Brian Prince

The day before reports of foreign spies penetrating the U.S. electrical grid hit the news, the North American Electric Reliability Corp. advised energy companies to take a comprehensive look at how they identify critical cyber assets. The North American Electric Reliability Corporation (NERC) is a non-profit, international company that works to develop industry standards as […]

Conficker’s latest move may be tied to a scheme to lure users into downloading fake anti-virus software. Security researchers monitoring the Conficker worm’s activities say the malware has been observed downloading a file detected by Kaspersky Lab as FraudTool.Win32.SpywareProtect2009.s. “Once it’s run, you see the app interface, which naturally asks if you want to remove […]

Microsoft has a big Patch Tuesday planned for April 14 with the release of eight security bulletins to cover eight vulnerabilities. The release includes five “critical” bulletins, including three affecting Microsoft Windows. The other two critical bulletins address issues in Microsoft Office Excel and Internet Explorer. According to Microsoft, IE 8 is not affected by […]

Rogue anti-virus has emerged as one of the most prevalent threats to end users in 2008, according to Microsoft’s latest Security Intelligence Report. Also known as scareware, bogus anti-virus programs lure users into paying for software that, unbeknownst to them, offers either little or no real protection, and is sometimes designed to steal data. “Of […]

Roughly a week after Conficker’s much-anticipated April 1 “big day,” Trend Micro is reporting the presence of a new payload spreading via peer-to-peer between infected computers. Trend Micro is detecting the payload as WORM DOWNAD.E. “Basically the component it’s downloading via peer-to-peer is just a dropper-so it drops yet another component, which we are in […]

Reports that the U.S. electric grid was penetrated by foreign spies may on the surface seem shocking. But as Brightfly Managing Director of Research Brandon Dunlap knows, attempts at cracking the networks of U.S. utilities are not new. Brightfly is a consulting company specializing in advising on security and governance, risk and compliance. “While I […]

Microsoft has pushed out the first service pack for SQL Server 2008, and to hear company officials tell it, the biggest news is that there is no big news. SQL Server 2008 Service Pack 1 (SP1) does not contain much when it comes to new features, but it does have enhancements meant to ease deployment. […]

The most important part of an attack isn’t always a vulnerability; sometimes it’s the user’s trust. This was certainly the case during an authorized penetration test at an energy company conducted by security vendor Netragard. Looking for a way inside the customer’s defenses, the vendor turned to Facebook. Testers built a profile claiming to be […]

Microsoft has decided to delay its integrated security suite, code-named Stirling, until the fourth quarter of 2009. Stirling was initially supposed to ship in the first half of this year. According to Microsoft, the company will begin releasing the suite in the fourth quarter of 2009 with the launch of Forefront Server Security for Exchange […]

Enrique Salem has officially stepped into the role of chief executive officer of Symantec. Salem replaces John W. Thompson, who captained the company for the last 10 years as CEO and will stay on as chairman of the board of directors. Salem was appointed COO in January 2008, where he was responsible for the company’s […]