Brian Prince

The more details that leak out about the cyber-attack that hit Google, Adobe Systems and roughly 30 other companies, the more complex the picture gets. According to a Jan. 14 analysis by McAfee, which has dubbed the situation “Operation Aurora,” one of the malware samples involved in the attack exploited a new zero-day vulnerability in […]

Adobe Systems reported Jan. 12 that it has uncovered a “coordinated attack against corporate network systems managed by Adobe and other companies.” Adobe became aware of the attack Jan. 2, according to a post by Adobe employee Pooja Prasad on a company blog. Other companies were affected by the attack as well, and Adobe is […]

Facebook and McAfee are teaming up to improve security on the popular social networking site. For Facebook’s 350 million users, the partnership between the two companies has multiple aspects. If Facebook users are compromised, the social networking site will require them to run a scan using a free remediation tool developed by McAfee. In addition, […]

Google has opted to turn on HTTPS for Gmail continuously by default to protect user e-mails. The move follows the revelation that there have been repeated attempts to access Gmail accounts belonging to Chinese human rights activists, as well as calls from security and privacy experts for Google to deploy the technology automatically to secure […]

In an attack echoing the one that disrupted Twitter in December, Chinese search engine Baidu fell victim Jan. 12 to the “Iranian Cyber Army.” For 3 hours today, the Iranian Cyber Army took down Baidu’s homepage and replaced it with a page showing the message, “This site has been hacked by Iranian Cyber Army” against […]

Symantec has agreed to acquire Gideon Technologies in a bid to add to its risk management capabilities to meet the compliance needs of the public sector. Gideon Technologies specializes in vulnerability, configuration, policy and compliance management as well as network and asset discovery. According to Symantec, Gideon Technologies’ security content automation protocol-validate configuration and vulnerability […]

A federal grand jury in Dallasindicted 19 people Jan. 8 in a complex scheme that allegedly used a series of shell companies to defraud banks, telecommunications providers and others out of $15 million. The 19 defendants were each charged with conspiracy to commit wire and mail fraud. Fifteen of the defendants are also charged with […]

Google is mulling the idea of shutting down its operations in China amid concerns about a cyber-attack and repeated efforts to access the Gmail accounts of Chinese activists. Google Chief Legal Officer David Drummond in a blog post Jan. 12 said Google is no longer willing to censor results on Google.cn, and “will be discussing […]

Microsoft released a single Windows security bulletin Jan. 12 for its first Patch Tuesday update of 2010. The bulletin is rated critical for users of Windows 2000 Service Pack 4, and low for several other editions of Windows. The vulnerability at issue lies within the Microsoft Windows EOT (Embedded OpenType) Font Engine, and is due […]

Rootkits specialize in staying hidden. But while their disappearing acts make for a good game of technical hide-and-go-seek, the threats still pop up on the radar of Malware Protection Center blog, Microsoft stated that low-level rootkits account for about 7 percent of infections. Alureon, Cutwail and Rustock were the most prevalent rootkits of 2009, though […]