Brian Prince

The Chinese government is fighting back against accusations it was involved in any way in the recent cyber-attacks that struck more than 30 enterprises, calling such talk “groundless.” “Accusation that the Chinese government participated in cyber-attack, either in an explicit or inexplicit way, is groundless and aims to denigrate China,” a spokesman of the Ministry […]

Bredolab, Spam and the CAPTCHA-Cracking Biz by Brian Prince Bredolab on the Rise After being relatively dormant at the beginning of the year, Bredolab began pushing Webwail Jan. 11, leading to a surge in activity. Special Delivery This is an example of a spam message containing the Bredolab Trojan. Here, the malware is disguised as […]

Data breaches are not getting any cheaper to deal with, and companies that jump the gun on notifications can end up paying the most. In its fifth annual study on data breaches, the Ponemon Institute discovered that about 36 percent of participants notified their breach victims within one month, but ended up paying $219 per […]

Database security vendor Imperva released an analysis of 32 million passwords exposed in the Rockyou.com breach. What they found is not good. According to their analysis, the three most commonly used passwords are “123456”, “12345” and “123456789.” Other common passwords include “Password” and “iloveyou.” Their analysis echoes a paper written by researchers at the University […]

U.S. Secretary of State Hillary Clinton in a speech Jan. 21 took a strong stance in favor of promoting cyber-security partnerships and ending Internet censorship, but stopped short of using harsh language against China in connection with the recent cyber-attacks reported by Google. China has been at the center of accusations of attacks on Google, […]

Microsoft issued an emergency fix Jan. 21 to patch the Internet Explorer vulnerability at the center of a spate of cyber-attacks against Google, Adobe Systems and dozens of other companies. The update actually addresses a total of eight vulnerabilities in IE, the most serious of which can be exploited for remote code execution. The flaw […]

IBM today announced it has agreed to acquire National Interest Security Company, LLC (NISC) to bolster its advanced analytics business as it takes aim at the public sector. The financial terms of the deal were not disclosed. However, NISC’s bread and butter is providing IT, information management and management and technology consulting services for the […]

Microsoft will release an out-of-band patch Jan. 21 to fix the Internet Explorer vulnerability at the center of recent attacks on Google and other enterprises. According to Microsoft, the patch is slated to be ready around 1 p.m. EST. If all goes according to plan, the patch will close a hole that has prompted France […]

A new report from Arbor Networks is a case of good news/bad news for service providers. The good news is that the size of distributed denial of service attacks hitting their infrastructures did not increase as much between third quarter of 2008 and the third quarter of 2009 as it had in previous years. The […]

Microsoft announced Jan. 19 that SQL Server 2008 Release 2 will be ready by May. SQL Server 2008 R2 is currently in the community technology preview phase. The most recent CTP was released in November. Since the first CTP in August, there have been more than 150,000 downloads of the database, Microsoft said in the […]