S'pore SMBs see disaster recovery plans as luxury
Local small and midsize firms diligent in data backup but still need to do more to safeguard business and customer data, survey finds.
Security
Zero-day flaw found in web encryption
A security issue with underlying web encryption protocols TLS and SSL has left many authentication mechanisms open to attack, according to security researchers.
Find more stories in: Authentication and encryption, Business security, Authentication, Business security, Security, SSL, Authentication and encryption, Web Browser, Zero-day Bug, Encryption
Pirate Bay closure sparks rise in P2P sites
Closure of Pirate Bay led to temporary 300 percent increase in the number of file-sharing Web sites, says McAfee.
Find more stories in: Peer to peer, Piracy, Open Source, Site, BitTorrent, P2P, security company, McAfee Inc., File-sharing, Internet Service Provider
Corporate bank accounts targeted in online fraud
Small and midsize businesses, governments, and school districts are targets of online bank fraud involving malicious e-mails, key loggers, and money mules, FBI says.
Find more stories in: Authentication and encryption, Data security, Business security, Krebs, Malware, Security, bank, Authentication and encryption, Money, Web Browser
3FA not priority for Asian banks, regulators
Banks in region still ironing out two-factor authentication rollouts and unlikely to implement additional authentication layer just yet, says analyst.
Find more stories in: Authentication and encryption, Data security, Security applications/tools, Security Management, Authentication, Banking, 3FA, Security, Biometrics, bank
Spammy scams surfacing on Twitter, Facebook
Users on Twitter report direct messages that lead to phishing page, while Facebook users are getting links to a malware site.
Find more stories in: Spam and phishing, Spam filtering, Facebook, Google Inc., Phishing, Malware, Twitter Inc., Phishing Web Site, Password, spam message
Twitter users warned about new phishing attack
Sophos says the new attack features direct messages with link to fake Twitter log-in page. Entering a username and password prompts a fake overcapacity "fail whale."
Find more stories in: Security Management, Spam and phishing, Web 2.0, Phishing, Twitter Inc., Web Page, Web 2.0, Sophos Plc., Graham Cluley, Phishing Web Site
Tis season to be shopping online, at work
Employees plan to spend 14.4 hours shopping online from work computers during this year-end festivities, highlighting need to keep systems secure, study finds.
Find more stories in: Business security, IT training, Web sites, Social Networking, Employee, Computer, Survey, ISACA, Information Technology, Web sites
Web-based malware infections rise rapidly, stats show
Nearly 6 million Web pages are infected with malware, double previous estimates earlier in the year, according to Dasient.
Find more stories in: Network security, Security Management, Security applications/tools, Google Inc., Malware, Twitter Inc., Dasient, SQL, Infection, Web Application
LA approves US$7.2 million Google Apps deal
City's contract for Google Apps requires that integration provider Computer Sciences Corp. promise to pay a penalty if there is a security breach.
Find more stories in: Web services, Office suites, E-mail clients, Google Inc., City Council, Security, LA, LA City, District of Columbia, Novell Inc.
US-CERT warns about free BlackBerry spyware app
Creator of PhoneSnoop program that can be used to eavesdrop on BlackBerry calls releases a new program to help protect users from stealth spyware apps.
Find more stories in: BlackBerry, Mobile, Security Management, RIM BlackBerry, Phone, Security, software, Indonesia, e-mail, spyware
US Defense Department to partially lift flash drive ban
Authorized individuals will be able to use USB thumb drives that are owned by the government and necessary for mission-critical functions, U.S. Navy CIO says.
Find more stories in: Authentication and encryption, Security implementation/standards, Security Management, U.S. Department Of Defense, Malware, network, Chief Information Officer, Authentication and encryption, USB Flash Drive, medical record
Card security rules hinder virtualization
Current guidelines for security card payment need updating as they conflict with virtualization practices and may hamper adoption of the technology, say industry experts.
Find more stories in: PC security, Data security, Network security, Security implementation/standards, Security Management, Security, Virtualization, Jason Pearce, bank, International Data Corp.
Windows 7 default user account control worries experts
Microsoft made some changes to a much-maligned User Account Control feature, but experts say the default still puts consumers at risk.
Find more stories in: Windows 7, PC security, Authentication and encryption, Security applications/tools, Kaspersky Lab, Malware, Operating System, Security, Microsoft Corp., Authentication and encryption
Microsoft criticizes privacy in Chrome 3.0
Latest version of the browser logs every search keystroke and sends it back to Google, Microsoft executive points out.
Find more stories in: Privacy, Web browsers, Google Inc., Security, Microsoft Corp., software, Web Browser, Google Chrome, Privacy, software company
Microsoft fixing Bing bug that aided spammers
Company works to fix a bug, discovered earlier this week by Webroot researchers, that let spammers piggyback onto Bing redirects and get through spam filters.
Find more stories in: Network security, Security Management, Search, MySpace, RSS, Security, Web Page, Microsoft Corp., Spam, Spammer
Leaking crypto keys from mobile devices
Attackers could steal keys used for encryption and authentication on mobile devices by analyzing electromagnetic signals and radio frequency emissions, researcher says.
Find more stories in: Mobile, Authentication and encryption, cable box, Phone, Key, bank, mobile, Authentication and encryption, Attack, Mobile Device
Rogue security programs are 'ongoing threat'
Symantec's analysis of fake security software over 12 months finds 43 million attempts to install some 250 programs, most of which were coded in English.
Find more stories in: PC security, Network security, Security applications/tools, Security, Rogue Security Program, EMEA, Security Software, Asia-Pacific, antivirus, North America
S'pore looking to improve online security
Monetary Authority of Singapore exploring new guidelines to enhance security for online transactions and credit card payments, says Visa exec.
Find more stories in: Authentication and encryption, Security applications/tools, Security Management, Authentication, credit card payment, Security, Noka, Payment Structure, bank, Authentication and encryption
Asian TLDs bide their time on DNSSEC
update Thailand goes ahead to adopt security protocol for country-code top-level domain, but other countries in region continue testing and may not follow suit yet.
Find more stories in: Web sites, Domain names, Network security, Security implementation/standards, Security Management, DNS, Registry, Thailand, Web Browser, browser company
Play video
