| HOME > RSS Feeds > DRM | ||
| Add To: | 
|
 |
PreEmptive Solutions has announced the availability of DashO Version 5, its tool that integrates application security with business performance monitoring for Java-based applications. The tool includes support for Google Android application development.
Mac Hack Shows Apple Apps Vulnerable to Botnets
The malware seeded by pirated software months ago and creating what was dubbed iBotnet by Symantec security researchers proves the concept of botnets on Apple systems, but doesn't achieve major botnet status.
Twitter Worm Threat Turns
Twitter is finally clear of the weekend worm attacks that left the popular microblogging site, recently rumored to be in talks with Google over a potential acquisition, furiously scrubbing the malware from its system. The StalkDaily worm, which exploited a cross-site scripting vulnerability, was the creation of a bored 17-year-old.
Microsoft Plugs Security Holes as Hackers Circle
Microsoft releases eight security bulletins for April's Patch Tuesday. Some of the bulletins address issues being targeted by hackers in the wild, including vulnerabilities in Microsoft Office Excel and WordPad. There are also fixes for Internet Explorer and other Microsoft products.
Apple Sued Over Patents for iPod Touchscreens
Chip designer Elan sues Apple for allegedly infringing on two touch-screen patents Elan owns. The Taiwan company is seeking an injunction to prohibit Apple from making iPhones, iPod Touches and MacBooks until a licensing agreement can be reached.
HP Releases Tool to Secure Adobe Flash for Developers
HP has released a free tool to help application developers improve the security of applications using Adobe Flash. The tool, called HP SWFScan, decompiles applications developed with Flash to search for security vulnerabilities.
ISV Uses SSL to Protect Web App Mashups
An ISV named SafeMashups is applying security in the form of SSL to enable applications to authenticate one another through the Web browser securely prior to mashing up. SafeMashups is currently under incubation at the University of Texas at San Antonio's Institute for Cyber Security.
BBC Touches Off Botnet Debate
BBC's technology program & Click& purchased a botnet recently as part of an experiment meant to show how botnets can do damage. But by putting money in the hands of hackers, did BBC's program do more harm than good?
Repairing Oracle Database Patch Process
A recent report from The Independent Oracle Users Group says that Oracle databases are often behind when it comes to the latest security patches. The million-dollar question: What can be done about it?
Adobe Users Should Mitigate Flaw, Wait for Patch
While users wait for Adobe to issue a patch for the zero-day flaw affecting Adobe Reader and Adobe Acrobat, there are measures people can take to protect themselves. Here is some advice from security pros on how to mitigate the vulnerability.
Third-Party Apps Pose Risk to Social Networks
Social networking sites such as Facebook and MySpace face the question of how to secure third-party applications developed for use with their sites. A SQL injection vulnerability recently discovered in two Facebook applications underscores this quandary.
IBM Study Sketches Economics of Online Crime
IBM's X-Force security division is recommending that the security industry rethink how it ranks vulnerability threats. Elements other than technical feasibility are important. Like how easily an attack can be monetized and to what degree should be components of vulnerability scoring. Crimes that pay are crimes that stay.
Experts Struggle to Fix Cracked CAPTCHA Anti-Spam
New approaches are needed to keep spammers from abusing free e-mails systems now that hey have found ways to circumvent the CAPTCHA test protocol used by many Web sites, according to researchers involved in the effort. Microsoft is one of a number of large companies working on wo research projects aimed at making it harder for spammers to crack CAPTCHA.
Security Challenge Increases in Wake of SSL Crack
A successful attack by security researchers using a rogue certificate authority and colliding certificates demonstrates that if you're not moving forward with your security-related standards then you're moving backward. Everything gets cracked over time, so you have to keep improving your defenses.
New Attacks Prompt Microsoft to Urge Install of Windows Server Patch
Microsoft is repeating its reminders to organizations to install a new Windows Server patch, following reports that a new variant of the Conficker worm has surfaced to target the flaw.
Zero-Day Flaw to Get Fix, Microsoft Promises
Microsoft has said it is preparing a patch for a zero-day vulnerability in the Microsoft Internet Explorer Web browser. The out-of-band patch is slated to be ready Dec. 17 and will fix a data binding problem being attacked by hackers.
IBM Backs XBRL as Risk Reporting Spec For Financial Markets
The IBM Data Governance Council is exploring the use of XBRL, Extensible Business Reporting Language, a software language used to describe business terms in financial reports, for risk reporting.
Google Chrome Gets Additional Security in its Sandbox
Google has added a number of security features to its Chrome browser that are designed to put it on par with or above rival browsers, including Microsoft Internet Explorer, Apple Safari and Mozilla Firefox. Chrome officially stops being a beta Dec. 11.
New Attacks Focus on Windows Server Service Flaw
The vulnerability in the Windows Server Service that Microsoft patched in an emergency update last month is facing a new wave of attacks. Microsoft officials reported a spike in exploits targeting the vulnerability earlier this week. If you haven't patched, now is the time to put it on your schedule.
Software Piracy, Tracking the Crackers
Vendors are waging a losing security battle against software pirates. With V.i. Labs, eWEEK takes a look at how software pirates promote their wares on the Web.