January, 2010:

Warnings made of application bug in new Facebook dashboard, as SEO poisoning causes concern after 'unnamed app' reports by users

More concerns raised about suitability of the Apple iPad, as Norton say that it will not be able to run its phishing protection engine

A malicious use of view state that allows visibility of a user's credentials will be demonstrated at next week's Black Hat conference

Financial sites hit by malware and phishing scams as tax weekend beckons

Enterprises rely more on free software in 2010 as budgets for IT spend are reduced

Is a fear of change the biggest challenge when it comes to encouraging upgrading to modern browsers?

Phishing attacks rose significantly over the past two months as more consumers admit to being victims of fraud

Claim made that cyber crime investigation is not proper police work

Apple launches the iPad to huge fanfare, but questions are asked about its capability and security

Ipswitch's WhatsUp Gold announces the acquisition of Dorian Software Creations

Europe marks Data Protection Day, as Google publishes its guiding privacy principles

Tripwire steps into log management and SIEM sector with new solution

German court rules that a parent is responsible for their child's downloading and web activity

The popularity of Apple devices is attracting malware, according to a report from Intego

TechCrunch hit by second attack in 24 hours, as hackers target site founder on day of expected Apple tablet launch

Guide claims that public sector evaluation of security systems could lead to reduced data losses

Online fraud remains a rising problem, as a quarter of merchants fail to check orders

F5 Networks has further developed its portfolio with the BIG-IP edge gateway solution to incorporate load balancing and WAN optimisation

TechCrunch blog hit by hackers on the day before the Apple launch

Cost of a data breach rises by $2 in 12 months, as the average total per-incident costs in 2009 were $6.75 million

PCI security standards council announces new chairperson

Skybox Security moves into firewall market with mid-sized enterprise solution

How the last ten years have changed in the cyber threat climate

Adobe issues update to critical vulnerability in Shockwave player

Ministry of Defence reveals 16 information leaks in the last 18 months due to social networking use

New spam campaigns see sustained levels in the New Year

Symantec bolsters storage and backup solutions with new launches

New application acceleration and WAN optimisation solution introduced by Riverbed

Facebook changes to its application platform could lead to security nightmare as users' email addresses will be collected and stored

IronKey introduces Virtual Computing initiative to allow desktop and operating system to be run from a portable device

Mobile messaging will provide phishing and spam opportunities as smartphone market rapidly evolves

Oracle moves closer to Sun Microsystems acquisition after EU approval

Report on RockYou SQL flaw reveals weak passwords were being used to login to the social networking site

Industry welcomes the Microsoft out-of-band patch for Internet Explorer

University of Exeter hit by virus attack which causes network to be shut down

ICO finds Lancashire County Council to be in breach of the Data Protection Act after sensitive files were found in a filing cabinet

Microsoft will release an out-of-band patch for the Internet Explorer zero-day vulnerability tonight

General public is more aware of security concerns online but they continue to lose removable media

Thales and Voltage Security partner to deliver encrypted key management payment solutions

Microsoft announces plans to release out-of-band patch to cover heavily publicised zero-day vulnerability

Questions have been asked on when the other companies involved in last week's cyber attacks will step up, and why Google employees were not using Chrome

Gartner claims that Microsoft advice on upgrading to IE8 should be a lesson learned from last week's cyber attacks

PGP rolls out whole disk encryption to Linux and Mac operating systems

iDefense retracts claims made on Adobe's involvement in cyber attacks

Manchester United take out social networking insurance against player rants

Botnet driven DDoS attacks are getting stronger and more prevalent as claims made that the industry is not ready for IPv6

Poll reveals that people believe getting off Internet Explorer is the best tactic, as claims made that general public are not aware of the risks

Microsoft responds to international criticism of Internet Explorer and advises that upgrade to IE8 is the best tactic

Adding a second protective layer and effective correlation is the best defence against cyber attacks

Cloud-based open mobile management platform introduced by iPass

A look back at the first week of Operation Aurora and what impact it could have

VMware move for Yahoo's Zimbra unit welcomed by RSA as a 'step towards delivering IT as a service'

Exploit code for the Google cyber attack has been published, as Microsoft states that it is working on an update

Juniper confirms that it was hit by same cyber attack as Google, while rumours begin of an insider attack

Tories announce plans to establish a new National Security Council and improve international sharing of cyber knowledge

Jewish Chronicle website hacked by alleged group calling itself the 'Palestinian Mujaheeds'

What impact will Gordon Brown's plan for free laptops have on the UK?

Adobe comments on whether its software and its recent update was connected to the Google attack

A zero-day vulnerability in Internet Explorer was a factor in the Google attack earlier this week

Rogue anti-virus prevalent on links that relate to Haiti earthquake, as donors encouraged to look carefully for genuine sites

CNS works with Cambridgeshire Constabulary to secure network ahead of Government CESG requirements

Problem with the professional consumer is leading to an information security headache

Astaro aligns applications with new version of Command Center

China claims that it administers the internet according to the law, but makes no comment on Google claims

McAfee and Facebook announce software partnership

Google adds https encryption to its Gmail web mail service

Trend Micro introduces security suites to secure businesses along with mail servers, gateways and endpoints

Google contemplates pulling out of China after revelations made about cyber attacks, freedom of speech and Gmail account compromises

Businesses increase the amount of remote working but fail to secure their devices

Half a million pound penalty introduced for personal data security breaches by the Information Commissioner's Office

Microsoft gifts IT managers with just one update for the first Patch Tuesday of 2010

Illegal downloading that takes place at work increases by 55 per cent

Symantec announces acquisition of Gideon Technologies

Netgear to launch wireless management solutions for SMBs and schools

Facebook employee reveals that employee's access user profiles with a master password and multiple copies of user information are stored in data centres

Google finds apparently fraudulent banking applications on its Android Marketplace

New versions of products introduced by ScriptLogic to allow for auditing and analysing

CA completes acquisition of service level management software provider Oblicore

Bloxx introduces YouTube filtering appliance to allow schools to use the site for educational purposes

New botnet threats emerge in the New Year from Lethic and Bagle

Gordon Brown to supply 270,000 free laptops and broadband access to low income families to get them online for school reports

Pakistani cyber crime website hit by hacker who is able to access database

Facebook CEO Mark Zuckerberg claims that privacy settings would be public by default if he were to start the site now

PacketFocus spear phishing experiment succeeded due to the difficulty in detecting the messages

Aruba Networks announces plans for wireless management suite

Major flaws in USB stick software leads to secure drives being unlocked easily

Text and music campaigns established to support Gary McKinnon as barrister claims that extradition will breach bill of rights

Adobe plans to release auto-updater for Acrobat Reader as exploits are seen of unpatched vulnerability

Absolute Software adds Intel anti-theft technology to Computrace

Only one patch expected from Microsoft next Patch Tuesday as it refuses to address an existing SMB vulnerability

Deployment of mobile security software is on the agenda for more than half of companies this year

The problem with malvertising will lead to the most trusted websites being viewed with suspicion

Bug in SpamAssassin over New Year led to emails being incorrectly flagged as spam

Mimecast email security selected by Royal Albert Hall

Email services that failed to block spear phishing message revealed

One million Massachusetts residents have had their personal details leaked during the last two years

Petition against Oracle acquisition of Sun Microsystems and MySQL gathers momentum

Facebook users hacked with direct messages forwarding to suspicious site

2009 saw 25 million new malware strains as Trojans accounted for 66 per cent of all detections

Gartner acquires research and advisory services firm Burton Group

Latest version of SpectraGuard introduced by AirTight Networks to include reports and IPv6 support

Cross-site scripting vulnerabilities see two political websites hacked

Migration to updated browsers encouraged to be at the top of resolution lists

F-Secure launches smartphone software 'Anti-Theft for Mobile' to include a remote lock and wipe

OS advancements and third party application developments on social networking sites will offer cybercriminal opportunities in 2010

RandomStorm completes acquisition of Damn Vulnerable Web Application

Waledac spreading through fake New Year's e-cards

IIS issue not a new vulnerability, says Microsoft

Encryption protecting most mobile phones cracked

SC Webcasts

Security beyond the (fire)wall

Streaming live on 19th June at 3pm BST

This webcast addresses the technological challenges of maintaining full control of your most sensitive information - even once it goes beyond the firewall - while maintaining the freedom and flexibility necessary to allow your staff and other stakeholders to work as efficiently as possible. Tune in for free to hear from our regular and popular guest speaker, Bola Rotibi from (ISC)2 application security advisory board. To secure your place, please click here.

The truth about vulnerability management: Compliance checkbox or real protection?

Streaming live 2nd July at 3pm BST

How often are you assessing network vulnerabilties? Is your current vulnerability management program merely a compliance checkbox for auditors? Tune into this webcast live to hear from Joerg Weber, head of attack monitoring, Barclays, Lee Barney, an information risk consultant, and Skybox's Michelle Cobb on how you can prioritise vulnerabilities in a way that makes sense for your specific threat posture. Secure your free place here.

SC Featured Webcast

Employee file sharing: the good, the bad and the ugly

This recently held webcast unveiled the full results from the latest data security survey, where it was revealed that 50 per cent of the information security professionals asked said that they had 'no real visibility' of how data is being sent within and outside the company. Guest speakers included the director of information security from Monster.co.uk and the ISO from Atos. If you missed the live show, you can tune into the on-demand video here.

SC Whitepapers

Java security: Balancing existing testing platforms with open source solutions

In a rush to get new products out to market quickly, companies expose themselves to the risk of software failure. Java developers often turn to open source solutions to help protect themselves from risk. This new whitepaper explains how you can use your existing testing platforms alongside open source solutions to fix those issues related to both security and quality within your Java code. To download the paper for free, please click here.

DDoS and downtime: Considerations for risk management

The purpose of this paper is to start a conversation about the often overlooked risk of downtime caused by DDoS attacks and to provide sufficient content for risk managers to account for the DDoS threat as they evaluate risks to their day-to-day operations and long-term mission. To read the paper in full, please download it for free here.

Ponemon 2012 Global Encryption Trends Study

In Ponemon's recent Global Encryption Study, the organisation surveyed 4,205 information security professionals across seven countries to examine how encryption has evolved over the last eight years. The study focused on data protection priorities, budgeted expenditures for encryption and the types of encryption technologies involved, with the findings revealing some interesting insight into the relationship between encryption and its impact on the security position of organisations. To read the full report for free, please download it here.

Advanced spear phishing: The rise of industrial phishing attacks

With phishing still the most common form of attack, hackers are now engaging in industrial-scale phishing attacks that leverage sophisticated customisation and delivery techniques. Borrowing tactics from cloud computing and database marketing, this study looks at longline phishing - an advanced form of spear phishing, which has higher clickthrough and penetration rates than traditional attacks, potentially causing a higher risk to IT security departments across the world. To read the study for free, please click here.

Home | News | Products | Whitepapers | Jobs | Subscribe | Contact Us | About Us | Advertising | Sitemap | Editorial | Subscribe to our RSS feeds RSS

This material may not be published, broadcast, rewritten or redistributed in any form without prior authorization.

Your use of this website constitutes acceptance of Haymarket Media's Privacy Policy and Terms & Conditions