Exploit code is now online for the latest zero-day affecting IE, highlighting how important it is to upgrade off of IE6
A security researcher has published exploit code for the latest Internet Explorer zero-day flaw on the Web and Microsoft is warning that more attacks against the unpatched vulnerability can be expected in-the-wild. One thing seems to be more apparent with each passing Internet Explorer (IE) vulnerability: its time to upgrade the Web browser.
Tests find that most AV is still not blocking Aurora exploit
At the RSA Conference in San Francisco last week, security vendors pitched their next-generation of security products, promising to protect customers from security threats in the cloud and on mobile devices. But what went largely unsaid was that the industry has failed to protect paying customers from some of today's most pernicious threats.
The Troyak ISP has found a new upstream provider, returning connectivity to Zeus servers
Last week FBI Director Robert Mueller called the fight against hackers "the cyber equivalent of cat-and-mouse." On Wednesday security experts trying to take down the Zeus botnet got a taste of what he meant.
Last month's Adobe Reader vulnerability now under attack, says F-Secure and Microsoft
Hackers adore Adobe Reader, and have pushed it into first place as the software most often exploited in targeted attacks, a Finnish security company said today.
But online banking fraud continues to rise, according to figures from financial institutions
Fraud losses due to counterfeit payment cards fell by half in 2009 from the year prior in the U.K., but online banking losses continued to rise, according to new banking industry figures released Wednesday.
90 of 249 Zeus command-and-control servers were knocked offline overnight
Internet service providers linked to the notorious Zeus botnet have been taken down, knocking out a third of the command-and-control servers that run the network of hacked machines.
US lawmakers are calling for new policies for dealing with the Chinese government
The Chinese government is likely behind recent cyberattacks on U.S. government Web sites and on U.S. companies in an apparent effort to quash criticism of the government there, an expert on U.S. and Chinese relations said Wednesday.
Twitter will shorten some links sent through the service to twt.tl
Twitter launched a new link-screening service on Tuesday aimed at preventing phishing and other malicious attacks against users of the popular microblogging service.
It's the second zero-day vulnerability in the last 60 days
Microsoft today warned of a critical vulnerability in Internet Explorer that is already being exploited by hackers, the second such admission in the last two months.
Pure adds encryption, backup and parental controls
Kaspersky Lab has invented a new security product that combines bits of its current consumer security suite with new capabilities such as encryption, backup, password management, and the ability to manage the product across a network.
Only complex answers will stop hackers
Security questions that allow web users to access online accounts if they forget their passwords can easily be answered by hackers willing to spend time surfing the web, say researchers at the University of Cambridge.
Former Watchfire and Ounce Labs capabilities would be partnered in an enterprise-level product to be released later this year
Honing in on the need for more security in application development, IBM Rational is planning an enterprise-level product that features two separately acquired technologies for security testing and code scanning.
USB battery recharger status software contains Trojan, says US-CERT
The Energizer Bunny infects PCs with backdoor malware, the Department of Homeland Security's US-CERT said Friday.
Pay up or else
Criminals re-used an attack from 2008 to hit the Internet with a huge wave of ransomware in recent weeks, a security company has reported.
Open source OS project allows for constant feedback from developers, company says
Google's Chrome OS Netbook will feature a host of built-in security technologies designed to protect users from malware and other threats, a Google engineer said at the recent RSA Conference.
