Brian Prince

A survey of roughly 100,000 endpoints from some 25 organizations revealed that all of them had between 10 and 30 percent security- or policy-compliance issues. The survey, performed by endpoint management software vendor Promisec, found the key issues are missing third-party agents, unauthorized peer-to-peer applications, missing Microsoft updates and out-of-date or misconfigured antivirus. Some of […]

With the acquisition of Sun Microsystems by Oracle still in the air, MySQL creator Monty Widenius has come out in strong opposition to the deal. In a blog post, Widenius urged the MySQL community to contact the European Commission regarding Oracle’s possible acquisition of Sun Microsystems, which bought MySQL AB in 2008. “Without your immediate […]

Strong two-factor authentication is falling short, and businesses need to take notice, according to a report from Gartner. In a new report, “Where Strong Authentication Fails and What You Can Do About It,” Gartner analyst Avivah Litan contends that Trojan-based, man-in-the-browser attacks are circumventing strong two-factor authentication and proving that any authentication method that relies […]

When Facebook updated its privacy settings a few days ago, the changes drew a mix of acclaim and criticism. One thing, however, was made clear-securing social networks means taking a serious approach to privacy. According to Facebook, that starts with an understanding of what privacy settings exist and taking stock of what information users want […]

Trend Micro released a report Dec. 9 highlighting what it expects to see as far as security threats in 2010. Among the more interesting predictions — attacks on cloud infrastructures will increase. Almost as if on cue, a report surfaced the same day that the Zeus Trojan was observed abusing the Amazon EC2 (Elastic Compute […]

Facebook is defending changes to its privacy and security controls despite criticisms from some users. On Dec. 9, Facebook announced it was implementing a number of privacy-related changes, including the ability to control who sees what piece of content on a user’s page, a Transition Tool and simplified privacy settings. However, some users lambasted the […]

Facebook is calling on its 350 million-strong user base to review and update their privacy settings as it rolls out new tools to enable users to better control their information. The new features, which launch today, include: the ability to control who sees what piece of content on a user’s page, a Transition Tool and […]

The Transportation Security Administration confirmed Dec. 9 that five employees “have been placed on administrative leave” while an investigation into the posting of a security operations manual continues. More than 90 pages long, the document contained information on airport passenger screening procedures used by the TSA. A TSA news release said the material was out […]

Seven Ways to Make Your Security Budget Pay Off in 2010 Seven Ways to Make Your Security Budget Pay Off in 2010By Brian Prince Finding the Security Gaps The process begins with security pros determining what gaps exist in their security defenses. In the graph here, analyst firm IDC asked hundreds of organizations how susceptible […]

On Dec. 6, a researcher posted proof that he had compromised NASA Websites via a SQL injection. Fortunately for NASA, his motive appears to only have been to illustrate weaknesses in its sites. Other entities, however, have not been so lucky. There were of course the breaches of Heartland Payment Systems and Hannaford Brothers, but […]