If it’s about security, you heard it here first
Nonprofit releases security configuration standards for iPhone
Organizations issuing iPhones to their employers can now apply security configuration best practices, which were introduced this week by the Center for Internet Security.
URL: http://feedproxy.google.com/~r/SCMagazineHome/~3/_97AOURFipo/
Nonprofit releases security configuration standards for iPhone
Organizations issuing iPhones to their employers can now apply security best practices, which were introduced this week by the Center for Internet Security.
URL: http://feedproxy.google.com/~r/SCMagazineHome/~3/_97AOURFipo/
VMware fixes security bugs
VMware has released fixes for multiple vulnerabilities in several of its products, including VMware Workstation, Player, ACE, Server, Fusion, ESX and ESXi. One of the vulnerabilities was caused by an error in the VMware Descheduled Time Accounting driver, which could open a way for hackers to launch a denial-of-service attack in Windows-based [...]
Fed cybersecurity review out; “cyber coordinator” established
After much speculation, President Obama confirmed Friday that a new White House office will be dedicated to coordinating digital security efforts, to be led by a yet unnamed “cybsersecurity coordinator.”
URL: http://feedproxy.google.com/~r/SCMagazineHome/~3/lcAodijEGk0/
New Windows zero-day
Microsoft on Thursday issued a security advisory for a new vulnerability in DirectX, used on Windows to enable graphics and sound, that could enable a remote hacker to execute arbitrary code if users open specially crafted QuickTime files. Microsoft said that it was aware of active attacks using exploit code for the vulnerability. [...]
Bank sues Savvis over 2005 CardSystems breach
Utah-based Merrick Bank claims to have lost $16 million as a result of a 2005 breach of payment card processor CardSystems Solutions and is now seeking legal restitution.
URL: http://feedproxy.google.com/~r/SCMagazineHome/~3/e8nFwgmuAVk/
IT company Savvis being sued over 2005 CardSystems breach
Utah-based Merrick Bank claims to have lost $16 million as a result of a 2005 breach of payment card processor CardSystems Solutions and is now seeking legal restitution.
URL: http://feedproxy.google.com/~r/SCMagazineHome/~3/cGIdaI_QilE/
EMC snares Configuresoft
EMC on Wednesday acquired Configuresoft, maker of server configuration, change and compliance EMC on Wednesday acquired Configuresoft, maker of server configuration, change and compliance management solutions. The purchase expands EMC’s storage and infrastructure management line. The two companies had been partnering since 2008 when they signed an OEM agreement, leading to the EMC [...]
4113
BAT/Agent.NBW, PDF/Exploit.Pidief.ONK, Win32/Adware.Antivirus2008 (2), Win32/Adware.Coolezweb (2), Win32/Adware.InternetAntivirus (5), Win32/Adware.SystemSecurity (4), Win32/Agent.NXT, Win32/Agent.PHC, Win32/Agent.PKT (2), Win32/Agent.WPI (4), Win32/AutoRun.Agent.OG, Win32/AutoRun.Agent.OH, Win32/AutoRun.Agent.OI, Win32/AutoRun.FakeAlert.AF (3), Win32/AutoRun.KS, Win32/AutoRun.VB.DQ, Win32/Boberog.AC, Win32/Dialer.NHP (2), Win32/Hupigon.NPB, Win32/Hupigon.NPC, Win32/Injector.PH, Win32/Injector.PI, Win32/IRCBot.ADZ (2), Win32/KeyLogger.BitLogic, Win32/NetPass (2), Win32/Obfuscated.NCY, Win32/Olmarik.HG (4), Win32/Poebot, Win32/Prosti.NCL (2), Win32/PSW.LdPinch.NJG, Win32/PSW.WOW.NKO (2), Win32/PSW.YahooPass.NAD (2), Win32/PSWTool.IEPassView.NAD, Win32/PSWTool.MailPassView.150, Win32/PSWTool.PassFox.111 (2), Win32/Rustock.NIH, Win32/Rustock.NIK, Win32/Sohanad.BM, Win32/Sohanad.NEJ, Win32/Spy.Banker.QZA, [...]
4110
BAT/TrojanDownloader.Ftp.NDM, BAT/TrojanDownloader.Ftp.NDN, IRC/SdBot (2), PDF/Exploit.Pidief.ONF, Win32/Adware.AntiVirus1, Win32/Adware.Antivirus2008, Win32/Adware.AntivirusPlus (2), Win32/Adware.BHO.NCX, Win32/Adware.MySideSearch, Win32/Adware.NaviPromo (2), Win32/Adware.PersonalAntivirus (2), Win32/Adware.PrivacyComponents, Win32/Adware.UltraAntivirus2009 (3), Win32/Adware.Virtumonde (2), Win32/Adware.WinPCDefender, Win32/Agent.DKR (2), Win32/Agent.PGA, Win32/Agent.PKT, Win32/Agent.PMI (3), Win32/AntiAVNAK (2), Win32/Autoit.FV (2), Win32/AutoRun.FlyStudio.KC, Win32/AutoRun.IRCBot.AK, Win32/AutoRun.KS, Win32/AutoRun.VB.CX (2), Win32/AutoRun.VB.DP (2), Win32/Bagle.RD, Win32/BHO.NOR, Win32/Delf.ODU, Win32/Delf.OJB, Win32/Dialer.NAD, Win32/Hupigon.NOU, Win32/KillAV.NDT (4), Win32/KillProc.NAF, Win32/Kryptik.QR, Win32/Kryptik.QS, Win32/Mebroot.BL, Win32/Mebroot.BM (2), Win32/Mebroot.BN (2), Win32/Olmarik.GW, [...]
Process over trust: Will we ever learn?
To give businesses greater confidence in privilege management, we must define, implement, monitor and enforce processes for delegating administrative access.
URL: http://feedproxy.google.com/~r/SCMagazineHome/~3/-PZvOCY1fy0/
Host file black lists , (Wed, May 27th)
Henry Hertz Hobbit who maintains a black list of bad hosts wrote in today with some host file links
and comments on them. I have included most of his comments with very little editing
(I removed a few names and comments about other list maintainers and corrected [...]
Another round of phishing hits Twitter
After last week’s phishing attacks on social networking sites, yet another round has struck Twitter.
URL: http://feedproxy.google.com/~r/SCMagazineHome/~3/q6OZh_v74Qk/
Study finds IT security pros cheat on audits
IT security professionals might think of auditing as a pain, but some are actually cheating to get audits passed, according to a study released Wednesday.
URL: http://feedproxy.google.com/~r/SCMagazineHome/~3/IZcI52oM_vk/
Setting cybersecurity as a national priority is just the beginning
A review of federal cybersecurity policies, scheduled for release Friday, will serve as a call to action for the public and private sectors.
URL: http://feedproxy.google.com/~r/SCMagazineHome/~3/7OHJXpzrAUE/
Threat Expert