OS & Software
April 29, 2013 Added by:Rohit Sethi
The 2013 Verizon Data Breach Investigations Report has some important data for software development teams, particularly when considering the likelihood of certain threats to your system.
March 21, 2013 Added by:Oliver Rochford
In an enterprise environment, a computer comes preloaded with Antivirus. For businesses, this is of course a good thing. It has sadly also had some unintended consequences – mainly to be found in the perception and expectations that customers and end-users have developed because of the commoditization of antivirus.
March 08, 2013 Added by:Rohit Sethi
The HTC settlement is not based on high-profile breaches. Instead, it points out: “HTC America failed to employ reasonable and appropriate security practices in the design and customization of the software on its mobile devices”.
February 26, 2013 Added by:Simon Moffatt
The concept of a well defined business identity is blurring and this is causing a complex reaction in the area of identity and access management. Internal, enterprise class identity and access management (IAM) has been long defined, as the managing of user access as defined by approval workflows, authoritative source integration and well defined system connectivity.
February 22, 2013 Added by:Mark Austin
Windows 8 is touted, rightfully so, for being the most secure Windows operating system yet. However, it would be a mistake to believe that Windows 8 does not require external security enhancements.
February 01, 2013 Added by:Simon Moffatt
This complex chain of correlated "security big data", can be used in a manner of ways from post-incident analysis and trend analytics as well as for the mapping of internal data to external threat intelligence. Big data is here to stay and security analytics just needs to figure out the best way to use it...
February 01, 2013 Added by:Dan Dieterle
China may be the source for a lot of international cyber attacks and malware, but they get hit by it too. 620,000 Android phones in China were infected with a nasty virus that collects personal information and begins to send costly text messages to benefit the malware maker...
January 29, 2013 Added by:Pierluigi Paganini
The US and Israel are considered in cyber warfare context to be the most advanced nations, and according the international press they have been been involved in the creation of the first worldwide recognized cyber weapon, Stuxnet, and many other related spy tools kits such as Flame...
January 29, 2013 Added by:Don Eijndhoven
German political platform NetzPolitik.org has now uncovered secret documents belonging to the Ministry of Finance, that the Ministry of the Interior sent to the Bundestag (the political seat of Germany) that reveals the German Federal Police’s intention to use Gamma Group’s Finfisher spyware...
January 20, 2013 Added by:Pierluigi Paganini
The first version of the malware demonstrated an improved methodology for injecting code into browsers to remotely control the victim's device and an improved evasion technique to prevent detection by common antivirus software...
January 17, 2013 Added by:Rod MacPherson
Once again, a new 0-day Internet Explorer vulnerability was discovered that affects IE7 and IE8... ...aside from upgrading to IE9/IE10 there is a suggestion that you could mitigate this vulnerability by running EMET. The only realistic action for many businesses to take would be EMET.
January 15, 2013 Added by:Jeffrey Carr
Kaspersky made an astonishing announcement today with its discovery of a sophisticated cyber espionage network (most likely Russian) that has been operating since May 2007 and continues to this day. It has successfully infiltrated embassies, research organizations, military and government agencies, energy facilities (including nuclear power plants) predominantly in the Commonwealth of Independent ...
January 13, 2013 Added by:Larry Karisny
We start with one big problem. Internet architecture was never made for security. One of my earliest articles quoted the father of the Internet Vint Cerf by saying, "One of things incumbent on all of us is to introduce strong authentication into the fabric of the smart grid. We did not do that with the Internet."
January 04, 2013 Added by:Pierluigi Paganini
It’s the news of the day, a fraudulent digital certificate that could be used for active phishing attacks against Google’s web properties. Using the certificate it is possible to spoof content in a classic phishing schema or perform a man-in-the-middle attack according Google Chrome Security Team and Microsoft experts.
Good Security Starts at Home... lee brown on 03-03-2015
Don’t Let Your Guard Down: Tragedies Pave ... nathan todd on 03-03-2015
Don’t Let Your Guard Down: Tragedies Pave ... herman alvarez on 03-03-2015