'Unhackable' Android can be hacked

Once thought to be unhackable, the Android phone is anything but, according to researchers presenting at Black Hat 2010.

Targeted malware attacks: The new normal

Stealthy, targeted attacks aren't just for defense agencies and high-tech giants like Google, according to researchers from managed security services firm TrustWave's Spider Labs research grou

Data breaches exploit configuration errors, not software vulnerabilities

Hackers appear to be increasingly counting on configuration problems and programming errors rather than software vulnerabilities in order to steal information from computer systems, according to a new study from Verizon.

Malware tools openly available in China, security researchers say

LAS VEGAS -- China's rapid emergence as a hotspot for criminal hacking activities is enabled by the open and unfettered availability of sophisticated hacking tools, according to security researchers attending the Black Hat conference here this week.

Microsoft's bug reports fail to produce prompt patches

Even Microsoft can't move software makers to patch their products.

Free mobile apps can cost users their privacy

As if IT admins weren't busy enough securing end-users' computers, servers, and the network, they now need to come up with ways to protect end-users' phones.

Dell angles for service contracts with new security offerings

Dell on Wednesday beefed up its security offerings with new hardware and services, which could help the company to strike more long-term service engagements with customers.

Apple patches up Safari and rolls out extensions

When Jeremiah Grossman, CTO of WhiteHat Security, announced last week that he had found a security hole in the Safari browser, he certai

Adobe joins Microsoft's patch-reporting program

Adobe Systems and Microsoft are now working together to give security companies a direct line into their bug-fixing efforts.

AT&T won't stop Black Hat demo of cell phone eavesdropping

AT&T says it won't interfere with a highly anticipated talk on intercepting cell phone calls at the Black Hat conference this week, even though rumors are circulating that it will do just that.

Google patches Chrome, sidesteps Windows kernel bug

Google on Monday patched five vulnerabilities in Chrome by issuing a new "stable" build of the browser.

Web filtering and reporting tools for the small business

Last month, ICANN approved the .xxx top-level domain for adult websites. It's been a controversial subject for many years, with conservatives saying the domain legitimizes the porn industry and pornographers decrying digital segregation. Well, the domain is approved, but there is no law in place that will force adult websites to use it (at least, not yet).

Open source Razorback project targets malware, zero-day exploits

Sourcefire, best known for its Snort intrusion-prevention technology, Tuesday is unveiling a new open source project called Razorback that's designed to spot malware and especially zero-day exploits.

G Data releases tool to block Windows shortcut attacks

The German security company G Data released a tool on Tuesday that blocks attacks using Microsoft's shortcut vulnerability but also preserves shortcut icons unlike the hotfix released recently by Microsoft.

NAC decisions you need to make now to secure your network

One important piece of a multilevel security defense for companies of almost any size is network access control (NAC), which lets you enforce policies for end-user machines.

5 big security themes to watch for at Black Hat and Defcon

Trying to predict the big news at this week's Black Hat and Defcon conferences is extremely tricky, if not impossible. Usually the most interesting stories pop up at the very last minute -- hackers tend to hold off on disclosing the really big talks because they don't want jittery lawyers to shut them down.

Free Sophos tool blocks Windows shortcut attacks

The security firm Sophos released a tool on Monday that it claimed will block any attacks trying to exploit the critical unpatched vulnerability in Windows' shortcut files.

Defcon hackers target cell phone security

Attendees at the annual Defcon hacking conference in Las Vegas might be advised to keep their cell phones powered off at the show, where one prominent security researcher says he will demonstrate a way to transparently intercept and eavesdrop on cell phone calls.

Google and Mozilla bug bounties don't buy much more security

Both Mozilla and the Google are raising their rewards for submitted critical vulnerabilities in respective browsers. Mozilla is now paying $3,000 for Firefox bugs and the Google Chromium team is paying $3133.70 ("elite" in hacker leet-speak) for bugs in Chrome, compared to the initial $1,337 reward from six months ago.

Cyber crime costs businesses each $3.8 million per year

A new study of 45 U.S. organizations found that cyber crime -- including Web attacks, malicious code, and rogue insiders -- costs each one of them $3.8 million per year, on average, and results in about one successful attack each week.