Security


Alleged White House E-Mail Cyber Incident now Called Attack from China

Officials in the United Kingdom now suggest that a cyberattack from purported White House e-mail accounts actually originated from China, and the perpetrator used a hoax e-mail address that resembled a White House account.

Microsoft Preparing Hefty 12-Item Security Patch on Tuesday

Microsoft began 2011 with a light touch, but IT pros can expect a decidedly heavy February security update next Tuesday.

Google Offers $20,000 To Hack Chrome

Google is looking to reward those who can find a vulnerability in its Chrome browser.

Database Check: Testing Sentrigo's Hedgehog DBscanner

Sentrigo Hedgehog DBscanner offers enterprise-class vulnerability assessment and security scanning for databases.

January Letters: Readers Debate One-Time Passwords and More

Should IT support token-generated, one-time passwords for users on a network?

A Cloud Doofus: Backup Lessons From Life

Cloud backup is simple, if you remember to set it up in the first place.

Messing With Web Components

Hackers go after your browsing sessions. Plus: Conficker worm is gone, but not forgotten; unrest in Egypt worries Microsoft, Cisco.

Microsoft Investigating MHTML Vulnerability in IE

Microsoft released Security Advisory 2501696 in response a scripting vulnerability in Internet Explorer that affects all versions of Windows.

Black Hat: How iPhone, Android, Other GSM Phones Are Vulnerable To Attack

A demonstration of an attack against an Apple iPhone at the Black Hat Technical Security DC 2011 Conference in Arlington, Va., demonstrated that software in many GSM-based smart phones contains vulnerabilities that could open the phones to remote exploits.

Report: Hackers Shifting Attention to Mobile Devices

Scammers have set their sights on tablets and smartphones, and away from Windows desktops, in response to rising consumer demand for mobile devices.

Black Hat: Will New Breed of DOS Attacks Make Cloud Unaffordable?

The cloud is the current Next Big Thing in computing, and the Next Big Thing in attacks could be a new breed of economic denial-of-service attacks intended to use up resources and drive up the cost of cloud computing, warns a senior security researcher at Adobe Systems.

Stuxnet Is Not Superworm, Researcher Says

An analysis of the Stuxnet worm shows it to be a combination of sophisticated and flawed work, most likely the product of a partnership between several entities with varying levels of expertise and resources.

January Windows Security Patch Lacks IE Fix

As expected, Microsoft today released two security bulletins in its January security update.

Light Microsoft Patch Expected Tuesday, Despite Threats

Microsoft plans to start the year with a light count of just two security bulletins in its January patch.

More IT Grief: Office Exploit Broadly Released

Code that can exploit a Rich Text Format flaw in Microsoft Office has been published, according to a Microsoft announcement late last month.

It's Time To Lose the Passwords!

Token-based login technology has improved significantly, so what are you waiting for?

Windows Graphics Engine Contains Security Flaw

Microsoft released a security advisory today concerning Windows Vista, Windows XP and Windows Server 2003.

Microsoft Investigating IE and FTP Security Flaws

Microsoft's security team announced late last month that it is investigating two proof-of-concept flaws in Microsoft's Web-related software.

Consultant Alleges FBI Had Backdoors Installed into OpenBSD

A former FBI consultant claims the FBI had backdoors installed in the OpenBSD operating system to allow the agency to eavesdrop on virtual private networks used by U.S. attorneys nearly a decade ago.

Forefront Endpoint Protection 2010 Now Available

Microsoft today announced that its Forefront Endpoint Protection (FEP) 2010 product is available for evaluation.

Subscribe on YouTube