Microsoft kills Windows SteadyState

Windows SteadyState is a handy tool for managing stand-alone PCs in public venues that cater to a motley crew of guest users.

Microsoft upgrades free app security tool

Microsoft released this week an upgrade to a tool that helps secure applications for the Internet without having to recode them.

Women perform well on Defcon social engineering test

Of the 135 people Fortune 500 employees targeted by social engineering hackers in a recent contest only five of them refused to give up any corporate information whatsoever. And guess what? All five were women.

Secunia security program automatically tracks down, applies patches

Secunia has updated its Personal Software Inspector (PSI) with the ability to silently download and apply patches from multiple vendors soon after their release. PSI 2.0 is now available in an open beta test,

Skyrocketing viruses, less danger?

In 2008, antivirus firm Sophos processed about 20,000 "new" pieces of malware every day.

Global spam hits all-time high

Spam hit an all-time high this year, with more unwanted messages pouring in from a smorgasbord of countries, thanks in part to globalization. Such are the findings of a recent and comprehensive report on all things security-related from IBM X-Force.

Microsoft still mum on programs prone to DLL hijacking attacks

Microsoft on Tuesday again abstained from naming which of its Windows programs, if any, contain bugs that could lead to widespread "DLL load hijacking" attacks.

Eight great virtual appliances for VMware, free for the downloading

Virtual appliances are great for the same reasons physical appliances took the IT world by storm: They make deployment a snap -- even instantaneous -- while at the same time reducing costs. It's a formula that made hardware-based appliances immensely popular for network security, backup, storage networking, file services, email, and many other single-focus solutions.

What it takes to shut down a botnet

A botnet shutdown makes for a great story.

Google disputes bug patching report

Google on Monday said that a recent report claiming it failed to patch a third of the serious bugs in its software had the facts wrong.

Scammers prey on required Twitter update

Scammers are trying to take advantage of the fact that many users will soon have to update their version of the TweetDeck Twitter software.

Escape from Windows DLL security hell

The Windows DLL library loading vulnerability is gaining hacker attention. Although no one can accurately predict the next "big one," malicious cyber fiends are likely to use this exploit method against innocent computer users.

Mobile security: Your smartphone is safer than your PC, for now

In security circles, the talk on mobile centers around mobile management, protecting access to and use of corporate information by smartphone users. This summer's iOS 4 has been a game-changer for most IT organizations, giving the Apple iPhone, iPad, and iPod Touch security capabilities equivalent to those of Windows Mobile and meeting the needs of most BlackBerry users, ending the main objection at many companies for allowing iOS devices in.

Cisco patches bug that caused partial Internet blackout

Cisco has fixed a bug in its IOS (Internetwork Operating System) router software that contributed to a brief Internet blackout last week, thought to have affected about 1 percent of the Internet.

No good can come of a malware convention

Anyone who was ever concerned by the concept of hacking conventions such as Black Hat -- which has evolved into a reputable venue for security defenders -- should

How to thwart the new DLL hijacks

Earlier this week I wrote in Tech Watch about a whole new class of Windows zero-day vulnerabilities, warning that a wave of attacks would arrive soon.

Updated 'blue screen of death' rootkit now targeting 64-bit Windows

A new version of the malware that crippled Windows PCs last February sidesteps safeguards designed to block rootkits from hijacking machines running 64-bit editions of Windows, researchers said Thursday.

The Pentagon plays security catch-up

Individual hackers can hurt national computer systems. Attackers have the advantage over defenders. Attributing attacks to specific groups is difficult.

Microsoft boosts access to secure development guidelines

Looking to broaden access to its security practices for software development, Microsoft plans to shift the licensing for its Security Development Lifecycle (SDL) documentation to the more accessible Creative Commons License, the company said on Thursday.

Sun, Microsoft, and Mozilla leave the most vulnerabilities unpatched

Sun is the king of unpatched software vulnerabilities followed closely by Microsoft and Mozilla, according to the mid-year security report by IBM's X-Force.