Security

Find network and information security news, reviews and analysis, covering data protection, privacy, endpoint security, and security management.

Antivirus software powerless to stop data breach attacks, study finds

Posted February 9, 2012 - 9:43 am

Large numbers of data breaches are being initiated by targeted malware that antivirus software simply can’t detect, an analysis of 300 real-world incidents from 2011 has suggested.
- Quick Read
- Like
- Tweet
Security experts ask House for light a regulatory touch

Posted February 9, 2012 - 9:39 am

Technology industry representatives -- looking to prevent an additional set of compliance requirements -- urge House subcommittee to avoid new cybersecurity regulations to shore up the nation's digital defenses.
- Quick Read
- Like
- Tweet
Mobile apps need clear copy, not a privacy summit

Posted February 9, 2012 - 8:28 am

A mobile app privacy summit? Not a bad idea, but here’s the thing: couldn’t you have made it clear what the app was doing in the first place?
- Quick Read
- Like
- Tweet
Foxconn said to have been hacked by group critical of working conditions

Posted February 9, 2012 - 3:47 am

Hackers claimed to have stolen internal data from Apple supplier Foxconn, and leaked the information online, in response to media reports of poor working conditions at the electronics manufacturer's factories in China.
- Quick Read
- Like
- Tweet
Question

Mobile apps uploading personal information

Posted February 8, 2012 - 7:06 pm

Path.com was slammed for uploading users' mobile address books. What other apps have been caught doing that or something similar, and how can users protect themselves - before the download?
http://www.wired.com/gadgetlab/2012/02/path-dave-morin-explains-data/
- Quick Read
- 1 comment
- Like
- Tweet
EPIC sues FTC over Google's planned privacy changes

Posted February 8, 2012 - 5:28 pm

The Electronic Privacy Information Center has filed a lawsuit against the U.S. Federal Trade Commission, asking a court to force the agency to take action against Google over planned changes in the company's collection of personal data.
- Quick Read
- Like
- Tweet
Researchers crack satellite encryption

Posted February 8, 2012 - 5:27 pm

Researchers at a university in Bochum, Germany claim to have cracked encryption algorithms of the European Telecommunications Standards Institute (ETSI) that are used to secure certain civilian satellite phone communications.
- Quick Read
- Like
- Tweet
US gov't falling behind in social-media race, expert says

Posted February 8, 2012 - 4:46 pm

The U.S. government is losing a race in cyberspace -- a social-networking race for the hearts and minds of Internet users, a computer security expert said Wednesday.
- Quick Read
- Like
- Tweet
Google to pay users to track their movements online

Posted February 8, 2012 - 4:41 pm

Amid widespread concern about its new privacy policies, Google is now facing criticism over an offer to give users Amazon gift certificates if they open their Web movements to the company in a program called Screenwise.
- Quick Read
- Like
- Tweet
Spammers impersonate well-known developers to publish rogue apps on Android Market

Posted February 8, 2012 - 3:39 pm

Spammers are impersonating well-known Android software developers in order to distribute rogue apps through the official Android Market.
- Quick Read
- Like
- Tweet
Google Chrome will no longer check for revoked SSL certificates online

Posted February 8, 2012 - 12:55 pm

Google plans to remove online certificate revocation checks from future versions of Chrome, because it considers the process inefficient and slow.
- Quick Read
- Like
- Tweet
EU to stengthen its cybersecurity watchdog

Posted February 8, 2012 - 11:22 am

A push by European authorities to strengthen the European Union's cyber security watchdog has been given a green light by parliamentarians.
- Quick Read
- Like
- Tweet
Why one insurance company ditched its own hardware for a cloud-based SAN

Posted February 8, 2012 - 9:29 am

Why do some enterprise managers decide to brave their way into the new and unknown of cloud-based services? Sometimes it's simply because the old technology just isn't working out that well anymore.
- Quick Read
- Like
- Tweet
Trustwave admits issuing man-in-the-middle digital certificate, Mozilla debates punishment

Posted February 8, 2012 - 8:32 am

Digital Certificate Authority (CA) Trustwave revealed that it has issued a digital certificate that enabled an unnamed private company to spy on SSL-protected connections within its corporate network, an action that prompted the Mozilla community to debate whether the CA's root certificate should be removed from Firefox.
- Quick Read
- Like
- Tweet
UK cyber security skills are 'wholly inadequate', says former security minister

Posted February 8, 2012 - 3:14 am

The UK needs to significantly bolster its cyber security skills to fight against cyber threats, according to former security minister Baroness Pauline Neville-Jones.
- Quick Read
- Like
- Tweet
FBI declares cloud vendors must meet CJIS security rules

Posted February 7, 2012 - 9:32 pm

The FBI Tuesday reaffirmed its rule that all cloud products sold to to U.S. law enforcement agencies must comply with the FBI's Criminal Justice Information Systems security requirements.
- Quick Read
- Like
- Tweet
Adobe sets IE as next target in Flash security work

Posted February 7, 2012 - 9:28 pm

Adobe next plans to tackle Microsoft's Internet Explorer in its ongoing work to "sandbox" its popular Flash Player within browsers, Adobe's head of security said today.
- Quick Read
- Like
- Tweet
Something fishy about Google Chrome's Safe Browsing API, lab says

Posted February 7, 2012 - 9:21 pm

A research firm that measures the security effectiveness of browsers noticed something it thought might be fishy with the way Chrome was doing things. Turns out, there may currently be a privacy concern about Google's use of end user IP addresses as part of its Safe Browsing API.
- Quick Read
- Like
- Tweet
Symantec expects Anonymous to publish more stolen source code

Posted February 7, 2012 - 9:02 pm

Symantec today confirmed that the pcAnywhere source code published on the Web Monday by hackers who tried to extort $50,000 from the company was legitimate.
- Quick Read
- Like
- Tweet
FTC warns background screening mobile apps may be unlawful

Posted February 7, 2012 - 8:59 pm

The Federal Trade Commission this week said it sent letters to six unidentified mobile applications makers warning them that their background screening apps may be violating federal statutes.
- Quick Read
- Like
- Tweet
White Paper

Aberdeen Analyst Insight: Does Your Enterprise Have a Dropbox Problem?

Posted February 7, 2012 - 5:30 pm

Without policies, awareness and supported alternatives for sharing files securely, end-users will often overlook security and compliance in favor of getting the job done. Read this whitepaper to determine if your enterprise has a "Dropbox Problem" and ways successful organizations address this problem.
- Quick Read
- Like
- Tweet
MegaUpload takedown didn't slow pirate downloads, just moved them offshore

Posted February 7, 2012 - 4:16 pm

Between 30 percent and 40 percent of all file-sharing traffic went through MegaUploads until it was shut down. Since then the number of files being downloaded has remained steady, but from different sites, many of which use data centers in the EU or Asia rather than the U.S.
- Quick Read
- 2 comments
- Like
- Tweet
FTC warns makers of background checking apps

Posted February 7, 2012 - 2:39 pm

The U.S. Federal Trade Commission has sent warning letters to the makers of six mobile apps used for background checks, saying the apps may violate a consumer credit protection law.
- Quick Read
- Like
- Tweet
Symantec may have tried to bribe hackers, but definitely betrayed its own customers

Posted February 7, 2012 - 1:02 pm

Anonymous is laughing it up at Symantec's reputed attempt to bribe hackers to not release source code. Symantec calls it extortion. That question is trivial compared to the reality that Symnantec broke trust with its customers and left them at risk for six years following the hack.
- Quick Read
- Like
- Tweet
White Paper

BYOD: How to Design Secure Usage

Posted February 7, 2012 - 1:00 pm

With employee mobile devices springing up throughout your workplace, how can you establish an individual liable usage policy? Use these questions from Good Technology to help prepare your organization.
- Quick Read
- Like
- Tweet

SecurityWhite Papers & Webcasts

White Paper

Aberdeen Analyst Insight: Does Your Enterprise Have a Dropbox Problem?

Without policies, awareness and supported alternatives for sharing files securely, end-users will often overlook security and compliance in favor of getting the job done. Read this whitepaper to determine if your enterprise has a "Dropbox Problem" and ways successful organizations address this problem.

White Paper

BYOD: How to Design Secure Usage

With employee mobile devices springing up throughout your workplace, how can you establish an individual liable usage policy? Use these questions from Good Technology to help prepare your organization.

White Paper

Good Technology State of BYOD Report

New data finds Finance and Healthcare industries dominate BYOD picture and that users are willing to pay device and service plan costs if they can use their own devices. Read More>>

White Paper

A Proactive Approach to Server Security

Learn why security-conscious organizations are taking a more proactive approach to server security. Download this Spire Research whitepaper to understand how you can eliminate the threat caused by today's more advanced threats and protect your organization's most valuable data.

White Paper

Protection Against Modern Cybersecurity Threats

Download this case study to learn how this accounting and consulting giant uses Bit9's adaptive application whitelisting to offer employees flexibility without jeopardizing enterprise safety.

See more White Papers | Webcasts