Lisa Vaas

The marketing department tells you when and why its collecting personal data, right? Wrong. According to a recent survey from Microsoft of 3,600 security, privacy and marketing professionals in the United States, the UK and Germany, 78 percent of respondents believe their marketing department informs security and privacy executives of what its up to with […]

An expert on electric power infrastructure and cyber-security says we lack the regulatory authority, political muscle and requisite skill sets to do much of anything about a U.S. power grid thats ripe for attack or failure. A video from the Department of Energys Idaho National Labs—released to the Department of Homeland Security and subsequently shown […]

A PDF Trojan horse is spreading malware by exploiting a URL-handling vulnerability in Windows XP and Windows Server 2003 running Internet Explorer 7, Symantec warned customers of its DeepSight Alert Services on Oct. 23. On Oct. 10, Microsoft released Security Advisory 943521 about this vulnerability and public reports of remote code execution. At the time, […]

Hows this for a cyber-crime target: In most industrialized countries, SMBs make up 97 to 99 percent of all companies. Yet most of those small to midsize businesses have tiny IT groups, and most of those IT groups dont have security expertise—heck, they dont even have security policies to manage employees personal use of work […]

Congress : Power Grid Defense Is Weak”> In the wake of the Idaho National Laboratory test that blew up an electrical generator with a simulated cyber-attack and revealed the fragility of the nations electrical infrastructure, a congressional panel on cyber-security is calling for an investigation into how well electric sector owners and operators have implemented […]

Two vendors want to know: “Is your computer possessed? Does it seem like your hard drives haunted?” If so, theyre offering a day of free technical support to cleanse PCs from evil and help users rid themselves of zombies, botnets, viruses and other malware on Halloween. CyberDefender, an Internet security company that uses a client-to-client […]

Attackers are exploiting a RealPlayer zero-day flaw to gain control of Windows systems through Internet Explorer, Symantec warned customers of its DeepSight Threat Analyst service late Oct. 18. The unpatched vulnerability affects all versions of RealPlayer, including the most recent, 10.5, as well as the beta of RealPlayer 11, Symantec told eWEEK. The zero-day vulnerability […]

MySpace and Skype are partnering, potentially creating “an IT departments worst security nightmare: a massive, productivity-draining time-waster that opens up firewall ports, also presenting an unidentifiable, secure, secret stream of network traffic on a corporate network,” an Akonix rep wrote in a letter. They make security products for corporate instant messaging, so you can see […]

A password-stealing Trojan is targeting Skype, posing as a security plug-in for the popular VOIP and IM service and displaying a fake log-in screen thats almost identical to the real thing. McAfees Avert Labs is identifying the Trojan as PWS-Pykse, F-Secure is referring to it as Trojan-Spy.Win32.Skyper.B and Skype is calling it 65404-SkypeDefenderSetup.exe. The Trojan, […]

MySpace and Skype are hooking up, unveiling on Oct. 17 a new version of MySpaces instant messaging client that will let users access Skypes free Internet phone calls. This pairing brings two of the hottest online purveyors of free communications services together: MySpace boasts 110 million monthly active users, and Skype has a roster of […]