Verzeichnis
SearchSecurity: Security Wire Daily NewsThe latest information security news on IT threats, vulnerabilities and market trends from the award-winning SearchSecurity.com.
P2P encryption for mobile is not an technology endorsement, says PCI CouncilFri, 25 May 2012 12:40:13 EDT
The PCI Council will continue to issue recommendations for mobile payment security, according to Bob Russo, general manager of the PCI SSC.
Android Malware Genome Project aims to nurture mobile security researchWed, 23 May 2012 10:53:34 EDT
Project will share data on malware targeting the Android platform. It has collected 1,200 Android malware samples.
Application security expert Chris Wysopal of Veracode explains why some software security programs are lacking and how simple steps can produce big gains.
Praise, criticism for retiring cybersecurity coordinator Howard SchmidtThu, 17 May 2012 17:14:10 EDT
Security experts say some issues haven?t been adequately addressed by the White House security chief.
A PCI Council guidance document requires merchants to use a validated PIN entry device or secure card reader to accept payments using mobile devices.
Microsoft?s senior director of security engineering says core SDL principles should be at the foundation of critical infrastructure system protection.
At Information Security Decisions 2012, Dan Guido put the mobile malware focus on the Android security model and Google?s mobile app vetting process.
Gartner released a report detailing market growth from 2010-2011 throughout the UTM vendor industry.
BeyondTrust acquires eEye Digital Security for vulnerability managementThu, 10 May 2012 10:27:15 EDT
Analysts say eEye?s vulnerability and configuration management capabilities are a good fit with BeyondTrust?s privilege management and AD integration.
Experts suggest patience when dealing with this month?s round of Microsoft updates.
Bad software and malicious software are two different issues that are easily confused, says software security expert Gary McGraw.
Adobe is addressing a zero-day flaw in Flash Player being used by cybercriminals in email attacks targeting Internet Explorer users.
Microsoft said a member of its confidential Active Protections Program leaked information that prompted an exploit targeting a flaw patched in March.
Microsoft said it plans to address flaws in Windows, Office, Silverlight and the .NET Framework.
For the first time, cybercriminals are using compromised websites to conduct drive-by attacks targeting Google Android users.
The payment processor breach is believed to be under 1.5 million credit cards, but the company indicated on Tuesday that banks are issuing a ?wide net to protect customers
SSC's new PCI point-to-point encryption guidance outlines testing proceduresWed, 2 May 2012 09:53:06 EDT
New PCI DSS guidance on point-to-point encryption outlines product testing requirements, and urges more merchant-acquirer collaboration.
Despite the accidental release of attack code for a bug in Oracle?s database, the company won?t change the code for fear of ?regression.?
Reverse engineering mobile apps help pen testers find weaknesses and hidden malware, but the various mobile platforms and different versions make automation difficult, according to one expert.
Java, HTML exploits via Black Hole toolkit dominate attacks, Microsoft saysWed, 25 Apr 2012 13:22:54 EDT
The Black Hole Exploit toolkit is behind the bulk of the HTML and Java exploits, according to version 12 of the Microsoft Security Intelligence Report.
