genpop.net

Mozilla confirmed yesterday a critical vulnerability in the newest version of Firefox, and said it would plug the hole by the end of the month. Although the patch won’t be added to Firefox before next week’s Pwn2Own browser hacking challenge, researchers won’t be allowed to use the flaw, according to the contest’s organizer. [ InfoWorld's [...]

The Public Interest Registry will add an extra layer of security known as DNS Security Extensions (DNSSEC) to the .org domain in June — a move that will protect millions of non-profit organizations and their donors from hacking attacks known as cache poisoning. In a cache poisoning attack, traffic is redirected from a legitimate Web [...]

Twitter has launched a new link-screening service aimed at preventing phishing and other malicious attacks against users of the popular microblogging service. Part of the new service is a new Twitter tool to shorten URLs, so users will see some links in email notifications and direct messages from other users written as twt.tl, Twitter said [...]

Microsoft today announced it will ship two security updates on Tuesday to patch eight vulnerabilities in Windows and Office. In its monthly advance notification, Microsoft spelled out next week’s two-update Patch Tuesday, a far cry from February’s massive rollout of 13 security bulletins that fixed 26 flaws. [ InfoWorld's Roger Grimes explains how to stop [...]

Microsoft has several other botnets in its crosshairs, and believes it can use the same legal tactic against them that it deployed last week to strike at the Waledac botnet’s command-and-control centers. But the company also admitted that it had not yet severed all communications between the controllers of Waledac and the thousands of compromised [...]

The hackers who broke into Google two months ago have gone after more than 100 companies, according to an estimate by security vendor Isec Partners. Researchers have been closing in on the unidentified criminals responsible for the attack over the past month. In the process, they have uncovered another 68 so-called command-and-control servers, used to [...]

Is moving to virtualization and cloud computing making network security easier or harder? When some 2,100 top IT and security managers in 27 countries were asked, the response revealed a profound lack of consensus, showing how divided attitudes are within the enterprise. The “2010 State of Enterprise Security Survey — Global Data” report shows that [...]

Most firms have experienced some kind of cyber attack in the last year, according to research released Monday by Symantec. The 2010 State of Enterprise Security study reveals that 75 percent of organizations experienced cyber attacks and 42 percent of organizations rate security as their top issue, more than natural disasters, terrorism, and traditional crime [...]

Where are the greatest Web-related security threats today? Analysis of Web Hacking Incidents Database (WHID) reveals that in 2009 social networks were at the greatest risk, malware and defacement remained the most common outcome of Web attacks, and SQL injection was the most common attack vector. Here’s a deeper dive on the findings and what [...]

Where are the greatest Web-related security threats today? Analysis of Web Hacking Incidents Database (WHID) reveals that in 2009 social networks were at the greatest risk, malware and defacement remained the most common outcome of Web attacks, and SQL injection was the most common attack vector. Here’s a deeper dive on the findings and what [...]