Spam and virus attacks are declining, but malicious Web sites have taken a big leap, according to the September Intelligence Report from MessageLabs. The figures back up reports from numerous security firms and experts that Web-based attacks are now the vehicle of choice for distributing malware.
Big leap in malicious Web sites
November 4th, 2008 · Comments Off
Network security makes a quantum leap
November 4th, 2008 · Comments Off
The world’s largest quantum encrypted network has been unveiled in Vienna, Austria, providing a glimpse of how data could be securely transmitted in the future. The network is the result of more than four years of work, with 41 organizations from 12 countries working to integrate quantum cryptography into a modern business network.
Microsoft Preps 11 Security Bulletins for Patch Tuesday
November 4th, 2008 · Comments Off
Microsoft plans to release 11 security bulletins, four rated critical, for its October Patch Tuesday. The security bulletins cover multiple Microsoft products, including Internet Explorer and Microsoft Office Excel. Microsoft is planning to release 11 security bulletins Oct. 14 on Patch Tuesday.
Practical Defense in Depth
November 4th, 2008 · Comments Off
Even though the vulnerability counts have dropped, the number of vulnerabilities is not zero. And, even in my wildest dreams, I do not think we will get to zero. I will explain why shortly. In the very early days of the SDL, Microsoft focused heavily on removing design and code-level security vulnerabilities; as we progressed, [...]
Apple releases another mega-patch for Mac OS X
October 11th, 2008 · Comments Off
Apple Inc. patched 40 vulnerabilities in Mac OS X yesterday — more than half of them labeled with the company’s equivalent of "critical" — and in the process broke the 250-bug bar for the year.
Security flaw in smart cards poses risk for transit, building access
October 11th, 2008 · Comments Off
Transit systems across Canada stand to lose tens of thousands of dollars to fare fraud, and access to office buildings could be compromised, after a security flaw in some of their smart-card technology was widely publicized this week.
Free TrojanProof Password Tool Released for Windows
October 10th, 2008 · Comments Off
A trio of German software firms claims to have developed a password system that prevents Trojans and viruses from stealing passwords from a Windows machine. The “Trojan-proof” virtual keyboard software, which was developed by Global IP Telecommunications, PMC Ciphers, and CyProtect AG, is available in a free beta version for download.
Security scans with OpenVAS
October 10th, 2008 · Comments Off
As important as security is, remaining current with every development is hard, and evaluating possible vulnerabilities across a network can be quite a chore. You need a way to both automate tests and make sure you’re running the most appropriate and up-to-date tests.
Do ISPs pose a bigger online privacy threat than Google
October 10th, 2008 · Comments Off
The increased monitoring and profiling of Internet users by companies such as Google Inc. and its DoubleClick online advertising subsidiary is widely seen as one of the biggest threats to online privacy. But in reality, said university professor Paul Ohm, the potential for the same kind of activities by ISPs poses a much greater privacy [...]
HTTPS Cookie-Hijacking Tool CookieMonster Gobbles Personal Data
September 15th, 2008 · Comments Off
Web browsing on SSL sites may not be as secure as you think. Security researcher Mike Perry has released additional details about his CookieMonster tool, which can be used to steal private data via HTTPS cookies. Mike Perry spoke about the issue at the Defcon security conference.