|
|
Free Newsletters
|
|
|
|
|
|
IT trainer offers master's degree for hackers In an effort to produce the next generation of chief security officers and IT systems defense experts, an online training company is offering a new master's degree program in security science. Fraudsters jump to U.S. to cash out on U.K. cards The U.S. has overtaken France as the No. 1 place where fraudsters can convert U.K. credit and debit card details into cash, according to a U.K. banking trade group. October 3, 8:27 a.m. PDT France drags its feet on online security With Internet fraud on the rise, French banks and merchants are not putting in place antifraud technology to catch bad online transactions, an official from France's central bank said Thursday. September 27, 9:23 a.m. PDT Questions remain about eBay members' info theft Questions abound over the posting of confidential information from eBay members on one of the vendor's discussion forums, a sinister incident that has many of the online marketplace's buyers and sellers worried. September 26, 3:46 p.m. PDT Security experts pitch 'culture of data' The companies that are having the most success in advancing their data security efforts today are those that are finding a way to protect sensitive information without getting in the way of business users, industry experts maintain.  September 25, 2:53 p.m. PDT Old hard drives still full of sensitive data Hard drives full of confidential data are still turning up on the second-hand market, researchers have reported. September 21, 10:16 a.m. PDT Fear of insider threats hits home The more money that companies spend on securing their IT operations from external attack, the more it seems they become aware that the potential threat posed by their own employees remains their most significant risk. September 18, 10:42 a.m. PDT Symantec: Stolen bank account details fetch $400 online Stolen bank account numbers are commanding the highest price in an underground trade of personal details stolen by hackers, according to a survey released Monday by security vendor Symantec. September 17, 3:51 a.m. PDT Badware hunters tame wild Webmasters, hosts If hijacked sites and hosting companies that fail to police malware distribution sources represent two of the most serious threats to Internet security, there may be hope for improvement, according to researchers working with Harvard Law School's StopBadware.org. September 14, 3:45 a.m. PDT Expert do's and don'ts for dealing with data breaches Organizations that experience data breaches must move quickly to assuage the fears of their constituents and go beyond expectations to address the situations effectively, according to those most familiar with the incidents. September 11, 3:45 a.m. PDT Update: Seattle man arrested for p-to-p ID theft A Seattle man faces as many as 29 years in prison after being charged with using the LimeWire and Soulseek p-to-p (peer-to-peer) networks to commit identity theft. September 6, 1:03 p.m. PDT Forrester security show stresses risk management Enterprise security decision makers have long been more likely to be swayed by flashy new technologies than by the notion of comprehensive IT restructuring to protect data and other corporate assets, but the situation is evolving rapidly, according to experts participating in Forrester Research's ongoing Security Forum. September 5, 11:33 a.m. PDT FBI: Enterprises need counterintelligence The Chinese government has denied involvement in a series of hacks carried out against IT systems at the Pentagon in June this week, but the threat of technology-driven espionage has forced the FBI to push businesses and academic institutions to better prepare for such attacks. September 4, 3:45 p.m. PDT Intel's vPro chips in more security for businesses With the introduction of its latest vPro microprocessors on Monday, Intel contends it is injecting a heavy dose of new security capabilities for the benefit of business customers and third-party technology providers alike. August 27, 8:00 a.m. PDT Get paranoid: Information brokers are bungling your data Anybody who requests a background or credit check on you -- or provides them to others -- has a ton of sensitive information about you that (a) may not be accurate and (b) is highly vulnerable to spills. That includes data brokers, credit bureaus, banks, insurance companies, cell carriers, and your employer. August 27, 3:00 a.m. PDT Get paranoid: Zombies abound We are in the midst of a zombie epidemic that shows no signs of slowing. During the second half of July, the volume of spam e-mails containing variations on the Storm worm increased tenfold. The result? A zombie network estimated by IT security company SecureWorks at more than 1.7 million PCs -- big enough to do serious damage to the Net. August 27, 3:00 a.m. PDT 10 reasons to be paranoid The truth is out there ... and so is your data. And just because there are no virtual black helicopters following you doesn't mean somebody somewhere doesn't have a bead on who you are and what you are doing. August 27, 3:00 a.m. PDT Get paranoid: Your Wi-Fi net is wide open Got a secure Wi-Fi connection? Good for you. But your neighbors may not be so lucky. August 27, 3:00 a.m. PDT Get paranoid: The Feds are on your tail If the National Security Agency is spying on you, you're probably connected in some way to a terrorist investigation -- even if it's just because you invited your neighbor Ahmed over for a barbecue. August 27, 3:00 a.m. PDT Get paranoid: Google knows what you searched last summer Not long ago, Google was the cuddly search engine that could. Now it's a bona fide data monster, and your personal information is its meat. August 27, 3:00 a.m. PDT Get paranoid: There's a spook in your inbox Remember when the CIA was a dark, malevolent force lurking in the shadows of our lives, tapping our phones, reading our mail, and planting explosive devices in Castro's cigars? Well, they're baaaack. Only now it's the National Security Agency, and they're snooping into your e-mail, cell phone conversations, and Lord knows what else. August 27, 3:00 a.m. PDT Get paranoid: You are your own worst enemy Got a MySpace page? LinkedIn résumé? Facebook profile? August 27, 3:00 a.m. PDT Get paranoid: Your ISP knows too much If you think Google knows more about you than your parents do, imagine the kind of dope your ISP could drop if pushed to give up the goods. August 27, 3:00 a.m. PDT Get paranoid: Hollywood wants to terminate you No, the Recording Industry Association of America and the Motion Picture Association of America aren't spying on you. They've got people for that, specifically companies such as BayTSP and SafeMedia, which infiltrate peer-to-peer networks so they can record file swappers' IP addresses and the types and number of files they're sharing. An IP address isn't proof positive of your identity, but it's good enough for most civil suits -- unless, of course, it belongs to a dead person or someone who doesn't actually own a computer. August 27, 3:00 a.m. PDT The Monster.com mess The last thing you need when you're unemployed is a bank account that's suddenly emptied. But that's exactly what some unwary users of employment search site Monster.com faced after identity thieves made off with the personal information of more than a million people looking for jobs. August 24, 12:25 p.m. PDT Security SaaS maturing fast Security technologies delivered via the SaaS (software-as-a-service) business model may still be in their nascent stage, but some early adopters are already piecing together multiple offerings to outsource a significant portion of their IT systems defense infrastructure. August 22, 11:06 a.m. PDT Turkish police make arrest in TJX data breach case Police in Turkey have arrested a man allegedly trying to sell data hacked and stolen during the now infamous theft of customer records from U.S. retailer TJX. August 22, 8:38 a.m. PDT Monster.com identity attack may claim more vicitims The 46,000 people reportedly infected by ads on job sites may be only a fraction of the victims of an ambitious, multistage attack that has stolen data belonging to several hundred thousand people who posted resumes on Monster.com, a researcher said this weekend. August 20, 8:37 a.m. PDT Your data's less safe today than two years ago Today's electronic world is a risky place for your personal data -- and it's not getting any safer. More than 158 million data records of U.S. residents have been exposed as a result of security breaches since January 2005, according to The Privacy Rights Clearing House, a nonprofit consumer rights organization. August 20, 8:07 a.m. PDT Microsoft plugs single sign-on again with Windows Live ID Web Authentication 1.0 Microsoft has released a software development kit for a service that enables users who log in through one Web site to be authenticated on many others. August 17, 10:39 a.m. PDT Symantec's Dark Vision mines underground Web sites Researchers at Symantec have developed a system that mines underground Web sites and chat rooms for sensitive information that is being sold. July 31, 4:28 a.m. PDT Apps security to dominate Black Hat Black Hat kicks off this week in Las Vegas with a big shift in focus from Internet viruses to application security. July 31, 3:00 a.m. PDT Take a byte out of ID crime More than a year after President Bush commissioned a task force on the topic, the Department of Justice has finally drawn up legislation to combat identity theft. And if the DoJ's efforts remain consistent with the objectives stated in the task force's strategic plan (PDF), the new bill could in fact mark significant progress in protecting personal identity data. July 27, 3:00 a.m. PDT Recovering from identity theft Our government is working hard to reassure us that identity theft is a figment of our imaginations, but if you’re a victim in one of those not-so-imaginary crimes, there are proactive steps you can take. July 27, 3:00 a.m. PDT McAfee sets Rootkit Detective free On July 26, McAfee will begin offering a new application called Rootkit Detective, designed to detect and remove dangerous rootkit attacks. The software will also help end-users ward off the threats, as well as funnel new intelligence into the company's ongoing research operations. July 25, 1:12 p.m. PDT Organized crime infiltrates financial IT In Martin Scorsese's hit movie "The Departed," actor Matt Damon plays the part of a mole -- someone who helps his connected mob friends stay a step ahead of the cops by becoming one of the very law enforcement officials assigned to stop them. July 23, 11:14 a.m. PDT Identity theft? What identity theft? Whew! We can relax. July 20, 3:00 a.m. PDT Texas state Web site leaks sensitive information Troy Aikman may not be happy about it, but the State of Texas has made his address and social security number available via the Internet. July 19, 4:52 a.m. PDT Oracle to buy ID theft detection company Bharosa While most of Oracle's recent purchases have focused on growing its applications business, the vendor's latest proposed purchase will beef up its growing identity management operation. July 18, 8:52 a.m. PDT Anti-phishing techniques for the real world I need to expand my idea of a secure computing ecosystem into the real world. Let me explain. July 13, 3:00 a.m. PDT GAO: Data breaches don't often result in ID theft Most large data breaches don't appear to lead to identity theft, and proposals that would require companies to notify customers of most breaches may lead to increased costs without significant benefits, says a report from a U.S. government agency released Thursday. July 5, 1:23 p.m. PDT HP pretexting case may wrap up Thursday A criminal case against some of the people implicated in the Hewlett-Packard pretexting scandal may wrap up Thursday in a courtroom in San Jose, California. June 27, 6:26 a.m. PDT Data breaches start at the gas station Using a credit card at a gas station could pose more of a risk for data theft than shopping online, as point-of-sale terminals have emerged as a weak link in the security chain, according to a Gartner analyst. June 26, 4:14 a.m. PDT Quickly discover sensitive content Monitoring systems on the central LAN for personal and proprietary data – something industry analysts estimate 86 percent of companies must do to comply with one or more regulations, such as GLBA, HIPAA, and Sarbanes-Oxley – is already an enormous challenge. Then consider the extra complexities introduced as this content sprawls to remote offices and partner locations. June 26, 3:00 a.m. PDT Secret Service helps bust ID, credit card theft rings The U.S. Secret Service has cracked down on an international ID theft ring that is responsible for more than $14 million in fraud losses, the agency said Monday. June 25, 4:15 p.m. PDT Global co-op feeds FBI's botnet fight Officials with the FBI claim that global law enforcement partnerships are playing a significant role in its ongoing efforts to stomp out botnets and other computer-borne crimes. June 14, 3:09 p.m. PDT Helping retailers wipe ID data issue When data breach investigator Bryan Sartin gets a call to check into an incident involving customer records loss at a retailer, he knows that the situation most likely involves information that has been lifted from a company's point-of-sale systems. June 13, 8:44 a.m. PDT Experts: Botnets add fault tolerance Security experts contend that a growing number of operators of compromised computer networks (or "botnets") are finding new ways to grow their networks and make them immune to potential shutdowns, including sophisticated fault-tolerance planning to help ensure that their networks can't be easily wiped out. June 7, 12:00 a.m. PDT Microsoft unveils integrated security Microsoft shared details of its long-term security product strategy as part of its ongoing TechEd 2007 training conference on June 4, lifting the lid on plans to deliver an integrated suite of its software by mid-2009. June 4, 7:24 a.m. PDT 'Spam king' arrested in Seattle A Seattle man was arrested Wednesday morning for illegal spamming activities. The arrest follows an indictment by a federal grand jury in Seattle last week. May 31, 5:05 a.m. PDT Google buys into security, acquires GreenBorder Google has jumped into the anti-malware market, snatching up browser-based security software maker GreenBorder Technologies for an undisclosed amount of money. May 29, 9:32 a.m. PDT Companies open wallets for secure data An annual VanDyke Software-sponsored survey of IT network and systems administrators finds that businesses have increased their spending on secure data communications technologies and also have undertaken significant work to improve their internal processes to benefit security. May 22, 11:42 a.m. PDT IBM pitches risk management strategy IBM unveiled a new IT governance and risk management strategy on May 15 that it will market to enterprise customers as a means to weave together security and compliance projects to ease planning and help drive down related expenses. May 15, 12:42 p.m. PDT Tech groups support new cybersecurity bill A tech trade group and a leading cybersecurity vendor applauded new legislation introduced in the U.S. Congress that would broaden penalties for cybercrime, including first-time penalties for botnet attacks. May 15, 8:56 a.m. PDT Social Security, spyware bills go to House vote The House Energy and Commerce Committee unanimously approved a pair of bills on May 10 that aim to bolster consumers' protection against misuse of their social security numbers and computer-borne spyware. May 11, 11:23 a.m. PDT Building trust in downloads no simple feat The Truste group's goal of creating an online ecosystem through which software makers are held accountable for the functions of their programs and end users are given the power to keep unwanted applications off their devices won't be achieved easily, according to security researchers and participants in the nonprofit's Trusted Downloads project. May 10, 5:04 p.m. PDT Document shell code attacks loom large Targeted attacks that utilize vulnerabilities in popular document file formats and execute via hard-to-find shell code are becoming an increasingly popular menace, according to researchers at IBM's Internet Security Systems division. May 2, 12:37 p.m. PDT VeriSign to use one-time passwords for bank cards VeriSign Inc. is looking to offer bank cards with an integrated one-time password generator, a slimmer way than key chains to implement two-factor authentication. May 2, 7:03 a.m. PDT Making sense of Websense's SurfControl buyout Websense's $400 million buyout offer for rival network filtering specialist SurfControl should help position the two companies for short-term growth and possible acquisition in the future, according to market watchers. May 1, 11:27 a.m. PDT AOL: Hacker unlikely to have stolen customer data AOL is investigating the recent hacking of its systems by a New York teen to determine if he managed to obtain customer data. However, the Time Warner subsidiary thinks it's unlikely that customer data was compromised. April 27, 2:44 p.m. PDT Britain spearheads European e-crime reporting portal British computer security experts are designing a Web portal to gather more precise statistics on Europeans victimized by Internet crime, an area that remains difficult for collecting accurate data. April 18, 9:39 a.m. PDT Large enterprises still serving up spam Well-known enterprise companies are still having their IT systems hijacked by spammers despite investing in many different types of technologies aimed at stopping the problem. April 17, 3:04 p.m. PDT Protesters sue to stop use of French e-voting machines Campaigners have filed suit to prevent the use of electronic voting machines in the forthcoming French presidential election. They say the machines do not meet the legal requirements set out by the country's Constitutional Council. April 17, 11:23 a.m. PDT P2P worms get their turn Massive networks of infected computers controlled by attackers worldwide will serve as a powerful engine for the new breed of so-called P2P worm that is currently echoing across cyberspace. April 16, 11:17 a.m. PDT Bottom line impact of data breaches unclear Despite the fact that unwanted exposure of consumer data has become a hot-button issue in the media and among legislators nationwide, experts admit that it remains unclear just how much damage the events will cause to the finances and reputations of companies that experience major incidents. April 13, 3:01 p.m. PDT UK sees jump in identity-theft reports Identity thieves are showing more determination in picking out victims, while the number of reported U.K. victims of identity theft continues to rise, according to new data released by credit-checking agency Experian on Thursday. April 12, 4:48 a.m. PDT McAfee: Cyber-crime will continue to pay The latest research report from McAfee's Avert Labs paints a frightening picture for enterprise IT administrators and end-users, predicting continued maturation of cyber-crime and the technological means being used to carry out external attacks. April 10, 9:00 p.m. PDT Finding security in Windows Mobile monoculture Without a doubt, the most influential factor driving the current state of IT security is the ubiquitous presence of Microsoft's dominant Windows operating system on a vast majority of the world's PCs. April 6, 4:52 p.m. PDT When identity theft becomes standard operating procedure TJX Companies suffers a long-term hacker breach and information related to more than 45 million credit cards is accessed by unauthorized parties. To put this in perspective, there are only about 180 million adults in the United States (out of more than 300 million people). If you assume that most of those adults have some form of available credit (many won’t because of personal choice, incarceration, bankruptcy, etc.), this breach alone compromised a quarter of the U.S. population’s cards. April 6, 3:00 a.m. PDT Debate lingers over federal data-handling laws Even as the federal government appears poised to create new consumer data protection laws in 2007, businesses and privacy advocates in the United States remain at odds over the parameters of such legislation and its potential impact. April 3, 6:59 p.m. PDT ShmooCon hacker event gets under way The third annual ShmooCon convention kicked off in Washington, D.C., on March 23 and will run throughout the weekend with a series of lectures and presentations covering a wide range of enterprise security issues. March 23, 2:12 p.m. PST TJX stolen data used in Florida crime spree Law enforcement officials in Florida have arrested six individuals suspected of carrying out a fraud scheme built around the misuse of credit card data stolen from retailer TJX Companies. March 21, 9:25 a.m. PST Liberty releases new client ID specifications The Liberty Alliance released a new set of specifications aimed at protecting identity information transmitted by mobile devices during Web-based transactions. March 21, 4:39 a.m. PST Global malady: Virus writers worldwide team up Security researchers have been touting the growing nature of professionalism among virus authors over the last several years, but new evidence points to increased cooperation between malware writers spread around the globe, according to some experts. March 20, 11:13 a.m. PST Hackers selling IDs for $14, Symantec says Identity thieves are offering a person's credit-card number, date of birth, and other sensitive information for as little as $14 over the Internet, said a new report on online threats released Monday. March 19, 5:12 a.m. PST Three indicted for alleged online brokerage scam A grand jury in Omaha, Nebraska, has indicted three people on charges of conspiracy, fraud and aggravated identity theft related to a "high-tech" scheme to hijack online brokerage accounts, the Department of Justice and the Securities and Exchange Commission announced. March 12, 12:57 p.m. PST EBay: More cooperation needed on cybersecurity Banks, online merchants, and technology vendors must work together to prevent security problems like phishing attacks and data breaches, eBay President and CEO Meg Whitman said Thursday. March 8, 10:51 a.m. PST Tolerating online fraud Whenever I see someone turning the other cheek to a problem, I smile and think of the greatest golden retriever I’ve ever known, a family dog named Kayo who was a very strong swimmer. March 1, 3:00 a.m. PST Famed ID thief to speak at RSA Europe He posed as a doctor, a pilot, and a lawyer without any training and got away with it. But he'll appear simply as himself to keynote an upcoming security conference. February 21, 6:56 a.m. PST Cerf: Internet is a reflection of society The Internet is a mirror of the population that uses it, said Google's vice president and chief Internet evangelist Vinton Cerf said in reference to the proliferation of fraud, social abuse, and other online crimes. February 21, 4:55 a.m. PST Drive-by Web attack could hit home routers If you haven't changed the default password on your home router, do so now. That's what researchers at Symantec and Indiana University are saying, after publishing the results of tests that show how attackers could take over your home router using malicious JavaScript code. February 15, 5:02 a.m. PST FTC: Identity theft remains top consumer complaint Identity theft remained top of mind among U.S. consumers last year, but complaints about Internet auction fraud dropped noticeably, according to data released Wednesday by the U.S. Federal Trade Commission (FTC). February 7, 12:04 p.m. PST FTC to release ID theft data at RSA The U.S. Federal Trade Commission will wade into an emerging debate on the nature of identity crime when it releases its latest ID theft statistics at the RSA Conference in San Francisco next week. February 2, 3:59 p.m. PST Enemy inside the firewall Corporate security lapses are once again sweeping the news hour, but these days the culprit is just as likely to be an inside source -- a paid employee at a reputable company -- as a hacker doing evil somewhere in a Moscow basement. February 2, 3:00 a.m. PST ID fraud down, says research firm Despite widespread media coverage of data breaches over the past year, identity fraud is actually dropping in the U.S., Javelin Strategy & Research Inc. reported Thursday. February 1, 1:08 p.m. PST Identity theft pays, just ask Martha Coakley As anybody who has ever been the victim of identity theft knows, the reason it's so common is because it pays. January 22, 4:02 p.m. PST HP investigator faces identity-theft charge A U.S. attorney has charged Bryan Wagner, an independent investigator who worked for Hewlett-Packard while the company tried to find the source of board leaks, with aggravated identity theft and conspiracy. January 11, 7:52 a.m. PST New PayPal key to help thwart phishers Over the next few months, Ebay will be offering its PayPal users a new tool in the fight against phishers: a $5 security key. January 10, 4:44 p.m. PST Keeping up with crimeware If you are a cracker who has written an exploit, you have a choice between fame and fortune. In the good old days, crackers chose fame. But now fortune appears to be far more appealing. January 2, 3:00 a.m. PST 2006 Year in Reviews: Security Given a sharp nudge from federal and state mandates, the security focus has shifted from intruders and malware to data protection and the insider threat — and the likes of Vontu, Reconnex, Oakley Networks, and PortAuthority are meeting the challenge. December 18, 3:00 a.m. PST Veteran Affairs: We're more secure The U.S. Department of Veterans Affairs (VA) is "pretty confident" the agency will not have another large data breach like the one in May that could have exposed the personal records of 26.5 million military veterans and family members, the agency's chief information officer said Monday. December 11, 8:42 a.m. PST FTC launches program for victims of ChoicePoint breach The U.S. Federal Trade Commission (FTC) has begun mailing claim forms to more than 1,400 identity theft victims who spent money to clear up identity-theft problems due to a security breach at data broker ChoicePoint announced in early 2005. December 7, 8:58 a.m. PST Good ideas take time Two years ago, I publicly floated the concept that IT should start thinking more like entrepreneurs. What a disaster! I was speaking at a meeting of CTOs, and I mentioned that I’d heard of a few IT departments that were focusing, at least in part, on creating saleable new products and services for their companies. I asked the group what they thought of the idea. December 4, 3:00 a.m. PST How to reduce holiday online shopping risks Santa Claus may take online orders this year, but the Grinches will also be on the Internet. November 21, 6:52 a.m. PST Security threat changing, says Symantec CEO The threat posed to computer users and companies by hackers is shifting from attacks on the computers to attacks on electronic transactions, according to the head of one of the world's largest security software vendors. November 3, 4:46 a.m. PST Steal my data, please Last year I landed a job as assistant IT manager at a midsize university. The network there was a typical mix of NetWare and Windows servers, with one big surprise: Our most critical database, the one that handled dorm-room assignments and payment records for the Housing Department, was still running on a Windows NT4 server, long after Microsoft had dropped support for the platform. October 31, 3:00 a.m. PST Phishing attack targets MySpace users Phishers have found a way to use genuine MySpace.com accounts to trick users into revealing their account information. October 27, 12:26 p.m. PDT Cybercrime cooperation advances Christopher Painter, principal deputy chief of the U.S. Department of Justice's Computer Crime and Intellectual Property Section, attended the G8 24/7 High Tech Crime Network meeting last week in Rome. The network started in 1997 with the G8 countries, which exchanged details of law enforcement officials who could help preserve electronic evidence for officials in another country investigating a trans-border cybercrime case. Since then, the network has grown to 45 countries, improving the ability of officials to fight burgeoning computer crime. October 23, 8:59 a.m. PDT HP snoops plead not guilty in pretexting case The three private investigators charged in Hewlett-Packard's spying scandal have pleaded not guilty to felony charges in the affair. October 11, 4:29 a.m. PDT Symantec taps VeriSign, Accenture for security boost Symantec is teaming with VeriSign and Accenture as part of its Security 2.0 strategy for protecting consumers and enterprise users from the latest and greatest security threats, which the company says are increasing in complexity and scope. October 10, 11:37 a.m. PDT > Security |
|
|
||||||||||||||||||
