Only the Right Answer Unlocks Encrypted E-Mail

Sending critical data via e-mail or instant messaging may be convenient, but it isn't exactly secure. So IT consultant Terry Heath created LockedEnvelope, a service that encrypts e-mail and IM communications using a question-and-answer key. More...

Firefox 3 Vulnerability Discovered

About five hours after its release, TippingPoint's Zero Day Initiative received a critical vulnerability affecting Firefox 3.0. Earlier versions of Firefox are also affected. More...

What Privacy Policy?

A study released Monday by the privacy-focused Ponemon Institute and funded by e-mail marketing firm Strongmail reveals a disturbing disconnect in companies between the executives tasked with protecting customer data and marketing departments, which use the data for advertising purposes or share it with third parties. More...

Security Update available for Adobe Reader and Acrobat 8.1.2

A critical vulnerability has been identified in Adobe Reader and Acrobat 8.1.2. This vulnerability would cause the application to crash and could potentially allow an attacker to take control of the affected system. Adobe recommends users of Acrobat 8 and Adobe Reader install the 8.1.2 Security Update 1 patch. More...

Insider Threat Exaggerated, Study Says

Seventy-three percent of the breaches involved outsiders, 18 percent resulted from the actions of insiders, with business partners blamed for 39 percent -- the percentages exceed 100 percent due to the fact that some involve multiple breaches, with varying degrees of internal or external involvement. More...

New OS X Trojan Horse in the Wild

The Trojan horse is currently being distributed from a hacker website, where discussion has taken place on distributing the Trojan horse through iChat and Limewire. More...

New DNSChanger Trojan variant targets routers

The DNSChanger Trojan is able to access all the settings and functions on the router. It only knows about a few popular router Web interface URLs that it can use to change DNS settings at this time, but that is expected to change and more routers will be affected. More...

Mozilla Investigates Firefox Bug, Talks Security

Though neither TippingPoint, which disclosed the bug to Mozilla privately, nor Mozilla are saying much, the security company reported that the vulnerability requires user interaction and can lead to remote code execution. The bug also affects Firefox 2, and will be addressed with the next security update for both versions of the browser. When asked, Mozilla could not offer a specific date for that. More...

Apple updates Safari for Windows with four security fixes

Apple on Thursday released a new version of Safari for Windows that includes a security fix for a high-profile carpet-bombing desktop attack vulnerability previously dismissed by the Cupertino vendor. The Safari update is only for Windows users, not Mac OSX versions. More...

Smart phones 'bigger security risk' than laptops

Some 94% of senior IT staff fear PDAs present a security risk, just above the 88% who highlighted mobile storage devices as a worry. Nearly eight in 10 said laptops were an issue. Only four in 10 had encrypted data on their laptops, and the remainder said the information was "not worth" protecting. More...

How safe is instant messaging?

The number of interested parties eager to listen in on your online conversations, including what you type through instant messaging, has never been higher. More...

Security Software Needs To Work Better

All security vendors are faced with an explosion of malware created by well funded criminal groups who use it to steal and sell information from people's PCs. More...

Phishers Widen Their Nets for Potential Catches

Phishers are not above playing the charity card to get your money. Within a week of the Chinese earthquake tragedy, cyber criminals had hacked into the official Red Cross Web site in China. More...

A silver lining in a gloomy outlook

WITH the advance of new and better cybersecurity technologies, you’d expect the Internet to be a lot safer place for average users. More...

Email Encryption Today: It's Easier than You Think

When valuable intellectual property is compromised, a patient's medical records revealed, or privacy rights threatened, there are serious repercussions a company is sure to face, including fines, PR disasters, loss in revenues or loss of competitive advantage. More...

FBI warns of child-support card scam

The U.S. Federal Bureau of Investigation warned Friday that online scammers are now targeting single parents who use the EPPICard system to receive child-support payments. More...

Formidable Ransomware Virus on the Loose

Kaspersky labs has issued a warning that the Gpcode – a virus that encrypts a users files so they can be extorted for the password – is again on the loose, only this time it features an almost un-crackable 1024-bit key. More...

Spammers Devoted to Dad

This gives me a chance to go back and look through it if the need should arise. This time around, I had about 6 weeks worth, or roughly close to 50,000 of the unwanted email. More...

New version of OpenOffice.org fixes critical bug

OpenOffice.org fixes a memory problem in its open source office suite that could allow hackers to execute arbitrary commands on the system. More...

Security hole exposes utilities to Internet attack

Attackers could gain control of water treatment plants, natural gas pipelines and other critical utilities because of a vulnerability in the software that runs some of those facilities, security researchers reported Wednesday. More...

Microsoft releases seven patches, three critical

In what one security researcher called a "broad-based" set of releases, Microsoft on Tuesday unleashed seven patches, three for critical vulnerabilities, in its June Patch Tuesday round of bug fixes. More...

Bug exposed in web security standard

Security experts have warned of a critical bug in the standard web authorization technology used by hundreds of thousands of websites. More...

Researchers Ask for Help Cracking Ransom Virus Code

Kaspersky Lab needs five million computers to crack a Gpcode scheme that encrypts user files with a strong 1,024-bit key and demands money to decrypt the files. More...

Hackers 'seeding' legitimate websites

Online fraudsters are increasingly 'seeding' legitimate websites with malicious code, ScanSafe has warned.

How-To: Restore Your Hacked iPhone

Though, I dont like to blog on hacking/unhacking cell phones since its a proprietary issue and at the same time, I dont want to encourge people to try these on their phones but this one is an interesting story and might help some of you restoring your phones.

Man Allegedly Bilks E-trade, Schwab of $50,000

Largent allegedly used an automated script to open 58,000 online brokerage accounts, linking each of them to a handful of online bank accounts, and accumulating thousands of dollars in micro-deposits. More...

Building a security culture

Lately there has been a lot of discussion about the difference between real security and compliance with data security regulations. I think we can all agree that security, like life, is a journey, not a destination, and regulatory compliance can get us only so far. True security requires a combination of people, processes and technology. More...

Cyber-attack tackled by alerts

The alert service is available from \the Stay Smart Online website, along with a tool to help small businesses analyse their online security practices and adopt appropriate measures to improve online security. More...

Why Do We Accept Signatures by Fax?

Aren't fax signatures the weirdest thing? It's trivial to cut and paste -- with real scissors and glue -- anyone's signature onto a document so that it'll look real when faxed. There is so little security in fax signatures that it's mind-boggling that anyone accepts them. More...

Spammers exploit Google Docs

MessageLabs' latest Intelligence Report attributed this hike to a change of tactics in which spammers are moving away from a reliance on email attachments. More...

AT&T develops new encryption service for corporate data

AT&T Encryption Services is designed to help protect companies from data loss and "leakage" while addressing regulatory-compliance issues and privacy. More...

For Laptops, Encryption Isn’t Everything — But it’s a Fine Start

The ways laptops are endangered: Hard drives aren’t encrypted, USB drives are not disabled, people simultaneously use devices for personal and business tasks, users don’t pay attention to security. More...

Hackers admit to Comcast attack

'Defiant' and 'EBK', who operate with the Kryogeniks hacking group, claim to have gained access to the site using a vulnerability and social engineering techniques aimed at the site's hosting company. MOre....