Brian Prince

Researchers at the University of Cambridge in the United Kingdom released a study March 11 that shows just how much the ‘Likes’ of Facebook users can be used to accurately determine their race, age, IQ, sexual preferences and personality. In collaboration with researchers with Microsoft Research Cambridge, researchers at the university’s Psychometrics Centre analyzed more […]

Microsoft released seven security bulletins March 12 as part of its Patch Tuesday update, including a critical fix for Internet Explorer (IE). Four of the bulletins were rated “critical,” while the other three were ranked as “important.” All totaled, 20 vulnerabilities were fixed across Microsoft Windows, IE, Office, Server Tools and Silverlight. The IE bulletin […]

Google received fewer than 1,000 requests per year over the past four years from the FBI and other government agencies for information via National Security Letters, according to officials with the search giant. National Security Letters (NSLs) do not carry the weight of a subpoena, but can be issued by government agencies when investigating matters […]

Researchers at Symantec have uncovered another phase in the evolution of Stuxnet, an early variant of the malware that may have been developed as early as 2005. In the more than two years that has passed since Stuxnet was discovered during the summer of 2010, the malware’s complexity and goal of causing damage in the […]

SAN FRANCISCO—Big data has gone way beyond its identity as IT industry buzzword. It is an essential factor in the future of successful IT security operations. This was the message of Art Coviello, executive chairman of EMC’s RSA security division, as he stood before a crowd of attendees Tuesday morning at the RSA Conference. The […]

Malware is not the only threat to enterprise security. According to a new study from the International Information Systems Security Certification Consortium, or (ISC)2, a shortage of security experts with strong leadership and communications skills poses a direct challenge to organizations around the world. The study, which was prepared in cooperation with research firm Frost […]

Enterprises may have to pay a high price for failing to protect the trust ecosystem supporting the digital world. According to a new study from the Ponemon Institute commissioned by security vendor Venafi, organizations in the Forbes Global 2000 are expected to lose more than $35 million (USD) during the next 24 months. The estimate […]

Adobe Systems pushed out emergency updates Feb. 20 to quell attacks targeting Reader and Acrobat on Windows. The updates patch two vulnerabilities—CVE-2013-0640 and CVE-2013-0641—that can be exploited to allow an attacker to hijack a vulnerable system. According to Adobe, both bugs are being exploited in targeted attacks that try to trick Windows users into clicking […]

Attackers used a Java vulnerability to infect Facebook employees in what the company’s security team described as a “sophisticated attack.” The attack exploited a previously unknown vulnerability in Java, according to Ars Technica. Facebook Chief Security Officer Joe Sullivan told Ars Technica, “the attack was injected into the site’s HTML, so any engineer who visited […]

Several global certificate authorities have joined forces to create the Certificate Authority Security Council (CASC). The organization includes Comodo, DigiCert, Entrust, GlobalSign, GoDaddy, Symantec and Trend Micro. As certificate authorities (CAs), these companies issue digital certificates used for authentication. The group’s goal is to bring together leading certificate authorities to establish security standards, promote best […]