Fahmida Y. Rashid

Twitter is deploying one of the security features Mozilla built into the new Firefox 4 Web browser in an ongoing quest to improve security for its users. Mozilla launched Firefox 4 on March 22 with a number of security features, including features to thwart cross-site scripting attacks. Twitter announced on the same day that it […]

Researchers released attack code exploiting dozens of vulnerabilities in software used to control hardware at nuclear plants, gas refineries and other heavy industries, raising the specter of yet another Stuxnet-style attack. Serious vulnerabilities currently exist in programs sold by Siemens, Iconics, 7-Technologie, Datac and Control Microsystems, according to a researcher who released the exploits on […]

As RSA deals with the data breach where attackers stole information about its two-factor authentication technology, organizations can watch and learn how to deal with these kinds of attacks. RSA acknowledged on March 17 in a letter on its Web site about having been hit by an advanced persistent threat, and that some information about […]

Adobe has fixed and issued a security update to the zero-day vulnerability in its Flash Player. In addition, the company has updated older versions of Acrobat and Reader that could cause user systems to crash. A week after announcing the critical vulnerability in Adobe Flash Player, Acrobat and Reader, the company issued out-of-cycle security updates […]

The agency governing Internet addresses has approved .xxx as a new top-level domain, despite objections from civil rights groups, the adult entertainment industry and even parent groups. The Internet Corp. for Assigned Names and Numbers approved the creation of the .xxx suffix on March 18 in a 9-3 vote. Four board members abstained from the […]

The former Goldman Sachs computer programmer was sentenced to eight years in prison for stealing proprietary code used by the Wall Street bank’s high-frequency trading system. U.S. District Judge Denise Cote handed down a 97-month sentence, well within the eight to ten years the prosecutors had sought, and fined Sergey Aleynikov $12,500 on March 18. […]

Data breaches, mobile security, and two major vulnerabilities seemed to be on everyone’s mind this week. Just as the week was winding down, RSA posted a vague letter on its Web site reporting its network had been breached by unknown attackers and that some information had been stolen. RSA knew exactly what had been stolen, […]

The network of one the world’s largest and trusted security firms has been breached, and an unknown amount of information about its popular multifactor authentication technology has been stolen. Customers are worried about what form potential attacks could take. The SecurID information that was stolen would not allow attackers to launch a successful direct attack […]

Following RSA’s announcement of a data breach, there’s really nothing for SecurID customers to do but to monitor their systems in hopes of foiling an attack, if it ever comes. RSA Security, a division of storage giant EMC, announced late March 17 it had been breached by attackers and that some information about its SecurID […]

EMC’s RSA Security acknowledged it had been hit by an “extremely sophisticated” attack and that information related to the SecurID two-factor authentication products have been stolen. Intruders succeeded in breaching RSA networks “recently” as part of an Advanced Persistent Threat attack, Art Coviello, executive chairman of RSA Security, wrote in an open letter to customers […]