Brian Prince

Twitter Deploys Two-Factor Authentication to Protect User Accounts

Twitter is imposing two-factor authentication to bolster account security in view of recent high-profile breaches affecting Twitter as well as media organizations around the world. In response to the attacks, Twitter announced Wednesday it is rolling out a form of two-factor authentication to provide extra security for users. The new “log-in verification” feature will serve […]

McAfee LiveSafe Uses Biometric Protection for Storage

McAfee is mixing the worlds of biometrics, security and storage in its new LiveSafe offering set to be available next month. The LiveSafe service is meant to be a step toward delivering on McAfee’s joint vision with Intel to enable consumers to protect their data and identity on all their devices. As part of the […]

Cyber-Gang Steals $45M in Hack of Prepaid Debit Cards, Bank ATMs

Federal authorities have slapped the cuffs on several alleged members of a cyber-gang who are charged with taking part in a massive heist that stole as much as $45 million in a matter of hours. According to an indictment unsealed Thursday, seven of eight people have been charged with being members of the New York-based […]

Microsoft Patch Tuesday to Fix Critical Internet Explorer Zero-Day Bug

Microsoft is planning to release a fix for an Internet Explorer zero-day bug being targeted in the wild this coming Patch Tuesday. The vulnerability, which is being exploited against users of IE8, has been spotted being used in an attack campaign against numerous Websites, including the U.S. Department of Labor site. Users of Internet Explorer […]

Stealthy Apache Exploit Redirects Victims to Blackhole Malware

Attackers are using a sophisticated and stealthy piece of malware to infect Apache Web servers. The backdoor, dubbed Linux/Cdorked.A, is “one of the most sophisticated Apache backdoors we have seen so far,” according to Pierre-Marc Bureau, security intelligence program manager at ESET. “The backdoor leaves no traces of compromised hosts on the hard drive other […]

Spamhaus DDoS Attack Investigation Results in Arrest of Dutch Man

A 35-year-old man was arrested last week in Spain in connection with the massive distributed denial-of-service (DDoS) attack on Spamhaus in March. The suspect was identified by authorities only as a Dutchman with the initials “SK,” though he has been identified in reports as Sven Olaf Kamphuis, who has been tied to Web hosting company […]

Phishers Breaking Into Web Hosting Servers to Launch Mass Attacks

Cyber-attackers are focusing their efforts on Web hosting providers in order to use their facilities to launch mass phishing attacks, according to a new report from the Anti-Phishing Working Group (APWG). According to the group’s Global Phishing Survey for the second half of 2012, attacks leveraging these resources represented nearly half of all phishing attacks […]

Hacktivists Change Tactics From Data Breaches to Disruption: Verizon

Last year, much of the blame for data theft chronicled in Verizon’s massive data breach report for 2011 was laid at the doorstep of hacktivists driven by political motives. Verizon’s report on data breaches in 2012, however, reveals that the main ideology driving external attackers could be summed up this way: Greed is good. Overall, […]

AlienVault Virtual Appliance Detects Threats, Assesses Vulnerabilities

Security vendor AlienVault released a new product on April 16 combining asset discovery, vulnerability assessment, threat detection and behavioral monitoring into one platform. AlienVault’s Unified Security Management virtual appliance blends these technologies together in a single product. The appliance is compatible with VMware ESXi and Proxmox virtual environments. It also offers customers easier host-based intrusion […]

Microsoft Fixes Patch Tuesday Security Update After User Complaints

Microsoft has been forced to update its own security update to address reports that a patch was causing system errors for customers. The problem lies in security update 2823324, which was pushed out April 9 as part of security bulletin MS13-036. This update was meant to address four vulnerabilities in the Windows kernel-mode driver. For […]