IBM intends to make the security information and event management (SIEM) technology gained through the acquisition of Q1 Labs, which was officially closed yesterday, the centerpiece of IBM's broad security product portfolio.
Researchers from the Horst Goertz Institute (HGI) of the Ruhr-University Bochum (RUB) in Germany have demonstrated an account hijacking attack against Amazon Web Services (AWS) that they believe affects other cloud computing products as well.
Researchers from the Horst Goertz Institute (HGI) of the Ruhr-University Bochum (RUB) in Germany have demonstrated an account hijacking attack against Amazon Web Services (AWS) that they believe affects other cloud computing products as well.
A new variant of the DroidKungFu Android Trojan is posing as a legitimate application update in order to infect handsets, according to security researchers from Finnish antivirus vendor F-Secure.
Adobe is working on a fix for a Flash Player vulnerability that can be exploited via clickjacking techniques to turn on people's webcams or microphones without their knowledge.
Facebook is ignoring a serious shortcoming in the way it limits application developers' access to information about Facebook users, according to a pair of hackers.
Researchers from browser security vendor Trusteer have identified a new variant of the SpyEye financial Trojan that tricks online banking users into changing the phone numbers associated with their accounts.
Websites that accidentally distribute rogue code could find it harder to undo the damage if attackers exploit widespread browser support for HTML5 local storage and an increasing tendency for heavy users of Web apps never to close their browser.
In one of the bigger security news stories Microsoft struck a blow against an emerging botnet called Kelihos by using a legal tactic to take down the botnet's domain names.
GlobalSign expects to bring its certificate-issuing systems back online on Monday, and resume business Tuesday, it said over the weekend. The U.S. certificate authority (CA) stopped issuing new SSL certificates last Tuesday in order to audit its security, after being named as a target by the hacker who claimed to have attacked Dutch CA DigiNotar.
Google <a href="http://googleblog.blogspot.com/2011/07/2-step-verification-stay-safe-around.html">said Thursday</a> that it has rolled out its two-step authentication sign-in system to 40 languages across over 150 countries.
A company that makes password recovery tools has released one that can snatch passwords from a locked or sleeping Macintosh running Mac OS X Lion by plugging another computer into the Mac's FireWire port. The attack technique is several years old and the only way to defend against it is to turn the Mac off.
T-Mobile is hoping to make it easier for businesses to use Android phones by reselling secure e-mail services from Good Technology.
As the phone hacking saga continues to grip the U.K., mobile operators contend that spying on someone's voicemail messages wouldn't be possible today as several weaknesses in the systems have been eliminated.
The computer hacking group LulzSec said Saturday it had ended its campaign of cyberassaults on government and corporate websites and that it was time for it to "sail into the distance."