First Microsoft touts clickjacking protections in Internet Explorer 8, then a security researcher releases a proof of concept for a clickjacking attack targeting the Google Chrome Web browser. Clickjacking, some say, remains an issue t ...
News Security
Retailer Wireless Devices Largely Unprotected
A new survey shows 44 percent of the wireless devices used by retailers are vulnerable to attacks by data thieves. And that's the good news. A year ago, the same Motorola survey showed 85 percent of retailers were sitting targets for d ...
Websense Buys Spam Protection for Social Web Sites
Websense has acquired Defensio, a spam filtering service designed to protect blogs, social networks and other Web 2.0 sites. According to Websense, the move is in response to the growing amount of spam and malicious content on social W ...
More Malware Targeting Users of Pirated Software for Mac
A new variant of a Trojan is targeting users of pirated Adobe Photoshop CS4 software. The Trojan is related to malware uncovered last week that was packaged with pirated copies of iWork '09.
Microsoft Goes After Clickjacking in IE8
Microsoft has introduced a release client version of its latest browser, Internet Explorer 8 (IE8), and the new iteration of the application includes several security improvements, including a noteworthy attempt to address the emerging ...
Cleaning Conficker: Keeping Your Network Safe from Windows Worm
Much has been written about the Conficker worm, also called "Downadup," in recent days. eWEEK has pulled together some general advice for protecting your systems from infection and remediating them should the worm slither by your defen ...
Conficker USB Worm Spreading Quickly
Security researchers are reporting that the Conficker worm virus, which preys on a recently reported vulnerability (MS08-067) in the Microsoft Windows server service, is spreading rapidly even as we speak.
Apple Plugs Security Holes in QuickTime
Apple updates QuickTime, fixing a number of remote code execution flaws. One security researcher expects malware writers to launch exploits via drive-by attacks.
Firefox Plug-in Lets Users Import Google Notebook to Zoho
Messaging and collaboration SAAS company Zoho updates its Firefox plug-in for Zoho Notebook to make it easy to import a Google Notebook to Zoho's cloud computing environment. The move is a shrewd one on the part of Zoho, which is lo ...
Whois Abuse Still Out of Control
It's still easy to try to steal an identity with false whois information. There are rules against it and ICANN pretends to enforce them, but I personally know that it doesn't really happen.
Millions Hit with Windows Worm as Infection Spreads
A new variant of a worm that exploits a vulnerability patched by Microsoft in October has infected millions of users, security researchers say. According to experts, the Conficker worm is using multiple mechanisms to spread.
ContentWatch Security Appliance Offers Filtering, Anti-malware
ContentWatch's CP 300 security appliance offers very good content filtering, traffic shaping and anti-malware capabilities, as well as excellent reporting. It also integrates with directory services such as LDAP to let businesses enfor ...
Testing Microsoft’s Windows Application Whitelisting Tool
The SRP feature in Microsoft Windows doesn't offer the same granularity of control or change management capabilities as whitelisting options from third-party suppliers, but there also are no extra licensing costs and it works well with ...
Business Continuity and Disaster Recovery: How to Prepare Your Business
Companies frequently don't like to think about business continuity, disaster recovery, the expense of hot sites or even off-site storage. But, if you can't afford to lose it, then BC/DR is for you.
How to Protect Data During a Virtual Migration
Server virtualization has become a popular trend in enterprise IT. When migrating from a physical to a virtual environment, IT professionals need to ensure that their company's data is protected, current and readily available.
Database Vendors Should Push Data Masking for Enterprise Security
Database and application vendors may want to take a look at expanding their data masking capabilities as its relevance grows. While the market is currently small, Forrester Research expects it to grow in the years ahead.
SSL Crack Shows You Must Advance Your Security
The successful creation of a rogue certificate authority by security researchers using a colliding certificates attack demonstrates that if you're not moving forward with your security-related standards then you're moving backward. Eve ...
Vendors Tie Database Monitoring, Security Event Management
Security vendors such as Imperva and Guardium are increasingly tying security information management to database activity monitoring. The latest example of this trend is NitroSecurity, which has integrated its NitroView DBM and NitroVi ...
Microsoft: Patch Server Vulnerability to Combat New Attacks
Microsoft has repeated its warning to users to apply a vulnerability patch in their Windows Server service. A new variant of the Conficker worm that targets this flaw is to blame.