The RDV Group
   Safe Computing Experts
  Home    Books    Services    Security News    Resources    About
 
 
Security News
Search Security Channel
Infoworld Security News
CNET Security News
eWeek Security News
Windows Security News
Security Tracker
Security Focus Vulns
Security Focus News
NYTimes Tech News
BBC Technology News
NewsFactor Tech News
RootSecure.net
Spyware News
CastleCops
EFF Breaking News
Security Fix
SC Magazine
CSO Magazine
Network Computing

Copyright © 2004 The RDV Group Inc.
Security - RSS Feeds
Security - RSS Feeds

President-Elect Barack Obama Falls Victim to Twitter Hack
U.S. President-elect Barack Obama is one of 33 people who had their Twitter accounts hacked, according to Twitter. The hacks are a separate issue from the wave of phishing attacks circulating in recent days. Security company Sophos suggests caution.
- U.S. President-elect Barack Obama was among 33 Twitter users who had their accounts hacked. According to social messaging company Twitter, the hack which also claimed the account of CNN anchor Rick Sanchez is separate from the phishing attacks that have been circulating on Twitter since the wee...

CA to Acquire Orchestria for Data Loss Prevention Technology
CA is making a play into the data loss prevention market with the purchase of Orchestria. CA plans to integrate DLP with its identity and access management portfolio to help business design better policies to protect data.
- CA officials announced today the company is making its third security acquisition in as many months with the purchase of the Orchestria Corporation. The deal combines CAs identity and access management portfolio with Orchestrias DLP (data loss prevention) technology with the goal of helping o...

Twitter Phishing Scam Takes New Turn with Promises of iPhone
A phishing campaign targeting Twitter has morphed, according to researchers at Sophos. Phishers are now using accounts compromised in the initial campaign launched over the weekend to snare Twitter users lured by the promise of an iPhone.
- Phishers are hooking more and more Twitter users in campaigns to steal their account data, according to security researchers. The initial phishing attack reported over the weekend has expanded, with spammers now using compromised accounts to initiate a new campaign that capitalizes on the popul...

SSL Crack Shows You Must Advance Your Security
The successful creation of a rogue certificate authority by security researchers using a colliding certificates attack demonstrates that if you're not moving forward with your security-related standards then you're moving backward. Everything gets cracked over time, so you have to keep improving your defenses.
- It's just one embarrassment after another for the digital certificate business lately. First, lax procedures at a Comodo affiliate resulted in the sale of a quot;mozilla.com quot; certificate to someone unaffiliated with that group. Now a more serious technical problem has developed with the wa...

Microsoft Urges Organizations to Patch Server Vulnerability as New Attacks Surface
Microsoft is again urging users to apply a patch for a vulnerability in the Windows Server service. The company reported earlier that a new variant of the Conficker worm has surfaced to target the flaw.
- Microsoft advised organizations yet again to deploy the patch for a flaw affecting the Windows Server service that was fixed in October. The latest attacks are coming courtesy of a new variant of the Conficker worm, identified by Microsoft as Win32/Conficker.B. According to the company, the var...

Kaspersky Lab to Bring Application Assessment, Whitelisting to Its Enterprise Portfolio
Anti-malware vendor Kaspersky Lab is planning to build application vulnerability assessment and whitelisting into its enterprise products. The company already has whitelisting features in its consumer products.
- In a market still dominated by security vendors Symantec and McAfee, Moscow-based Kaspersky Lab made solid gains in 2008 through its consumer business. With 2009 around the corner, Kaspersky is looking to take elements of its consumer products to enterprise desktops. In an interview with e...

Rogue Digital Certificates Require CAs, Browser Vendors Work to Tighten Internet Security
An international team of security researchers uncovers a way to forge digital certificates, potentially allowing hackers to launch virtually undetectable phishing attacks. The research underscores why certificate authorities and browser vendors must keep up with the latest anti-malware measures.
- When news hit that a team of security researchers and cryptographers had discovered a way to create a rogue certificate authority, the oft-repeated rule of Internet security quot;Trust no one quot; took on new significance. However, before panic strikes, the researchers pointed out there are a n...

Enterprise Security in the Year 2008
The economy may have slowed, but the security needs of businesses did not. From Symantec to McAfee to Sophos, security vendors have not been shy about putting new products out on the market to help companies fight malware, data breaches and unauthorized intrusion. Here are a few of the products from security vendors that hit the market in 2008 and were aimed at enterprises.
- ...

Top 10 Security Stories of 2008
White hats and black hats alike were busy this year. From hacking the personal e-mail account of then-vice presidential candidate Sarah Palin to Microsoft's decision to phase out Windows Live OneCare, there has been no shortage of security things for us to write about. Here are some of the top security stories from 2008.
- Some cool hacks, panic in San Francisco and the shutdown of a notorious Web hosting firm there were several interesting security stories that made headlines in 2008. Good guys and bad guys both had their hands full as the cat-and-mouse game between vendors and cyber-crooks continued. So without...

Microsoft Disputes Claim of Windows Media Player Vulnerability
Microsoft says reports of a remote code execution vulnerability in Windows Media Player are false. Rumors of the flaw surfaced last week on the Web.
- Microsoft is denouncing a security researchers claim of a remote code execution flaw affecting Windows Media Player. Reports of the vulnerability surfaced last week on the SecurityTracker vulnerability notification service. According to the initial report, a bug in Windows Media Player could b...

Balancing Risk and the Budget
In this eWeek podcast hosted by Mike Vizard, PacketMotion CEO Paul Smith says IT organizations in 2009 will increasingly need better classes of IT tools to keep pace with a much tougher regulatory environment.
- Audio Podcast Content....

Security in 2009
It's meta-prediction time. I took the most interesting of the predictions that were pitched to me, and they don't paint a pretty picture of the year ahead.
- Every December I get a lot of pitches from vendors, analysts and other security types with predictions for the next year. This year I've decided to go through them and pick out the ones that made an impression on me. Many of the ones I don't list here, like quot;spam will increase, quot; are eit...

Chertoff Praises Bush Cyber-security Efforts
Outgoing Department of Homeland Security chief Michael Chertoff says the Bush administration's work on cyber-security leaves President-elect Barack Obama well-positioned for progress on securing the nation's IT infrastructure.
- Almost a year after launching a cyber-security quot;Manhattan Project quot; and less than a month before President-elect Barack Obama takes office, outgoing Department of Homeland Security Secretary Michael Chertoff says the Bush administration is leaving Obama with quot;some momentum quot; on ...

SSL Certificate Vendor Sells Mozilla.com Cert to Some Guy
In the absence of standards for applicant verification for standard SSL certificates, CAs need to promulgate strong policies and publicize their contractual obligations for resellers, and they need to audit those relationships.
- The SSL infrastructure is based, in a large sense, on trust. We trust that vendors of the software that checks certificates will only trust the roots of certificate authorities that are trustworthy, and that means CAs that check to see that the applicant for a certificate is who he says he is. ...

Check Point Sees Better Product through Nokia Acquisition
Check Point channel chief Amnon Bar-Lev believes the acquisition of Nokias security appliance unit will decrease the number of products that partners service and customers buy, while increasing functionality and usability.
- Check Point Software Technologies acquisition of Nokias security appliance unit will expand the security companys expertise and value of its product line, creating greater value for partners and customers, says the companys channel chief Amnon Bar-Lev. In an interview with Channel Insider, Bar-L...

Last Update: Mon, 05 Jan 2009 22:58:05 -0500

*********************************************************************************************

About Us

The RDV Group Inc. is a New York-based security consulting services firm, providing information systems training and consulting. We offer packaged seminars and custom certification training solutions, and provide computer and information systems security consulting services to government and private organizations.

Russell Dean Vines, CISSP, CISM, Security +, CCNA, MCSE, MCNE, is the president and founder of The RDV Group Inc., a New York-based security consulting services firm, and the author of seven best-selling information system security books published by John Wiley and Sons.

Get the CISSP Prep Guide 2nd Edition!

Valuable Wireless Security Information!

Pass the CompTIA Security + Exam!
 

About    Bios    Contact    Partners    Privacy Statement