Brian Prince

IT is an interesting world, one where the Web is simultaneously a key driver for business and a popular gateway for attackers. With both these forces at work, it shouldn’t be surprising enterprises are starting to take application security more seriously. Statistics from a recent survey by the Open Web Application Security Project (OWASP) found […]

Microsoft is building a small but important change into Windows 7 to help slow the spread of malware. According to Microsoft, the company is changing the way the AutoPlay feature operates to prevent it from enabling the AutoRun task for USB devices. The move, Microsoft officials said, was done in response to malware-most notably Conficker-taking […]

The Google Chrome Web browser and Microsoft Internet Explorer have found themselves at the center of a security issue that could lead to cross-site scripting attacks. Google Chrome has been updated to 1.0.154.59 to fix a security vulnerability in the handling of ChromeHTML URIs (Uniform Resource Identifiers) that allows an attacker to bypass the Same […]

The RSA Conference is much more vendor-driven than shows such as Black Hat and ShmooCon, but there is always room for talk about security vulnerabilities and threats in the wild. This year, discussion of the threat landscape touched on everything from browser hijacking to wireless security to attacks on VOIP (voice over IP). More than […]

Every RSA Conference has a popular buzzword or phrase. This year it was “the cloud.” In one way or another, vendors were pushing their answer to handling security in the cloud. Cisco unveiled a number of tools and services in the cloud April 21, even though a day later Cisco CEO John Chambers described the […]

The Cyber Secure Institute recently added one more number to think about when the security community hears the name Conficker-9.1 billion. That is how many dollars were lost in terms of wasted time, resources and energy as the cyber-community dealt with the worm, variants of which over the past several months have infected millions of […]

As it turns out, stealing credentials is actually the easy part of cyber-theft. The hard part is using them to pilfer bank accounts. Fortunately for phishers, they have no shortage of help in that regard. This ecosystem of hackers, malware writers and money mules was on full display at this week’s RSA Conference, where researchers […]

When it comes to the war on terrorism, not all battles, intelligence gathering and recruitment happen in the street. Some of it occurs in the more elusive world of the Internet, where supporters of terrorist networks build social networking sites to recruit and spread their message. Enter Jeff Bardin of Treadstone 71, a former code […]

Academia, government and the private sector need to come together in the name of cyber-security-that was the message Melissa Hathaway brought to this year’s RSA Conference in San Francisco. Hathaway is acting senior director for cyberspace for the National Security and Homeland Security councils, and was tasked by the Obama administration with heading up a […]

Researchers at Finjan have uncovered a massive botnet controlling some 1.9 million zombie computers. The security vendor disclosed the discovery at the RSA Conference in San Francisco. According to reports, the nearly two million bots include machines in 77 government domains in the U.S., U.K. and other countries. The size of the network would make […]