Brian Prince

Google, Microsoft and other tech industry heavyweights have joined forces with advocacy groups to push for changes to the Electronic Communications Privacy Act (ECPA). ECPA was enacted in 1986 to provide a legal framework to extend government monitoring of telephone communications to electronic communications on computers. The sweeping legislation set a standard for the coming […]

Microsoft issued an emergency patch March 30 for a zero-day bug affecting Internet Explorer, closing a security hole exploited by attackers this month in assaults on IE 6 and 7 users. The update was initially going to be issued as part of April’s Patch Tuesday release and actually includes fixes for a total of 10 […]

A new study from BeyondTrust underscores what many IT administrators should already know – less privileges can mean more security. In an analysis of Microsoft security bulletins from 2009, BeyondTrust – which specializes in privilege management – found that removing administration rights is a mitigating factor in 90 percent of the critical Windows 7 vulnerabilities. […]

More than 3 million federal student loan records were stolen in a massive data breach. According to the Educational Credit Management Corp. (ECMC), a guarantor of federal student loans, “portable media” containing the names, addresses, Social Security numbers and dates of birth of 3.3 million people was stolen from the company roughly a week ago. […]

Microsoft is planning to patch a zero-day bug in Internet Explorer in March 30 with an out-of-band emergency fix. The patch plugs a security hole Microsoft first warned about March 9 after attackers began targeting the vulnerability in IE 6 and 7. IE 8 is unaffected. “We recommend that customers install the update as soon […]

A new report from Symantec names China as the world’s primary source of targeted malware the month of March. The high stakes of such attacks were brought into focus for many earlier this year with the Aurora attack on Google and dozens of other companies. According to Symantec (PDF), while most of the malware (36.6 […]

Hacker Albert Gonzalez received another 20 year-sentence March 26 to run concurrently with the one he received sentence he received March 25 in two other cases. Today’s sentencing brought the odyssey of the 28-year-old cyber-criminal to a close, in a case covering the massive breach of Heartland Payment Systems that compromised millions of credit and […]

Score another for the hacker community. At the Pwn2Own contest at this week’s CanSecWest Applied Security conference in Vancouver, hackers have had their way with the Apple iPhone, Mac and Safari, as well as Mozilla Firefox and Microsoft Internet Explorer. The iPhone fell courtesy of Vincenzo Iozzo of Zynamics and independent security researcher Ralf-Philipp Weinmann, […]

The mastermind behind some of the most high-profile data breaches in recent history was sentenced on March 25 to 20 years in prison. Albert Gonzalez, 28, pleaded guilty in 2009 to charges in Massachusetts, New York and New Jersey and faced as many as 25 years behind bars for hacking several major retailers, including BJ’s […]

Google officials say a problem with certain corporate Web pages being displayed in Chinese was due to a bug, not the actions of hackers. According to a report in the Guardian, some users searching “Google executives” through Google were given an English result entitled “Corporate Information – Google Management” that took them to a page […]