Black Hat Talk on Apple Encryption Flaw Pulled   01 Aug 2008 02:11 GMT
Brian Krebs from the Washington Post "Security Fix" Blog reported that one of the talks slated for next week's Black Hat convention on a previously undiscovered flaw in Apple's FileVault encryption system has been canceled, the researcher citing confidentiality agreements as the reason he will not be speaking. ...
Source: ZDNet

Web worms squirm through Facebook, MySpace   31 Jul 2008 23:31 GMT
My colleagues at Kaspersky Lab see disclosure have intercepted two new worms squirming through MySpace and Facebook, using social engineering lures to plant malware on Windows systems. The worms propagate via the comments features on the two popular social networks, using video lures and fake Flash Player...
Source: ZDNet

Black Hat/DefCon: Welcome to the funhouse   31 Jul 2008 23:26 GMT
The Black Hat conference and its post-event, DefCon,  promise to be a security funhouse in the coming week, as experts in Las Vegas seek to shock and amaze by poking holes in today's network technologies. The Web, wireless LANs, routers and desktop software may all look different reflected in the Black Hat/DefCon hall of mirrors, where security vendors will be revealing their hacker sides.
Source: InfoWorld

Twitter vulnerability forces auto-follow   31 Jul 2008 21:20 GMT
Ryan Naraine over at ZDNet's Zero Day has the scoop on a new CSRF vulnerability in Twitter that forces users to follow a supposed attacker. While Naraine viewed the POC of this vulnerability no technical details were yet shared -- and Twitter has been notified -- but this is a...
Source: ZDNet

McAfee acquires Reconnex, inks distribution pacts   31 Jul 2008 21:05 GMT
McAfee on Thursday acquired data loss prevention company Reconnex, inked distribution pacts with HP and Toshiba and reported better than expected second quarter earnings. The company said it acquired Reconnex, which makes technology that automates data protection, for $46 million. McAfee said Reconnex will allow it to...
Source: ZDNet

CSRF vulnerability allows Twitter 'follow' abuse   31 Jul 2008 20:22 GMT
Last week, TechCrunch's Jason Kincaid wrote about an obvious Twitter vulnerability that allowed a user called "johng77536" to game the popular micro-blogging service to add thousands of followers subscribers in a short period of time. The "johng77536" account has since been disabled but a security researcher tracking...
Source: ZDNet

Symantec: New attitude on security needed   31 Jul 2008 17:17 GMT
Government agencies and private companies need to move their focus away from single-point security solutions to more holistic, information-based security, Symantec officials advised.
Source: InfoWorld

FBI warns of new Storm worm variant   31 Jul 2008 11:56 GMT
The email uses the phrase 'FBI vs. Facebook' in its subject line and contains a link to view an article about the FBI and Facebook. On Wednesday, the FBI and its partner, the Internet Crime Complaint Center (IC3), warned against a new email campaign being used by the creators...
Source: ZDNet

Symantec is commanding more of your IT budget   31 Jul 2008 11:50 GMT
Symantec's strategy of selling security and storage together is apparently paying off as companies consolidate the number of vendors they use. The security and storage management software company reported strong fiscal first quarter results statement as net income more than doubled from a year ago. Symantec reported...
Source: ZDNet

IOC caves to China Internet censorship   31 Jul 2008 11:04 GMT
The International Olympic Committee ( IOC ) admitted Wednesday that it made a deal with Chinese officials to accept censorship of the Internet during the Beijing Olympic Games, which begin August 8.
Source: InfoWorld