Fahmida Y. Rashid

Oracle is planning a giant Critical Patch Update for January, fixing 79 vulnerabilities in 20 major areas affecting hundreds of products, including the flagship Oracle database software and MySQL. The patches will address security flaws in Oracle Database Server, Fusion Middleware, E-Business, Supply Chain, PeopleSoft, JD Edwards, Sun, Virtualization and MySQL product suites, Oracle said […]

NEW YORK – Internet stakeholders need to move forward with securing the core infrastructure by adopting DNSSEC, a security expert said at the International Conference for Cyber-Security. DNSSEC, or Domain Name System Security Extension, does not solve “all the ills” of the Internet, but it is a powerful tool that would improve the security of […]

NEW YORK – Microsoft is planning to make the data it collected as part of its botnet takedown operations available as a real-time threat intelligence feed. The company would distribute threat data obtained from captured botnets and other sources to foreign governments, law enforcement, Computer Emergency Response Teams and private corporations, two members of the […]

Organizations have to ensure that employees have the right level of corporate data access to do their jobs, but not so much that they can potentially abuse their privileges. IBM’s newest security software promises to make role management a breeze for IT staff. Called “Security Role and Policy Modeler,” the new software provides customers with […]

Organizations are not taking security considerations in to account when working with third-party data recovery data services, which puts them at risk of a data breach by unscrupulous providers, according to a recent report from the Ponemon Institute.In the “Trends in Security of Data Recovery Operations” report released Jan. 11, 87 percent of respondents said […]

Stratfor, also known as Strategic Forecasting, is finally back online after a cyber-attack shut down the site last month. Stratfor relaunched its newly designed site on Jan. 11, 18 days after a group of individuals claiming to be affiliated with the hacktivist collective Anonymous struck its servers on Dec. 24. The attackers breached Stratfor’s servers […]

ThreatMetrix acquired Australian company TrustDefender to add malware protection and secure browsing to its portfolio of secure device-identification products. The combined companies will operate under the ThreatMetrix name and have operations in the United States, Australia and Europe, ThreatMetrix officials said Jan. 10. However, ThreatMetrix has adopted the TrustDefender name for all the products in […]

Security researchers monitoring mass SQL injection attacks warned the latest one may be nearing a million infected pages using a combination of automated tools and reconnaissance using search engines.The “Lilupophilupop” SQL injection campaign has infected a little over a million URLs since it was first detected in early December, according to a post on the […]

Adobe fixed six critical vulnerabilities in its Reader and Acrobat software, including the two zero-day flaws in its 3D rendering technology identified last month. The latest update affects Adobe Reader and Acrobat X for Windows and all versions on the Mac OS X, Adobe said in its security bulletin released Jan. 10. Adobe fixed three […]

Microsoft fixed eight vulnerabilities in the Windows kernel, Windows Media Player and developer tools as part of January’s Patch Tuesday update. Of the seven bulletins, only one was rated “critical,” according to Microsoft’s security bulletin summary released Jan. 10. The remaining bulletins were rated “important.” There was a reduction in the number of patches rated […]