Find network and information security news, reviews and analysis, covering data protection, privacy, endpoint security, and security management.
  • Researchers say AIM vulnerable to worm attack

    Posted September 26, 2007 - 11:33 am

    A critical flaw in the way that the AOL LLC's instant messaging client displays Web-based graphics could be exploited by criminals to create a self-copying worm attack, security researchers are warning.
  • 'Fraudster' posts confidential eBay member data on forum

    Posted September 25, 2007 - 5:57 pm

    Someone used an eBay Inc. discussion forum on Tuesday to post confidential information about eBay users along with what may be their credit card numbers.
  • Critical vulnerability found in toolbar

    Posted September 25, 2007 - 11:29 am

    A vulnerability in's toolbar for Internet Explorer could allow an attacker to take control of a person's computer, according to security advisories.
  • New activist tool: Cyber sit-ins

    Posted September 24, 2007 - 5:02 pm

    Dan Lohrmann, Michigan's chief information security officer, found out about the cyber sit-in from a reporter. It was Tuesday, May 15, 2007, and a group calling itself the Electronic Disturbance Theater asked Michigan residents to voice their opposition to proposed cuts in state healthcare programs by targeting the Michigan gov website. Over the next two days, participants accessed the group's website and downloaded a small browser plug-in that repeatedly hit Though Electronic Disturbance Theater sees its actions as a mixture of performance art and civil disobedience, to Lohrmann, it looked very much like a denial-of-service attack. "Had a million people joined in, it would have been interesting," says Lohrmann. "Not in a good way."
  • FBI investigates Unisys over U.S. government hack

    Posted September 24, 2007 - 11:47 am

    IT systems integrator Unisys Corp. is under fire for allegedly failing to detect the hacking of U.S. Department of Homeland Security computers, an incident that resulted in data being sent to a Chinese-language Web site.
  • Mobile security, virtualization on tap at MS hacking meet

    Posted September 21, 2007 - 3:08 pm

    Microsoft Corp. is inviting hackers onto its Redmond, Washington, campus again next week and this time software virtualization and mobile security will be the hot topics.
  • Researcher sees potential iPhone security problems

    Posted September 21, 2007 - 10:18 am

    Apple Inc.'s iPhone is a tough target for hackers, but a security researcher warned Friday that there are ways the sleek device could potentially be compromised.
  • Hacker bears bad news about PDF

    Posted September 20, 2007 - 8:34 pm

    The hacker who discovered a recently patched QuickTime flaw affecting the Firefox browser says he has found an equally serious flaw in Adobe Systems Inc.'s PDF file format.
  • VMware bugs shine spotlight on virtualization security

    Posted September 20, 2007 - 5:03 pm

    A set of newly discovered flaws in components of VMware Inc.'s virtual machine software has called attention to some of the security risks associated with the practice of running virtual computers on a single system.
  • Is the U.S. at risk from cyberwarfare?

    Posted September 20, 2007 - 1:33 pm

    May was not a good month for geeks in Estonia. The tiny Baltic republic weathered a month-long cyberattack that shuttered Internet servers nationwide. At the height of the crisis, people who wanted to use payment cards to buy bread or gas had to wait, as the onslaught crippled Estonia's banks. Can Estonia's experience be repeated elsewhere. You bet. "Estonia shows us how, as we become more networked and more wired, our vulnerabilities increase," says James Mulvenon, the director of the Center for Intelligence Research and Analysis, a Washington, D.C., think tank.
  • Report: VA's IT security still needs work

    Posted September 19, 2007 - 1:23 pm

    The U.S. Department of Veterans Affairs has made some progress since a May 2006 data breach, but it has not completed 20 of 22 recommendations from an internal auditor, according to a report released Wednesday.
  • Security gurus look for better ways to classify malware

    Posted September 19, 2007 - 12:16 pm

    Two senior security veterans from Trend Micro Inc. are trying to get the industry to change how it classifies malicious software. They argue that today's classification system, which tends to focus on the technical way the software works, neglects a far more important metric that matters more to users: how it tries to steal your money.
  • Mozilla fixes QuickTime flaw in Firefox

    Posted September 18, 2007 - 8:14 pm

    Mozilla Corp. has fixed a critical bug in the way the Firefox browser works with QuickTime media files.
  • Hacker finally publishes notorious Apple Wi-Fi attack

    Posted September 18, 2007 - 8:08 pm

    More than a year after claiming to have found a way to take over a Macintosh computer using a flaw in the system's wireless card, David Maynor has published details of his exploit.
  • Group says e-voting paper trail wouldn't improve security

    Posted September 18, 2007 - 5:00 pm

    Requiring print-outs as a back-up to electronic voting machines would not improve security but would increase costs of U.S. voting systems, according to a report released Tuesday.
  • Security tip: The ins and outs of e-mail vulnerability

    Posted September 18, 2007 - 10:19 am

    coming in,' says Carol Baroudi, the report's author. 'Only scanning inbound mail is like asking your guests to wash their hands but not bothering to wash yours.'

  • E-card industry gets the message from fraudsters

    Posted September 17, 2007 - 9:13 pm

    The e-card industry began seeing some pretty unfriendly greetings this past June when scammers started flooding e-mail in-boxes with fake greeting cards, trying to trick victims into clicking on links that would send them to malicious Web sites.
  • TD Ameritrade breach may have occured a year ago

    Posted September 17, 2007 - 8:47 pm

    The data breach that exposed the names and contact information of the more than 6.2 million customers of TD Ameritrade Holding Corp. may have occurred as far back as a year ago -- and possibly even earlier than that.
  • Privacy groups: Google's call for standard not enough

    Posted September 17, 2007 - 4:25 pm

    The U.S. government still needs to block or impose conditions on Google Inc.'s acquisition of online advertising server DoubleClick Inc., despite Google's call for global privacy standards, three privacy groups said Monday.
  • Barracuda buys Web security vendor NetContinuum

    Posted September 17, 2007 - 10:08 am

    Barracuda Networks Inc. has acquired NetContinuum, a vendor of Web firewall appliances. Barracuda already sells Web filtering devices that prevent Web surfers from visiting malicious sites, but the NetContinuum products can be used to protect Web sites themselves.
  • Symantec: Bank account details fetch $400 online

    Posted September 17, 2007 - 9:41 am

    Stolen bank account numbers are commanding the highest price in an underground trade of personal details stolen by hackers, according to a survey released Monday by security vendor Symantec Corp.
  • Names, contact info on TD Ameritrade customers compromised

    Posted September 14, 2007 - 2:55 pm

    Brokerage firm TD Ameritrade Holding Corp. Friday disclosed that the names, addresses, phone numbers and "miscellaneous trading" information of potentially all of its more than 6 million retail and institutional customers have been compromised by an intrusion into one of its databases.
  • Insiders overtake viruses as biggest security worry

    Posted September 14, 2007 - 11:58 am

    Company insiders have overtaken viruses as the most reported security incident, the annual report from the respected U.S. Computer Security Institute (CSI) has reported.
  • Google calls for global online privacy standard

    Posted September 14, 2007 - 9:52 am

    Search giant Google Inc. will propose on Friday that governments and technology companies create a transnational privacy policy to address growing concerns over how personal data is handled across the Internet.
  • Sophos: St. Petersburg consulate Web site was hacked

    Posted September 13, 2007 - 8:47 pm

    Security vendors are warning that two U.S. Department of State Web sites based in Russia could contain malware and should be avoided.
Join us:






Join today!

See more content
Ask a Question