Latest News

IT security firm Sophos this week issued new guidance on a Windows Zero Day vulnerability that is already being used to target critical infrastructure systems, including power grids. Exploit code for what Sophos terms the "CPLINK" vulnerability is widely available. In response to the situation, the SANS Institute has taken the uncommon step of raising its industry Infocon vulnerability alert level.

Microsoft today announced the availability of Forefront Endpoint Protection 2010 (FEP) public beta which now available to customers.The successor of Forefront Client Security, FEP 2010 is built on System Center Configuration Manager (SCCM) 2007 R2, allowing customers to use their existing client management infrastructure to deploy and manage endpoint protection.

Malware prevention provider FireEye and network forensics company Solera have announced a technology partnership to deliver an integrated security solution that will not only block an attack, but also help IT security professionals figure out exactly what happened after the fact.

McAfee today announced a Risk Management solution the company claims will help organizations maximize their IT security spending by correlating actual risks with current security efforts.

The anti-malware industry sometimes sees more complicated problems than you might imagine, and they can’t all be fixed by tweaking detection algorithms or giving the marketing team a productivity bonus.

Virtualization Security Risks - Government Agencies Worrying LessWorries about the security risks of virtualization – the number two barrier to adoption for Federal IT organizations last year – have fallen to seventh place, far behind more mundane concerns such as lack of staff and budget. According to a survey conducted by CDW Government LLC, state and local IT groups ranked even lower, in eighth place.

Qualys BrowserCheck - Scans Web Browsers To Help Identify Security Flaws with Browsers and Plug-InsCybercriminals love exploiting security flaws in web browsers and their associated plug-ins to conduct attacks.

IBM Security Network Intrusion Prevention System helps manage a variety of network security capabilities through one unified platform.

After hiring a computer forensics team to conduct an investigation, Buena Vista University (BVU) said today that a data breach has occurred on its campus, potentially exposing the personal information of 93,000 people. The compromised database contains records that date back to 1987 and includes names, Social Security numbers and some driver's license numbers for BVU students (applicants, former and current), parents, faculty/staff (current and former), alumni and even donor records.

A malicious Firefox add-on was discovered this week that managed to be uploaded to and hosted on the official Mozilla Add-ons site.

McAfee today made an entrance into the identity theft protection services market with the launch of “McAfee Identity Protection.” The identity theft protection market is a crowded space but also a fast growing market with significant demand.

People & Places: Akamai Re-Hires Chuck Neerdaels as Vice President of Engineering, Cloud Platforms

Zeus Trojan - Targeting Verified by Visa and MasterCard SecureCode Security Programs during Online Banking SessionsSecure browsing services provider Trusteer, warned today that the Zeus (Zbot) continues to attack and is targeting online banking customers of 15 leading US financial institutions by exploiting two trusted credit card security programs.

Multi-Stage Cyber Attacks GrowingCybercriminals are increasingly turning to multi-stage or “blended” attacks consisting of messaging combined with Web elements, according to a new report from Commtouch. Blended attacks use e-mail or search engine results to lure victims to bogus web sites, where the victims then encounter spam advertising, malware, or phishing scams.

Fighting web fraud is a game of cat and mouse between fraud analysts and cybercriminals where the odds are stacked against fraud analysts.