Archive

Jettisoning Java: Damned if You Do, Damned if You Don’t

DHS is urging computer users to disable or uninstall Java due to a serious flaw in JRE 7. The DHS' Computer Emergency Readiness Team warned Thursday evening that it was being exploited in the wild and could allow an attacker to execute arbitrary code on vulnerable systems. CERT recommended that Java...

Russian Hacker Gets a Taste of His Own Malware

After a persistent series of attacks on its government computers by a Russian hacker, the Republic of Georgia got mad and refused to take it anymore. In a reversal of roles, members of the country's Computer Emergency Response Team suckered the cybermiscreant into downloading a file infected with hi...

Flame Malware Scorches Systems Across the Middle East

A cyberweapon of unprecedented sophistication is ripping through computer systems in the Middle East, security vendor Kaspersky Lab claims. It has dubbed the malware "Worm.Win32.Flame" -- or "Flame," for short. Other security vendors, including McAfee and Symantec, have issued similar warnings, and ...

Adobe Gets Its Say on Microsoft’s MAPP Security Channel

Adobe has joined Microsoft's MAPP program, which provides members with information about security vulnerabilities before Microsoft releases its monthly patches. This will let Adobe, which has been plagued by security flaws, notify MAPP members about vulnerabilities in its apps so they can fix those ...

Energizer Jolts PCs With Malware

If you're using Energizer's Duo USB battery charger software to monitor your battery charging status, it's probably a good idea to shut it down and uninstall it pronto. The software designed to work with the Duo contains a backdoor Trojan that lets unauthorized users access a PC remotely, among othe...

CONFERENCE REPORT

Chertoff on Cybersecurity: ‘Reverse Manhattan Project’ Needed

After working for years to prevent cyberterrorist attacks on the U.S., the Department of Homeland Security has approached the private sector for help. At a talk given to information security professionals at the RSA Security Conference, Homeland Security Secretary Michael Chertoff warned that a cybe...

Cyber G-Men Plot to Bust Bots

The FBI is launching a new initiative in the cyber crime wars, taking on the criminal organizations -- the so-called "bot herders" -- that have gathered under their control compromised or zombie PCs. The bot herders' purpose is to send out malware or spam and phishing campaigns over the Internet tha...

PCI Security Standards Council: Building Trust

With the formation of the PCI Security Standards Council, multichannel merchants, online retailers, consultants, payment processors, and virtually every organization that touches online payments should find it much easier to comply with the PCI Data Security Standard. The newly formed council also w...

Phishing Grows in Severity, Sophistication

Phishing is one of the most significant threats to online consumers, and as the incidence of this type of fraud increases, so does the perpetrators' average take. Phishers who lucked out and lured several customers of a British bank into false communications recently made off with an average of 5,00...

Administrators Urged To Defend Systems Passwords

A recent vulnerability found in the popular open-source database MySQL revealed a persistent problem for IT managers: password management among administrators. Most talk about password security traditionally centers around end users and the use of weak, easy-to-guess passwords. In companies where ad...

Microsoft Scrambles To Plug Explorer Holes – Again

Microsoft is again being forced to respond to serious Internet Explorer security holes coupled with exploit code that could allow attackers to saddle Windows users with spyware, Trojans or other trouble, even if they have updated with Microsoft's Service Pack 2. Security research firm Secunia repor...

Latest IE Worm Developed in Record Time

Security firms are warning of a new e-mail worm that began infecting computers just days after the vulnerability it exploits in the Internet Explorer (IE) browser was made public. The worm, which some information security experts say is a variation of the MyDoom virus that ravaged the Web earlier th...

EXPERT ADVICE

Ten Steps to E-Mail Security

More than 10,000 students depend on Jill Cherveny-Keough for trustworthy computing systems. As director of academic computing at the New York Institute of Technology (NYIT), Cherveny-Keough must ensure that dozens of computing centers across the college's campuses run without a hitch. Fall is an esp...

SPECIAL REPORT

Internet Explorer, Security Concerns and Browser Alternatives

Computer users, faced with never-ending security attacks from surfing the Internet and opening e-mail, are showing increased interest in switching Web browsers. Downloads of popular non-Microsoft Web browsers have doubled this summer, software makers say. The trend toward considering alternative bro...

Microsoft Patches Explorer Hole

Microsoft has broken its monthly cycle of security updates to plug a few holes in its Internet Explorer browser, including the Download.Ject scripting weakness that caused a widespread, Web-based attack scare in June. The Download.Ject vulnerability and similar browser weaknesses prompted many secur...

LinuxInsider Channels