Inside the Briefcase
“The area of static code analysis for security can be complex, and companies must consider the accuracy and comprehensiveness of such a tool against other options,” noted Michael Coates, chairman of the OWASP board. “The SAMATE Reference Dataset can serve as a benchmark for companies to compare and contrast a variety of tools against a common baseline.”
WinMagic the global innovator in disk encryption, has been named the Encryption Innovator of the year by SC Magazine. The December, “Innovator,” issue recognizes companies that have the vision, imagination and creative management that reflects leadership in the security industry.
Tweet Modern Phishing attacks focus more on capturing the user’s browser and subsequently using that as a pivot to attack the machine and the enterprise. Read more…
Hackers with a few thousand bucks to spare have been splurging on a new toolkit that targets Java, according to one security researcher. “Java exploits are most effective when included in exploit packs since they can turn any hacked website into a particularly dangerous place for end users,” said Bill Morrow of Quarri Technologies.
Star Analytics, Inc., the leader in application process automation and integration software, today announced that McAfee, the world’s largest dedicated security technology company, has deployed Star Command Center and Star Integration Server to automate and integrate processes and data within its QlikView Business Discovery environment.
Tweet Computer security is more important nowadays than it was 10 years ago, because there are so many sensitive operations performed using on. What this means is that for someone who is working with such data, it’s mandatory that he or she will benefit from a form of backup that will guarantee he or she […]
The big-money savings that cloud implementations promise when they’re still on the drawing board can dry up quickly as they become real-life projects. Unfortunately, security is something that too often gets caught in the cost-cutting crossfire. It behooves security professionals to try to squeeze every bit of value they can from resources they already have.
Tweet Vulnerabilities in web applications are now the largest vector of enterprise security attacks. Stories about exploits that compromise sensitive data frequently mention culprits such as “cross-site scripting,” “SQL injection,” and “buffer overflow.” Vulnerabilities like these fall often outside the traditional expertise of network security managers. To help you understand how to minimize these risks, […]
Tweet Keeping IT systems secure and running within regulatory compliance mandates, especially for mid-sized and even small businesses, seems next to impossible. There are many reasons for this — but fortunately, several recent technological trends show that it doesn’t have to be this way. This paper covers how small and medium-sized organizations can manage their […]
Today IBM (NYSE: IBM) is unveiling a new service to help businesses secure the exploding number of mobile devices with access to corporate data.
Speaking here before 700 security-minded attendees at the DARPA Cyber Colloquium, Gen. Keith Alexander, who is commander of U.S. Cyber Command and director of the National Security Agency, said he needs look at the cloud environment he is testing out at the NSA.
A rise in the popularity of “cloud computing” systems could pose new security threats and a legal minefield for law enforcement agencies, a technology expert has warned.
Microsoft has issued a temporary fix to guard against Duqu, the recently spotted malware that in some ways resembles the highly dangerous Stuxnet worm. However, the patch only deals with the Microsoft Word side of the equation; users will still be vulnerable to Duqu malware unless they update their security software.
A White House proposal regarding cybercrime has been under consideration for months, and the Obama administration wants it passed ASAP. “Both public and private entities are working to ramp up coordination to keep up with the threats, but … right now, the threats and rate of attack are outpacing the coordination,” said Dean Turner, director of Symantec’s global intelligence network.
Tweet Various branches of the U.S. government often take flack for their cybersecurity shortcomings, and the CIOs of those departments typically shoulder much of the blame. However, new research by the General Accountability Office has found that sometimes certain important aspects of security just aren’t part of a government CIO’s job. Read more…
Tweet SOURCE: TechNewsWorld Symantec has sounded the alarm on Duqu, a newly discovered strain of malware that appears to be very similar to Stuxnet, a dangerously malicious program that wreaked havoc on Iran’s nuclear research program. The two seem to be made for different purposes, though — while Stuxnet is a worm built to destroy, […]
Tweet Any organization can trick itself into believing in false economies, and IT is no exception, especially when it comes to information security. Things are done one way because it appears to be the cheaper way to go, when in reality it’s much more expensive. False economies come in many different forms, but here are […]
Tweet Three Laws Mobility’s new Android enterprise security solution allows encryption to be applied to all the data on a phone or just to corporate applications. Administrators can control what apps will run on the phone with white and black lists. Single-platform solutions like the one offered by 3LM, though, can create problems for administrators […]
Tweet SOURCE: TechNewsWorld The U.S. Department of Justice reportedly issued secret court orders to Google and ISP Sonic.net seeking to obtain information about the Internet activities of one Jacob Appelbaum, thought to be associated with whistleblower site WikiLeaks. “The Electronic Communications Privacy Act arguably makes this practice legal — in the sense that it has […]
Tweet SOURCE: MarketWatch Almost nine in 10 parents say their children have been affected by cyber bullies, according to a new study by Bitdefender(R), an award-winning provider of innovative Internet security solutions. The Bitdefender study, based on interviews with a sample of 1,740 parents from five countries, also revealed that 54 percent of the respondents’ […]
IBM today announced a definitive agreement to acquire privately held Q1 Labs, a Waltham, Massachusetts-based provider of security intelligence software.
Symantec Corp. (Nasdaq: SYMC) today announced the results of its 2011 State of Cloud Survey, which examined how organizations are adopting cloud computing and dealing with the changes it can impose on their approach to managing
Tweet SOURCE: Tech World We’re using the same tools to secure both physical and virtual servers! So say the majority of respondents in a new survey conducted by Gabriel Consulting Group (GCG) and sponsored by McAfee. More than 140 data center-savvy personnel in organizations ranging from small and midsize businesses (SMBs) to very large multinational […]
Tweet SOURCE: TechNewsWorld Facebook is trying to get a better handle on the security of its members through a deal with Websense, which will soon warn Facebook users whether the links on friends’ posts might put their computers at risk. Meanwhile, boffins propose an alternative to security certificates, and users of HTC Android phones get […]
Tweet Facebook hasn’t been particularly fazed by users’ indignation or consumer advocates’ warnings over its repeated privacy bungles. Perhaps it will react differently to scrutiny by Congress and possible regulation by the FTC. “Being cavalier about people’s privacy is dangerous,” said tech analyst Laura DiDio. “You can run into problems from identity theft to kiddie […]
Tweet SOURCE: TechNewsWorld Defense contractors have been pelted with cyberattacks in recent months from infiltrators looking to steal and publicize whatever secret internal documentation they can lay hands on. Now the U.S. DoD is opening up its own brand of protection to defense contractors. Meanwhile, more of Stuxnet’s origin story was revealed, and security certification […]
Tweet SOURCE: TechNewsWorld Smart devices are popping up everywhere — the home, the office, even the car. The downside to having smart devices, though, is that they can’t discriminate between good and bad commands and will do what any human tells them to, regardless of whether or not that human is their master. This can […]
Tweet SOURCE: TechNewsWorld After breaking into the systems of several U.S.-based military contractors, digital intruders have set their sights on Japanese corporations, including Mitsubishi Heavy Industries. Meanwhile, the reverberations from the DigiNotar breach continue to shake up the security world, with one hacker claiming to be able to slip into Windows through its update system. […]
Green Hills Software, the largest independent vendor of embedded software solutions, today announced updates to its Platform for Trusted Mobile Devices and its mobile hypervisor, the INTEGRITY® Multivisor™. The Platform enables use of the latest smartphones and tablets while simultaneously meeting stringent IT management and government security requirements. The cornerstone of Green Hills Software’s products and services is the company’s leadership and proven delivery of High Robustness solutions, required to protect valuable information against sophisticated attackers
Tweet SOURCE: TechNewsWorld “App publishers that disregard COPPA, regardless of the communication methodology, do so at their own risk, and W3 makes it clear — though it should have already been so — that apps that interact with the World Wide Web or use Internet Protocol are without question covered,” said Alan Friel, a partner […]
