The glitzy, interactive abilities of Web 2.0 have led to a profusion of new applications, but the technology also is bringing a new era of security vulnerabilities, a security researcher warned Wednesday. "Security was a challenge to begin with, but...

Beating the "botnets"–armies of infected computers used to attack websites–requires borrowing tactics from the bad guys, say computer security researchers. A team at the University of Washington, US, wants to marshal swarms of good computers to neutralize...

Researchers have devised an encryption scheme that could simplify the protection of sensitive information by allowing banks, hospitals, and other organizations to lock files using keys that are based on specific attributes, such as an employee's position...

Quantum cryptography, a new technology until now considered 100 per cent secure against attacks on sensitive data traffic, has a flaw after all, Swedish researchers say. "In computer terms, we've found a bug," said Jan-Aake Larsson, an associate professor...

Microsoft Corp. today took credit for crushing the Storm botnet, saying that the malware search-and-destroy tool it distributes to Windows users disinfected so many bots that the hackers threw in the towel. "They realized they were in our gun sights...

Microsoft has called on companies to work together to improve overall security, and not just rely on the police to do it for them. Ed Gibson, Microsoft's chief security advisor in the UK, said during his keynote at Infosecurity Europe 2008 that security...

The FBI quietly established last summer a task force involving U.S. intelligence and other agencies to identify and respond to cyberthreats against the United States. Called the National Cyber Investigative Joint Task Force, the group has "several...

The length of time between the development of security patches and the development of exploits targeting the security holes they address has been dropping for some time. Hackers exploit this period of time - the so-called patch window - to launch attacks...

Mobile networks and handsets are becoming more of a target for criminals with a technical bent, security experts are warning. "There's a real transition from online in to the mobile space," said Simeon Coney, head of business development at Adaptive...

Paper Abstract: In this paper, we propose techniques for automatic patch-based exploit generation, and show that our techniques can automatically generate exploits for vulnerable programs based upon patches provided via Windows Update. In many cases...

A survey out today by the organizers of the tech-security conference Infosecurity Europe found that 21% of 576 London office workers stopped on the street were willing to share their computer passwords with a good looking woman holding a clipboard. People...

A beta release of Windows Live OneCare 2.5, Microsoft's automated security suite for home users and small businesses, is available for testing from the Microsoft Connect Web site. Microsoft stated through its blog that there is little apparent difference...

At RSA Conference 2008, Microsoft announced the availability of the public beta release of its next-generation Microsoft Forefront security solution, currently code-named “Stirling.” Microsoft Forefront “Stirling” is an integrated security system that...

There is no storefront or corporate headquarters for Cybercrime Inc., but savvy salesmen in a murky, borderless economy are moving merchandise by shilling credit card numbers - "two for the price one." "Sell fresh CC," promised one salesman who offered...

Microsoft today called for broad discussions about the safety of the Internet in an initiative it dubbed "End to End Trust" in a white paper released during the RSA Conference that opened today in San Francisco. In a keynote address at the security...

In a new report released by European information technology analysis group, Quocirca, organisations that admitted to being frequently hacked, all outsource at least some of their coding practice, with 90 percent outsourcing more than 40 percent! With...

Back in February, Microsoft posted about the release of prerequisites for Windows Vista Service Pack 1. While several million customers installed the updates successfully, you may have read that a few customers experienced an endless reboot cycle while...

The USA's Internet Crime Complaint Center (IC3) is a partnership between the FBI and the National White Collar Crime Center (NW3C). Last week, the IC3 released its annual report for 2007. You can download a copy from here . From F-Secure: Malicious...

A new botnet twice the size of Storm has ballooned to an army of over 400,000 bots, including machines in the Fortune 500, according to botnet researchers at Damballa. The so-called Kraken botnet has been spotted in at least 50 Fortune 500 companies...

Security is both a feeling and a reality, and they're different. You can feel secure even though you're not, and you can be secure even though you don't feel it. There are two different concepts mapped onto the same word — the English language isn't working...

Security breaches that can be traced back to the actions of one individual are not the fault of one "stupid" employee but rather a failure to educate and engage the whole workforce around the importance of good security practice, according to a leading...

PGP Corp. has introduced an encryption application that lets enterprise users protect all the data they carry around in their smartphones. PGP Mobile encrypts Windows Mobile-based data automatically, but still allows mobile data to be shared securely...

Phone calls that are routed through the Internet instead of telephone wires are increasingly popular with businesses looking to cut telephony costs. But they have security problems that might leave a business that uses this technology vulnerable to a...

The Chaos Computer Club (CCC), one of Germany's oldest and largest hacker organisations, threatened to publish Chancellor Angela Merkel's fingerprints as part of a campaign against the government's use of biometric data in new passports, media reported...

You know that hidden bomb shtick in the movies? There's a bomb that's going to go off and kill a gazillion people. First, the good guys have to find it. Then they have to figure how to get into it to disarm it. Then they almost have it disarmed when they...