Friday, August 28, 2009
Friday, August 21, 2009
The biggest mistake leading to a data security breach is often pinpointed by investigators as a fundamental security error, according to a panel of experts who discussed the topic of data breaches Wednesday. The panel discussion, sponsored by security vendor, Bit9 Inc., included Bob Russo, general manager of the PCI Security Standards Council, Rich Baich, partner at Deloitte and Touche and former CISO of ChoicePoint and Tom Murphy, chief strategist of data protection vendor, Bit9.
Read More about this article at:
Tuesday, August 18, 2009
The indictment alleges the men conspired to conduct the largest credit and debit card data breach ever charged in the United States.
The Department of Justice issued a statement today about the indictment, which accuses Albert Gonzalez, 28, and two unnamed Russian citizens of stealing data from Heartland Payment Systems Inc., 7-Eleven Inc. and Hannaford Brothers Co. Two other companies remain unnamed because their breaches have not been made public, the DOJ said.
Qualys Inc. presented an update at the recent Black Hat USA 2009 briefings to their Laws of Vulnerabilities research, a timely statistical review in light of the increase in Microsoft Internet Explorer, Microsoft Office, Adobe Reader, and Apple QuickTime application level attacks. The study, first conducted in 2004, is based on years of accumulated vulnerability scanning data of the Qualys installed base.
Wednesday, August 12, 2009
Click on the above Patch chart for enlarged view.
Source: Ultimate windows Security
Microsoft also released an additional critical update to repair ActiveX vulnerabilities in its Active Template Library. The errors enable an attacker to bypass kill-bits, a feature commonly deployed by Microsoft to block attackers from exploiting complex interoperability vulnerabilities without addressing the underlying flaw.
In all, Microsoft issued nine security updates Tuesday, including six rated critical, affecting Windows and Office Web Components.
Tuesday, August 11, 2009
It's true that every information security technology in some way involves the data protection market -- everything from network firewalls and desktop antivirus to application security products (Web application firewalls, code review tools, etc.) However, there are two critical markets that deal with data directly and are generating some serious business: mobile data security (laptop encryption and portable device control), which Forrester Research Inc. pegs at a $1 billion-plus business, and data leakage (or loss) prevention (DLP). Forrester estimates the DLP market will be between $200 million and $250 million this year, while Gartner estimates around $300 million.
Friday, August 7, 2009
In its advance noticeissued Thursday, Microsoft said that the critical bulletin affecting Microsoft Office, Microsoft Visual Studio, Microsoft ISA Server and Microsoft BizTalk Server addresses a vulnerability in Microsoft Office Web Components, first raised in security advisory 973472. An attacker who successfully exploited this vulnerability could gain the same user rights as the local user. When using Internet Explorer, remote code execution is possible and may not require any user intervention.
Read more at below link:
Say it isn't so! The Twitter bird's beak was closed Thursday as Twitter fought a distributed denial-of-service attack that shut it down for several hours.
With the mini-blogging site down from 9 a.m. Eastern time until noon, its millions of members were unable to tweet by Web and by mobile phone. A tweet test brought an error message that the "network request failed."
Read more at below link:
Tuesday, August 4, 2009
I found an intresting article on "networkworld" website which talks about social networking sites and risks related to it. click on the below link to read the full article.
Monday, August 3, 2009
Chinese hackers have cracked the activation codes for Windows 7, less than a month after Microsoft Relevant Products/Services released the first copies of the new operating system to computer makers, technology news site CNET reported Thursday.
The crack will allow fully functional, copied versions of the Ultimate Version of Windows 7 to be distributed over file-sharing sites even before the operating system is released to the public in October.
Read More about this at: http://www.enterprise-security-today.com/story.xhtml?story_id=00200059ERIC