Week of 16 Jun 2014 Iraqi government blocks social media (ComputerWeekly.com | 17 Jun 2014)
The government in Iraq is reportedly blocking access to social media sites amid growing armed conflict in the country
Week of 08 Jul 2013 The cloud security issues holding back cloud adoption in India (11 Jul 2013)
Security fears are cited as major obstacles to cloud adoption worldwide, and India is no exception with major hurdles to clear before mass adoption.
Week of 04 Mar 2013 Emerging threats include kinetic attack, offensive forensics: RSA 2013 (04 Mar 2013)
At RSA 2013, experts Ed Skoudis and Johannes Ullrich explained how the SANS CyberCity supports offensive forensics and helps prevent kinetic attacks.
Week of 25 Feb 2013 Bad outsourcing decisions cause 63% of data breaches (28 Feb 2013)
Bad outsourcing decisions nearly two-thirds of data breaches investigated by security firm Trustwave in the past year
Every Global 2000 organisation faces $398m in potential losses from new and evolving attacks on their ability to control trust with cryptographic keys and digital certificates, a study has revealed
Week of 03 Dec 2012 Cutwail botnet spam campaign tied to Zeus banking Trojan (05 Dec 2012)
The cybercriminals connected to the notorious Zeus Trojan are using the Cutwail botnet to distribute spam designed to steal account credentials.
In addition to Exchange Server, updates fix flaws in Internet Explorer, Microsoft Office and Microsoft Word.
Week of 26 Nov 2012 Study finds most antivirus products ineffective (27 Nov 2012)
Slow updates to signature databases cause some antivirus products to be ineffective against known threats, according to a study by security firm Imperva.
Malicious file attachments are typically used as the payload, according to a report issued this week by Trend Micro.
Week of 19 Nov 2012 Cloud security begins with the contract, says expert (21 Nov 2012)
Enterprises must empower their legal teams to ask the right questions and write contracts based on risk management, explains Tom Kellermann of Trend Micro.
Deceptive environments, phony data in the enterprise can fool attackers and increase the cost of hacking, says noted cybersecurity expert Paul Kurtz.
The PCI Risk Assessment Special Interest Group concludes that risk assessments are based on a company's unique risk tolerance and environment.
A phishing attack and stolen credentials gave an attacker access to the systems of the South Carolina Department of Revenue for two months.
Week of 12 Nov 2012 Adobe investigates scope of customer forum breach (14 Nov 2012)
Names, email addresses and encrypted passwords of thousands of customers may have been exposed in a breach of the software maker's customer forum.
NASA to deploy whole-disk encryption following breach (15 Nov 2012)
Stolen laptop contained the sensitive data on a large number of employees and contractors. The information was not encrypted.
Week of 05 Nov 2012 Mobile impacting cloud security issues, says panel (07 Nov 2012)
Bring-your-own-device (BYOD) makes securing cloud services complex, say experts. Enterprises should set mobile guidelines consistent with cloud policies.
November 2012 Patch Tuesday to include Windows 8 patch (08 Nov 2012)
Microsoft's November 2012 Patch Tuesday release will include four critical bulletins to fix flaws in Windows 8 and other products.
Week of 29 Oct 2012 Apple iOS 6.0.1 update fixes four security holes (02 Nov 2012)
iOS platform gets an update to 6.0.1 to fix security and stability problems. WebKit holes and kernel faults list among Apple’s list of patched bugs.
Hackers share attack techniques and vulnerability information, shedding light on what threats matter most, according to a new study.
ISACA to revamp IS Audit and Assurance Standards (01 Nov 2012)
Risk and compliance knowledge provider ISACA issues an exposure draft of IS audit standards; seeks feedback from Indian technology professionals.
Week of 22 Oct 2012 Users neglect enterprise mobile device security measures, survey finds (23 Oct 2012)
Some employees are failing to enable security capabilities on their smartphones and tablets, putting corporate email and other sensitive data at risk.
Week of 15 Oct 2012 Google no longer playing with Android malware (18 Oct 2012)
Some say the Android malware problem is out of hand, and it appears Google is taking additional steps to block attacks in its Google Play store.
MiniFlame is highly specific espionage malware, but experts indicate that financially motivated cybercriminals could make the threat more widespread.
Public Wi-Fi usage has gone up significantly in the past year, and many people are using insecure hotspots to access work information.
When addressing Web application threats and vulnerabilities, security teams need to look out for design flaws, says Mike Shema of Qualys, Inc.
Week of 08 Oct 2012 Application vulnerability disclosures rise, Microsoft finds (11 Oct 2012)
The Black Hole attack toolkit is fueling many of the exploits targeting the vulnerabilities, according to Microsoft.
The new requirements for digital certificates kicks in with the October update, which includes one critical bulletin and six important bulletins.
Week of 01 Oct 2012 Age-old vulnerabilities, attack techniques consistently trip enterprises (02 Oct 2012)
Windows security has improved, but longstanding Unix and network vulnerabilities remain an easy target for determined attackers.
Week of 24 Sep 2012 Adobe to revoke certificate following fraudulent use (27 Sep 2012)
Malicious utilities were created using the fraudulent certificates to appear to be valid Adobe products running on Windows systems.
Research firm discovers new Java sandbox vulnerability (26 Sep 2012)
A Java sandbox flaw could allow malicious code to run on any system running Java 5, 6, or 7. Users are advised to disable the Java browser plugin.
Most distributed denial-of-service attacks are easily filtered out, but individuals with the technical skills can mirror legitimate traffic.
Once inside, skilled attackers can scout for exploitable flaws and set up private communication channels to support cyberespionage campaigns.
Week of 17 Sep 2012 ESET calls Flashback Trojan threat now 'extinct' (21 Sep 2012)
ESET reports on how the Flashback Trojan changed the relationship between Apple and Java.
Microsoft issued an out-of-band security bulletin, addressing a zero-day vulnerability and four other flaws in Internet Explorer.
A temporary automated fix plugging the dangerous flaw is available until an official patch is released.
Week of 10 Sep 2012 Microsoft disrupts Nitol botnet, outs hidden PC malware (14 Sep 2012)
The Nitol botnet controlled more than 500 strains of embedded malware that Microsoft says has been plaguing the PC supply chain.
Two important bulletins were issued in Microsoft's September 2012 Patch Tuesday.
A new URL generation algorithm and domain obfuscation are among the new features designed to trip up malware analysis and avoid detection.
Week of 03 Sep 2012 Aurora attackers target defense firms, use flurry of zero-days (07 Sep 2012)
Cybercriminals tied to the 2009 Aurora attacks have used a flurry of zero-day exploits and a new "watering hole" attack technique in targeted campaigns.
FireEye warns of steady increase in advanced malware (04 Sep 2012)
Social engineering tactics often involve email attachments targeting various industry sectors, says the security firm.
Microsoft released an advance notification on two important bulletins and encouraged customers to address a SSL certificate update before October.
Week of 27 Aug 2012 Oracle issues Java security update fixing dangerous zero-day vulnerabilities (30 Aug 2012)
The latest update fixes widely exploited zero-day vulnerabilities. Metasploit manager praises company for fast turnaround.
Week of 20 Aug 2012 Disttrack discovery highlights growing use of targeted malware (21 Aug 2012)
W32.Disttrack, a worm that corrupts files and overwrites the MBR, further proves attackers now favor targeted malware for penetrating enterprises.
Adobe has released updates for six critical vulnerabilities, following a patch just one week ago that addressed other critical flaws.
Week of 13 Aug 2012 August 2012 Patch Tuesday fixes flaw being actively targeted by attackers (14 Aug 2012)
A dangerous flaw in Windows Common Controls affects multiple systems and software, including Office, SQL Server and Visual Basic 6.0 Runtime.
The Microsoft Malicious Software Removal Tool release warns users of Win32/Bafruz family backdoor Trojan.
Oracle said it would begin providing timely security updates to Java for Mac OS X.
Week of 06 Aug 2012 Five critical vulnerabilities expected in August 2012 Patch Tuesday (09 Aug 2012)
Microsoft said it would address ten vulnerabilities in the August 2012 Patch Tuesday, including flaws in Internet Explorer.
Kaspersky Lab has exposed a new cyberespionage toolkit it says is used in nation-state-sponsored attacks targeting people in the Middle East.
The most serious Android mobile malware uses SMS premium messages to make cybercriminals money, a tried and true attack method.
Week of 30 Jul 2012 Dropbox to implement two-factor authentication after security breach (01 Aug 2012)
Investigators believe some of the Web-based storage service's accounts were compromised following a password breach at another website.
Scope of Dropbox security breach is undetermined (01 Aug 2012)
Dropbox spokesman says investigation is ongoing after attackers gained access to an employee account leaking user email addresses.