Security Channel

Network security news, reviews, and advice on malware defense, data security, hacker countermeasures, and security management.

Security Articles

Citadel banking malware is evolving and spreading rapidly, researchers warn

Open-source development model is helping the Trojan's creators patch bugs and add features faster

Security experts speak out against proposed cyber security regulations

Regulations would be counterproductive, leading companies to focus on overly burdensome compliance requirements rather than security, experts warn

Spammers impersonate well-known developers to publish rogue apps on Android Market

The spammers are using font tricks to deceive Android Market users into trusting rogue app developers

Google Chrome will no longer check for revoked SSL certificates online

Google has decided to drop OCSP revocation checks from Chrome because they are inefficient and slow

Free Web tool consolidates data on code vulnerabilities

ThreadFix gives enterprise coders a central, strategic view of software bugs and vulnerability status

It's time to regulate Facebook

Facebook, Google, Twitter, and every other data-sucking Web giant should be forced to reveal exactly what data they collect about us -- before it's too late

Update: Trustwave admits issuing 'man-in-the-middle' digital certificate

Mozilla debates punishment for the issuing of a subordinate root certificate that let company snoop on SSL-encrypted traffic

Update: Internet Explorer aces security test as Google faces accusations

IE9 proves 96-plus percent effective in blocking malware, while Chrome, Firefox, and Safari all lag

Security lab: Something fishy about Google Chrome's Safe Browsing API

NSS Labs says there may be a privacy concern about Google's use of end user IP addresses as part of its Safe Browsing API

Data breach? Blame your third party's remote access systems

Three-quarters of the time, third-party responsible for system support, maintenance introduced the security deficiencies exploited by attackers, study finds

All Security Articles
Essentials essential information on Security
Security Page

InfoWorld's Security Boot Camp

Are your network defenses feeling a little flabby? InfoWorld's Security Boot Camp will whip your IT operation into shape in next... more

Security White Paper

Information Security and Multi-Compliance

It’s common for information security managers to be held responsible for situations where they have little control or... more

Security Blog entry

Let your worst fears be your guide

Your computer security defense should be built with the assumption that all attackers are trusted, highly privileged insiders... more

After infection: New schemes to restore your systems
SECURITY ADVISER
After infection: New schemes to restore your systems

Blog by Roger A. Grimes

Antimalware software can detect infections, but fixing those problems still means wiping and rebuilding your hardware
Security Deep Dives
Download the BYOD and Mobile Strategy Deep Dive:

iPhones, iPads, Androids, and more are joining your business's suite of technology tools, driven by user demand and need. Most....

Download the Mobile Device Management (MDM) Deep Dive:

here is a pageAs iPhones and Androids join BlackBerrys in the corporate mobile toolkit, enterprises are concerned about how to....

Download the Whitelisting Deep Dive:

Whitelisting, also known as application control, turns the problem of fighting malware on its head: Rather than attempt to block....

See all Security Deep Dives
See all Security White Papers
Featured Sponsor
White Paper

White Paper

Sophos Security Threat Report 2011

Last year's cyberattacks, like Aurora and Stuxnet, demonstrates that malware lurks everywhere and tricks even the most scrupulous user. Our threat experts see 30,000 new malicious URLs each day—70% of which are legitimate websites that were hacked. Let our new 2011 Security Threat Report be your weapon in the battle against malware. It describes the significant threats of 2010, what to watch for in 2011, and more importantly, what you need to do to get ahead of them.

Download now! »
White Paper

White paper

Eight threats your anti-virus won't stop: Why you need endpoint security

News headlines are a constant reminder that malware attacks and data leakage are on the rise. High-profile incidents that make big news might seem out of the ordinary. Yet businesses of every size face similar risks in the everyday acts of using digital technology and the internet for legitimate purposes. This paper outlines eight common threats that traditional anti-virus alone won't stop, and explains how to protect your organization using endpoint security.

Download now! »

White Paper

Malicious JavaScript Attacks: What Can You Do?

As an IT manager, you need to be able to effectively secure all of the websites you manage to avoid attack and the subsequent infection of site visitors. You also need to protect the users within your organization from becoming victims of malware. Organizations can use specific technologies and layered protection strategies to safeguard websites and shield employees. We'll review what to watch for, as well as the security strategies that will help keep you safe.

Download now! »
©1994-2012 Infoworld, Inc.