Microsoft patched nine vulnerabilities this month for Patch Tuesday. Among them are two critical flaws that have come under attack by hackers. - Microsoft released six security bulletins for this months Patch Tuesday, including fixes for vulnerabilities impacting DirectShow and the Video ActiveX Control that have been targeted by attackers.
The bulletins address a total of nine vulnerabilities. Three of the bulletins the ones affecting...
Microsoft Fixes Nine Flaws in Monthly Patch Release
Trend Micro Pushes Virtualization Security
Trend Micro has plans for a new virtualization security product designed to protect virtual machines whether they are active or offline. The product, called Trend Micro Core Protection for Virtual Machines, is aimed at providing new levels of malware protection for virtual machines. - Trend Micro is pushing ahead with plans to bolster its virtualization security portfolio with a new offering designed to protect VMware ESX/ESXi environments.
Dubbed Trend Micro Core Protection for Virtual Machines, the product is slated to be available next month. Designed to protect both active...
Survey finds one in six consumers act on spam
About one in six consumers have at some time acted on a spam message, affirming the economic incentive for spammers to keep churning out millions of obnoxious pitches per day, according to a new survey.
Read more »Turkish government site hacked amid spat with China
An attacker who defaced the Web site of Turkey's embassy in China on Monday left behind a pro-China note as the two countries worked through a diplomatic spat.
Read more »HTC smartphones left vulnerable to Bluetooth attack
If you have an HTC smartphone running Windows Mobile 6 or Windows Mobile 6.1, you may want to think twice before connecting to an untrusted device using Bluetooth. A vulnerability in an HTC driver installed on these phones can allow an attacker to access any file on the phone or upload malicious code using Bluetooth, a Spanish security researcher warned Tuesday.
Read more »Real Viagra sales power global spam flood
The truism that spam mostly consists of inducements to buy products such as Viagra turns out to spot on, a security company has found.
Read more »Microsoft Warns of New Attack as Patch Tuesday Nears
Microsoft is warning of limited attacks targeting a vulnerability in Microsoft Office Components. The warning comes the day before Patch Tuesday, which this month is slated to include fixes to a number of critical vulnerabilities. - On the eve of Patch Tuesday, Microsoft is warning users about a flaw in Microsoft Office Web Components that is under attack.
Microsoft Office Web Components are a collection of Component Object Model (COM) controls for publishing and viewing charts, spreadsheets, and databases on the Web. In thi...
How to Plan for Smartphone Security in the Enterprise
One of the major challenges CIOs face is the deployment and security of smartphones in the enterprise. It's important for CIOs to assess how their organization should secure the smartphones employees use to access corporate resources. Here, Knowledge Center contributor Chris De Herrera explains how CIOs can deal with some common security concerns regarding smartphones deployed in the enterprise, including Apple iPhone, RIM Blackberry, Windows Mobile, Google Android and Palm Pre devices. - If you are a CIO, you face several challenges when it comes to deploying smartphones in your enterprise. Among the most important, you must determine the security requirements of your organization. Just like laptops and notebooks used in the enterprise, smartphones often contain corporate data and c...
Read more »Security Researchers Exploit Vulnerability in Handling of EV SSL Certificates
Two researchers will demonstrate a man-in-the-middle attack at the Black Hat security conference this month that allows them to silently sniff traffic on EV SSL protected Web sites. The vulnerability in the way browsers treat EV SSL certificates makes them no more valuable than the cheapest SSL certificate, the researchers say. - Two researchers have discovered a design flaw in Web browsers that can be exploited to launch man-in-the-middle attacks on extended validation
SSL
certificates.
Mike Zusman, principal consultant at Intrepidus Group, and independent security researcher Alex Sotirov plan to reveal the details of...
Invisible IPv6 traffic poses serious network threat
IPv6 — the next-generation Internet protocol — isn't keeping too many U.S. CIOs and network managers up worrying at night. But perhaps it should.
Read more »