Brian Prince

Attackers had their eyes fixed on the Windows .LNK shortcut vulnerability in August, accounting for three entries on Kaspersky Lab’s list of the top 20 most prolific malicious programs during the month. Reports of the vulnerability first became public in July, with the revelation of the Stuxnet worm. Two of the three pieces of malware […]

Google is reworking its privacy policy in the name of simplicity. Google Associate General Counsel Mike Yang announced Friday that the search engine giant is making revisions to its policy to make it more comprehensible to regular users. “Long, complicated and lawyerly-that’s what most people think about privacy policies, and for good reason,” he blogged. […]

Spammers jumped out the gate quickly with survey scams aimed at users of Ping, Apple’s new iTunes social network. Ping launched Sept. 1 with the goal of creating a social network for the more than 160 million users of iTunes. However according to Sophos, the service has been hit with a barrage of scams and […]

Okpako Diamreyan, a Nigerian citizen, was sentenced Sept. 1 to nearly 13 years in prison for masterminding an “advanced fee” scam that cost his victims $1.3 million. According to the U.S. Department of Justice, Diamreyan was also ordered to pay more than $1 million in restitution to reimburse his victims and to spend three years […]

The first release candidate for PostgreSQL 9.0 has arrived with built-in binary replication technology. Expected to be ready for final release sometime in September, the RC represents a significant overhaul for the database, said PostgreSQL core team member Josh Berkus. New features include per-column and conditional triggers, performance enhancements for object-relational-mapper queries and exclusion constraints. […]

The University of Virginia reportedly fell victim to a cyber-attack the week of Aug. 23 that resulted in the theft of nearly $1 million. Unfortunately for administrators at colleges and universities, their institutions are just as vulnerable to data breaches as enterprises. According to KrebsOnSecurity.com, attackers used malware to steal online banking credentials for accounts […]

Check Point Software Technologies is expanding its virtual security offerings with an eye toward protecting VMware environments. With Security Gateway Virtual Edition (VE), Check Point has added integration with VMware’s VMsafe technology in a bid to bring the same level of firewall and intrusion prevention capabilities to virtual networks that Check Point customers have on […]

Microsoft released an updated version of a tool kit Sept. 2 to help developers make their applications more secure. With the Enhanced Mitigation Experience Toolkit 2, Microsoft said, developers can bring technologies such as dynamic data execution prevention to bear to improve security, particularly for older programs that cannot be recompiled to opt in to […]

Facebook is updating security on its site to bolster protections added in May relating to user log-ins. This time, Facebook is giving users the ability to log out of any Facebook session they may have left active on another computer or device. For example, if a user logs into Facebook on a friend’s computer and […]

IBM has revised some of the findings in its “X-Force 2010 Mid-year Trend and Risk Report” after complaints that its vulnerability tallies were inaccurate. “After we released our trend report…we received feedback from two software vendors regarding the severity and remedy information for some of the vulnerabilities behind this chart,” Tom Cross, manager of IBM’s […]