SecurityWeek

Internal audit has to play a far more substantial role in information security to ensure organizations are following proper security procedures, according to the latest security whitepaper from PricewaterhouseCoopers.

NEW YORK - (AFP) - The Reuters News website has been hacked for the second time this month, with a fake report that Saudi Arabia's foreign minister prince Saud al-Faisal has died, the news agency said Wednesday."The blogging platform of the Reuters News website was hacked on Wednesday," Reuters said on its website.

Startup to Encourage Security Information Sharing Among CISOsA new information sharing framework is in town, and the former CISO of eBay is at the helm.

Adobe rolled out a set of patches on Tuesday, addressing more than 20 security issues. The patch that is being hailed as the most important, however, is one for Flash Player that has been actively exploited in order to compromise Windows-based systems.

Cloud and managed hosting provider giant Rackspace Hosting today released Rackspace Private Cloud Software, a new offering powered by OpenStack that makes it easy for organizations to deploy their own multi-node private cloud environment anywhere they choose.The company said the newly released software uses the same OpenStack compute platform that is used to run Rackspace’s own datacenters. 

CrowdRE, The Crowdsourced Reverse Engineering Platform Adds Mac and Linux Support, Groups With Sharing Controls

Defenders have to step up and employ advanced response techniques to stop attackers from taking over their IT environments, according to a Trend Micro executive.

Microsoft released nine security bulletins today addressing 26 vulnerabilities in its products. Five of the bulletins are rated 'critical', and cover issues in Windows, Internet Explorer, Microsoft SQL Server, Microsoft Exchange, Server Software and Developer Tools. From a priority standpoint, Microsoft recommended organizations deploy three critical updates first – MS12-060, MS12-052 and MS12-054.

Part 1: Why the Star Trek Medical Tricorder Didn’t have an App Store

Researchers at Kaspersky Lab are asking for help peeling back the layers covering a mysterious payload of the Gauss malware.

Imation Corp., an Oakdale, Minnesota-based storage and data security company, today expanded its "Defender" line of secure USB hard drives, adding drives with capacities of up to 1 terabyte (TB), with an option for biometric fingerprint authentication, and new USB drive management tools.

Trusteer is reporting that they have discovered a new attack utilizing the Citadel Trojan. According to a blog post from the security firm, Citadel is targeting an enterprise VPN belonging to a major international airport, but they have withheld the name.

Oracle has released a patch for a vulnerability (CVE-2012-3132) disclosed by David Litchfield from Accuvant Labs during the Black Hat security conference last month. The vulnerability, which is SQL Injection at its core, allows an attacker to gain high-level privileges, and take complete control over the server.

The malware responsible for attacks on at least 30 local governments, universities, and businesses in the Netherlands, Dorifel (XDocCrypt), is still actively spreading and causing new infections, despite a wide net of detection within the anti-Virus market.

IT security and data protection company, Sophos, on Monday launched Sophos Mobile Control 2.5, the latest version of its offering in the increasingly competitive mobile device management (MDM) space. The latest update brings an updated web-based admin console and new features designed to provide IT administrators with a simple way to offer BYOD in the enterprise.