Security News: Archive: June 2010 

Facebook Extends Privacy Controls to Apps

Making good on its promise to Canadian privacy authorities, social networking giant Facebook said it has simplified the permission controls for users sharing data with third-parties.

Open Source is Inherently More Secure, Says Red Hat

At the Red Hat Summit in Boston last week, Josh Bressers, a senior security engineer at Red Hat, explained why open source really is the best model for building secure software.

Top Cybersecurity Threat Is Customers, Experts Say

Educating consumers presents issues, but with business, government, and individuals all working together, panelists were optimistic about our cyber security future.

HP Expands TippingPoint Security

First new releases debut after HP's 3Com acquisition, but full integration of the two companies' products is still a work in progress.

McAfee Serves Up Cloud Security Suite

New cloud-based security service helps protect companies from malware without the need for any on-premise software or hardware.

Cisco: Use of Unauthorized Devices a Growing IT Headache

A survey of IT professionals finds the growing use of iPhones and other personal mobile devices on corporate networks poses a security problem.

Database Gaffe Exposes Florida Student, Faculty Data

Thousands of students and dozens of faculty members had their names, social security numbers and other PII exposed for months before officials locked down an unsecured database.

SSL Certificates In Use Today Aren't All Valid

New study examines 119 million domain names to discover some surprising results into how many are using SSL properly.

Anthem Blue Cross Cops to Massive Data Breach

The Social Security numbers and medical records of more than 230,000 members are exposed after the health insurer failed to secure its corporate website.

Twitter Settles Security Complaint With FTC

Microblogging service Twitter agrees to settlement with Federal Trade Commission regarding high-profile security breaches that dogged the site in early 2009.

Mozilla Firefox 3.6.4 Delivers Stability and Security

Out-of-Process plug-in support comes to open source Web browser, providing new crash protection for Linux and Windows users.

.Org Signed for DNSSEC

A major milestone as the first major top-level domain is now secured with DNSSEC. But the process of securing all .org domains isn't done -- yet.

Mac Update Adds Malware Protection

A recent update to OS X secretly added protection against a Trojan.

ICANN Maps Out Internet Defense

The domain name system’s managing body pushes DNSSEC as the way forward to make the Internet a safer place for all.

Microsoft and E-Fraud Group Aim to Stop ID Theft

New app helps to cut down on phishing, ID theft, and account compromises by letting investigators quickly report stolen credentials and credit card numbers.

DNSSEC Key Signing Designed to Make the Internet More Secure

A critical milestone in the history of Internet security happened this week at a "key signing" ceremony. Are we all now safer as a result?

Microsoft Sues Spammers Who Abused Its Spam Filters

In yet another move to take a bite out of cybercrime, Microsoft's Digital Crime Unit sues over one of the largest spam attacks ever.

GlobalSCAPE Bets on Cloud for Managed File Transfer

San Antonio-based GlobalSCAPE has partnered with Rackspace Hosting to provide its Enhanced File Transfer Server as a subscription.

Windows XP Zero-Day Exploit Spawns Attacks

So-called "limited" attacks have appeared since a security researcher revealed a hack that could put Windows XP users at risk of attack.

VeriSign Taps Growing SSL Certification Market

Soon to be part of Symantec, VeriSign's SSL security certification business is growing as the need for SSL continues.

Can Federal Data Privacy Live On in the Cloud?

White House IT officials have been exuberantly talking about moving government IT to the cloud, and the process is already in motion, but federal privacy officers are speaking up.

Lieberman Racing to Mark Up Cybersecurity Overhaul

Committee leadership races to bring major cybersecurity legislation that would expand White House and DHS authority over private sector to a markup.

FCC Issues Warning, FBI Investigates iPad Breach

Alarmed at the recent exposure of more than 100,000 iPad users' data, FCC issues a warning on cybersecurity. Meanwhile, AT&T seeks to reassure customers that all's well.

Calif. Hospitals Hit With Stiff Data Security Fines

Five California hospitals were fined a total of $675,000 last week by the state's Department of Public Health for failing to prevent unauthorized access to patients' data.

Microsoft Warns of Security Flaw in Windows XP

Windows XP may be nine years old but, as the most popular version of Windows, it leaves a lot of users in a precarious position when a serious security hole pops up.

HP, Symantec Extend Security Pact to Safeguard PCs

Leading security software vendor and the world's largest computing company announced a multi-year deal that will keep Norton Internet Security on all HP PCs for free for 60 days.

Facebook Teams With PTA in Online Safety Push

World's leading social network partners with PTA to promote online safety, pledges $1 million to the cause.

AT&T Gaffe Exposes 114,000 iPad E-Mail Accounts

The security hole that allowed at least one organization to access e-mail accounts belonging to iPad owners including Michael Bloomberg and Rahm Emanuel has been closed, AT&T says.

Slow Chat with Microsoft on June 14th

Here's your chance to ask experts from and Microsoft questions about the new features and versions of Microsoft Visual Studio 2010 and .NET 4.0

Google Updates Chrome for Security, IE

Nine highly critical flaws get patched in Chrome as Google's Chrome Frame hits beta.

HP Lands Air Force Cyber Defense Contract

HP will be providing infrastructure and applications integration for a Cyber Control System designed to provide strategic information and identify cyber threats for the USAF.

Google Opens Up on Its Security Practices

New security white paper details Google's security practices for its cloud-based apps.

Adobe Flash, PDF at Zero-Day Vulnerability Risk Again

Adobe warns of serious security flaws in flash and PDF that could be leaving millions of users open to attack.

Cops, SIIA Bust Major Craigslist Piracy Duo

A pair of thieves who moved an enormous amount of counterfeit software applications through the online classified site have finally been busted.

Defense Dept. Cyber Chief Warns of Mounting Threats

Speaking publicly for the first time since his installation in the top spot of the Defense Department's Cyber Command, Gen. Keith Alexander emphasizes the severity of the danger.

Security Concerns Cause Google to Quit Windows

According to a report in the Financial Times, Google began moving employees to other operating systems after its systems were hacked.

Hackers Make a Mess of

Malware scamsters have weaseled their way into an unknown number of online gaming accounts on the popular Chinese entertainment site.

House Passes National Defense Authorization Act

An amendment included in the final version of the NDA act would install a permanent cybersecurity office in the White House and reshape government IT security compliance.

FBI Goes After 'Scareware' Scams

A new federal indictment exposes a common Internet scam--tricking users into thinking they've been infected with malware so they'll buy bogus security products from cybercriminals.