Brian Prince

Security researchers’ revelations that hackers have targeted oil companies around the world lead this past week’s IT security news. According to McAfee, a coordinated attack campaign it has dubbed “Night Dragon” has been under way since at least 2009 and impacted oil, energy and petrochemical companies in Kazakhstan, Taiwan, Greece and the United States. Circumstantial […]

The buzzword for this year’s RSA Conference-cloud. The conference, which will run from Feb. 14 to Feb. 18 at the Moscone Center in San Francisco, has an entire track focused on cloud security. It is one of 17 class tracks available at this year’s conference, which typically draws a large crowd of vendors, researchers and […]

Researchers at the Fraunhofer Institute for Secure Information Technology (SIT) in Germany have found a way to steal passwords from Apple iPhones in six minutes. The institute’s discovery could pose a security problem if phones are lost, as the attack requires physical access to the device. The researchers’ target was the “Keychain,” Apple’s password-management system. […]

Microsoft’s Internet Explorer 9 Release Candidate arrived Feb. 10 with privacy and malware protections built in to protect users. At the forefront of those features is the new TPL (tracking protection list), which enables users to choose to visit only certain Websites if they click on a link or type in the address. The feature […]

VMware is warning customers that two Microsoft patches effectively disable the VMware View desktop virtualization software on Windows 7. The Microsoft updates in question are 2482017 and 2467023, which were released by Microsoft on Patch Tuesday. According to VMware, the updates left users of the VMware View client on Windows 7 unable to connect to […]

In an age of compliance regulations and a growing awareness of the costs of a data breach, encrypting data has become a key part of many enterprise security plans. But encrypting data has little value if an organization loses track of encryption keys. And it is that last part that a recent survey (PDF) by […]

Roughly five months after taking two-factor authentication to Google Apps users, the company is adding a setup wizard and other features to bring the security approach to more users. “Most of us are used to entrusting our information to a password, but we know that some of you are looking for something stronger,” blogged Nishit […]

It is no secret critical infrastructure companies are on the hit list of cyber-attackers. The latest entry on the list today comes courtesy of McAfee, whose researchers uncovered a campaign of coordinated, covert attacks targeting oil, energy and petrochemical companies that stretches back to November 2009. The attacks, which McAfee has collectively dubbed “Night Dragon” […]

Mozilla is taking its privacy proposal directly to users in the latest beta release of Firefox 4. In it, the company has brought the “Do Not Track” HTTP header it recently proposed to bear for users who want to opt out of behavioral tracking by online advertisers. “The Web is evolving quickly, and so are […]

Microsoft continues to take aim at malware abusing the AutoRun feature in Windows-this time placing a fix into the Windows Update channel to prevent exploitation by attackers. AutoRun is a feature that allows removable media such as USB devices and CDs to launch automatically whenever they are inserted; it is also one of the chief […]