eight patches in its advanced notification of the October monthly security bulletin.

Federal Cyber Incidents Increased 650 Percent Over Five Years

The Government Accountability Office has released a report showing that security incidents at 24 federal agencies have increased 650 percent during the last five years.

Upcoming Events

Redmond Tech Watch

Sign up for our newsletter.

I agree to this site's Privacy Policy.