Information from About Guides and partners relating to Online Security
(News) Apple has reversed its position and patched the "carpet bombing" flaw in its Safari browser.
(How To) Phones are off the radar for most hackers today. But Google's Android OS and the iPhone could make them more of a target.
(News) Researcher Dan Kaminsky will show attendees of the RSA security conference how a Web-based attack could be used to seize control of certain routers.
(News) Before you sit down in front of your PC to do your taxes, read about latest scams designed to cheat tax filers out of their refund and identity.
(News) Researchers at Symantec identify a Web site with malware that takes advantage of systems lacking a recent Excel patch.
(News) Tech entrepreneur and author Rod Beckstrom will be named to run a new National Cyber Security Center at the U.S. Department of Homeland Security, according to news reports.
(News) A flaw in the widely-used open-source VLC media player could allow an attacker to execute harmful code on a PC.
(News) An unnamed major retailer's security breach may have exposed hundreds of thousands of consumers in the northeastern U.S. to fraud.
(News) Plus: Firefox rushes plug-in patch; how to lock down your digital picture frame.
(News) Companies are turning to the wisdom of crowds to fight increasingly sophisticated phishing, spam, and nefarious sites.
(News) A spyware forum panel suggests users' sloppy security practices are a major contributor to problems.
(News) The latest malware trend should prompt you to think twice about the links you click next time you search.
(News) GNUCitizen is describing an apparent vulnerability that could trick people into revealing personal data.
(News) Security researchers release code that shows how a pair of widely used technologies could be misused to take control of a victim's Web browsing experience.
(News) Some Macintosh users have encountered a security program whose function and Web site have the tell-tale signs of a scam.
(News) A possible problem with the latest version of RealPlayer surfaces after a Russian security company claimed to have found a way to exploit a critical flaw.
(News) Google is asking everyday Web surfers to help with its efforts to stamp out malicious Web sites.
(News) Is the software we're using to protect ourselves from online attacks becoming a liability?
(News) Young people are compromising their career prospects and opening the door to online fraud by posting personal information on social networking sites without thinking about the consequences, a U.K. privacy watchdog warned Friday.
(News) EBay plans to host its own security conference next February, called "Red Team eBay."
(News) The security features introduced in Apple's Leopard operating system need work.
(News) A Washington, D.C., think tank has launched a cybersecurity commission full of top experts in the field, with the goal of creating a list of recommendations for the next U.S. president.
(News) Security experts are saying that a well-intentioned effort by the New Jersey Office of the Attorney General to combat phishing may backfire.
(News) Trend Micro has released it's 2008 Internet security suite, comprising three separate offerings aimed at various levels of Internet usage.
(News) Research Tuesday reveals that lax password habits are leaving a quarter of people in serious danger of falling victim to online fraud.
(News) Most U.S. consumers believe they're protecting their computers against cyberattacks, but their actions indicate they aren't as safe as they think, according to a study released Monday.
(News) It's self-serving, but a new study by McAfee Inc. and the National Cyber Security Alliance has found that 78 percent of consumer PCs in the U.S. are not protected (defined as having up-to-date AV, spyware and a properly configured firewall).
(News) Ask.com says they've fixed a critical bug in their toolbar, discovered by Joey Mengele and reported earlier this week.
(News) Someone used an eBay Inc. discussion forum on Tuesday to post confidential information about eBay users along with what may be their credit card numbers.
(News) Two senior security veterans from Trend Micro Inc. are trying to get the industry to change how it classifies malicious software.
(News) IBM has reported an increase in malware volume and sophistication as part of its security statistics report for the first half of the year.
(News) Bank of America Corp. customers can now use their mobile phones to make online banking more secure.
(News) Usernames and passwords for more than 100 e-mail accounts at embassies and governments worldwide have been posted online. Using the information, anyone can access the accounts that have been compromised.
(How To) Instant messaging (IM) is a popular communication tool in business environments. Here are steps you and your employees can take to mitigate IM threats, so you can enjoy the benefits.
(How To) Losing your PDA or smartphone can pose a security risk, but the evolution of viruses, Trojans, and worms means that your handheld devices can be subject to insidious online threats as well.
(How To) Learn about Instant Messaging (IM) threats and what you can do to protect your working environment.
(How To) A practical guide to closing the most dangerous software vulnerabilities that crooks target with ready-made attack kits.
(News) Wells Fargo & Co. may have a new problem, following its widespread computer crash earlier this week: online scammers.
(News) Single sign-on appliance developer Imprivata has enabled its devices to be called from within an application to verify the user's identity, as well as being used to log on to systems and applications in the first place.
(News) Even seemingly safe web addresses are rife with attack code aiming at vulnerable clients, according to a new study from the Honeynet Project. The study also found that methods such as blacklists can be surprisingly successful in stopping client-side attacks.
(News) Websense Inc. has developed a threat detection system designed to spot Web 2.0 attacks soon after they are launched.
(News) California's secretary of state has mandated tough new security standards for the state's e-voting systems and curtailed their use, following an independent review of the technology.
(News) Hackers have hit on a new technique for invading desktop computers via compromised websites, while avoiding anti-virus detectors, according to the SANS Institute.
(News) Diebold Election Systems Inc. voting machines are not secure enough to guarantee a trustworthy election, and an attacker with access to a single machine could disrupt or change the outcome of an election using viruses, according to a review of Diebold's source code.
(News) Researchers are looking for formal European Union sponsorship of a new project that would keep an eye on malicious software and computer attacks around the world.
(News) Contractors and U.S. government employees are sharing hundreds of secret documents on peer-to-peer networks, in many cases overriding the default security settings on their P-to-P software to do so, according to a company that monitors the networks.
(News) A security researcher has reported a serious vulnerability in BIND 9, the software widely used in the Internet's DNS addressing system.
(News) Security analysts spotted a gaping security hole in Fox News Network LLC's Web site on Monday, revealing file directories and sensitive content, although it appears the problem has been fixed.
(News) Online Security
(News) The U.S. Department of Homeland security will host a invite-only conference two months from now that will bring together security experts from law enforcement, Internet service providers, and the technology industry.
(News) Phishers have been using compromised MySpace.com accounts to attack unsuspecting Web surfers, security experts said Thursday.
(News) Online criminals looking for new areas to attack in the next few years will find green fields in the Internet infrastructure and the digital home, researchers with McAfee Inc.'s AVERT labs said Tuesday.
(News) You may need to wait a minute for another sucker to be born, but you can find one anytime you want online.
(News) Online criminals have launched a widespread Web attack that has turned tens of thousands of legitimate Web sites into weapons, security vendors said Monday.
(News) Web security research is being seriously hampered by laws that punish researchers for even attempting to locate flaws in web software, much less disclosing those flaws, according to a new study.
(News) As users store more data online, hackers are finding ways to break into the new service sites. experts say the problems are deep-seated.
(News) One week after updating its Mac OS X operating system, Apple Inc. has patched a serious flaw it its QuickTime media player.
(News) Plus: Vista corrupts iPods, Yahoo Messenger creates Internet Explorer risk.
(News) The problem of drive-by downloads from seemingly safe websites is worse than previously thought, according to Google, which counted hundreds of thousands of such malicious sites in a recent study.
(News) A new and unusually sophisticated application for controlling and monitoring botnet PCs has been discovered by security company Panda Software.
(News) The new version of Windows is more secure, but it won't end Web attacks, experts say.
(News) Symantec Corp. is slipping on its target delivery time for the next major upgrade of its security product for enterprises, code-named Hamlet, while it irons out final code wrinkles during beta testing.
(News) Google has rooted out a scam that delivered malware via the search engine's AdWords advertising system, and even added extra sections to specific banking websites to gather additional information.
(News) New browser-based application technologies are opening new security holes, warned SPI Dynamics as it launched a re-engineered version of its SOA/Web 2.0 security testing software WebInspect this week.
(News) In a move to strengthen its response to security threats, Microsoft Corp. is opening two labs to study the growing amount of malicious software circulating on the Internet, security executives announced Wednesday.
(News) Legislation that would authorize the U.S. Department of Homeland Security to create emergency preparedness standards for private industry takes the wrong approach toward cybersecurity, some experts said Tuesday.
(News) A report finds that banking, shopping, and other sites are likely to contain flaws that allow phishing or expose customer data.
(News) The U.S. Internal Revenue Service is warning taxpayers to be wary of e-mail messages that provide links to supposedly free tax-filing services endorsed by the agency.
(News) Joseph Kiniry, a computer science lecturer at University College Dublin, seems an unlikely candidate to work on open-source voting software.
(News) The U.S. departments of Defense and State received F grades, and Homeland Security a D, in the latest scorecard measuring their information security measures.
(News) A cross-site scriping scam on eBay highlights how easy it is to get fooled. We show you what to look out for.
(News) A security researcher at Juniper Networks Inc. says he plans to demonstrate a new class of attack that can be used to compromise electronic devices like routers or mobile phones.
(Reviews) Plus: Fixes for Internet Explorer and Office, and changes to Windows support.
(News) They won't divulge their real names, they call their project a "whiny, attention-seeking ploy," and they appear to take their fashion cues from Beastie Boys music videos.
(News) Security researcher Joanna Rutkowska has demonstrated several methods that sophisticated rootkits can use to hide from even the most reliable detection method currently available -- hardware-based products that read a system's RAM.
(News) Plus: More Office holes, and a major Adobe problem that affects all browsers.
(News) Uncertainty about how to secure mobile phones in the face of increasing threats is slowing enterprise adoption of mobile applications, experts exhibiting at the 3GSM World Congress in Barcelona this week said.
(News) Microsoft Corp. has thrown its weight behind OpenID, an emerging Web authentication standard.
(News) The game's over and patches are available, but many sites are infected with malicious code.
(News) New browser security technology is in the works and due for display at RSA in February.
(News) Security experts believe that the entity or people behind Rock Phish are the rock stars/innovators of most new evil phishing scams.
(News) Adobe encourages upgrading to Reader 8 and recommends disabling Acrobat and Reader plug-ins on Web browsers until patches are issued.
(News) $1.5 million in penalties will compensate consumers whose systems were damaged.
(reviews) Scandoo and SiteAdvisor Make Surfing Safer
(howto) Keep It Secret, Keep It Safe
(news) New Devices Promise Protection in a Box
(news) F-Secure Patches Web Console Bug
(news) Bugs Put Widely Used DNS Software at Risk
(news) McAfee Unveils Threat Center Portal
(news) How Common Is Identity Theft?
(howto) Defend Your PC Against Video Attacks
(news) Security Trends: Follow the Money
(news) Google Plugs Site Security Holes
(news) Improve Cybersecurity, Group Urges Feds
(news) Microsoft Picks Partners to Fight Phishing
(news) Microsoft to Release Antiphishing tool Before IE 7
(news) Microsoft Security Squad Scours Web
(news) Tech Firms Urged to Aid U.S. Cybersecurity
(news) New Steps to Reduce Identity Theft
(news) Call for Homeland Security Cybersecurity Improvements
(news) U.S. Cybersecurity Czar Post Created
(news) Xen Developers Focus on Security
(news) Vendors Expand Cybersecurity Efforts
(news) AT&T Plans Internet Security News Network
(news) Oversold Security Threats?
(news) Fret About PC Zombie Threat?
(news) Yahoo, SBC Offer Free Online Security Suite
(howto) Hide Your Internet Ports From Snooping Hackers
(reviews) Fight Fraud and Phishing With New Tools
(news) Widespread Internet Attack Cripples Computers with Spyware
(news) ISPs Join to Fingerprint Internet Attacks
(news) What Are the Web's Worst Security Problems?
(news) Do You Need a Digital ID?
(howto) Has Someone Made Off With My Online Identity?
(news) Tech Firms Urge Bush to Focus on Cybersecurity
(news) Gartner: Consumers Dissatisfied with Online Security
(news) Online Identity Theft: Many Medicines, No Cure
(tech_tuesday) Racy images hide a hacker's code.
(tech_tuesday) Learn how to protect your PC.
(tech_tuesday) Just in time for Halloween, computers seem to be possessed by ghoulish goblins. In reality, hackers are exploiting software holes to take control. Do you know what your PC is up to?
(news) Your PC May Be Less Secure Than You Think
(news) The SANS Institute identifies the top 20 Internet vulnerabilities of the year.
(tech_tuesday) Low-cost or free downloads can block your system from threats like sneaky spyware and invasive code. Should you use them?
(news) Deal will allow companies to digitally authenticate PDFs.
(howto) 'Two-factor authentication' increases your online security.
(news) Revamped Norton AntiVirus, Personal Firewall, and AntiSpam tools fight pests and dangers online.
(howto) Sneaky hackers can put undesirable links and images into your page without your knowledge.
(news) Homeland security efforts must spread to cyberspace, experts say.
(news) Homeland Security's tech leader describes partnerships, training to combat cyberterrorism.
(news) All surfers charged with helping fight bugs, spam, viruses, and cyberterrorists.
(news) Federal agency issues one-year cybersecurity report card and describes goals for security efforts.
(news) Homeland Security service offers tips, e-mail alerts about hazards online.
(howto) That person sipping coffee at the next table could be hacking your log-in info as you type.
(howto) Password rules and tools; clear your passwords; cache news to read offline; update your media players.
(howto) Are strangers grabbing more than just tunes from your PC?
(news) Security experts urge open exchange and cooperation.
(news) Old equipment, poor practices, slow response blamed for sloppy security.
(howto) Install all the utilities you want--security is still a leaky mess.
(yahoo) Civil liberties groups, some lawmakers remain wary of deep databases.
(news) Experts, hackers debate cyberterror, digital teens, and holey software.
(news) In the works: biometrics, wireless alerts, enhanced communications.
(howto) Follow these essential steps for your PC security.
(howto) Sneakier spam, wilier worms, more aggravating ads...no wonder it feels like your PC is under assault. Fight back with these simple steps for keeping the latest pests at bay.
(howto) Plagued by a plethora of passwords? Here's how to deal with them without driving yourself nuts.
(news) National strategy called long on suggestions, short on specifics.
(news) Awareness, vigilance are key to protecting your system and data from cyberattack, experts advise.
(news) Greater network dependence boosts risk of damage by cybervandals who code with vengeance.
(news) Downloadable 'Common Sense' guide produced by Internet Security Alliance as part of effort.
(news) Exec says yes, but notes that customers must apply security patches once flaws are found.
(news) 'Tis the season to dig into that e-wallet; but don't fork out more than you intend.
(news) Congress urges focus on academic instruction, workplace standards, ongoing programs.
(news) Senate pushes more funds to keep consumers, businesses, and country free from online threats.
(news) Congressional inquiry satisfied, but some want more details about how Patriot Act power is being used.
(news) Sensiva's new password manager encrypts, stores your collected log-ons to accelerate access and surfing.
(news) National cybersecurity plan unveiled for comment, criticism, suggestions.
(news) Users, vendors have a role in helping secure cyberspace, in Bush strategy still in the works.
(news) Riptech clients report 28 percent increase in attacks, but cyberterrorists keep quiet.
(howto) Two cookie managers quietly do your bidding.