Brian Prince

Hello, all. It’s been a while, but the Security Watch blog is now back in action this week, and right on que reports of a new scam spreading virally on Facebook have surfaced. According to Sophos, the scam uses subject lines like this one: ‘I just got the Dislike button, so now I can dislike […]

Designing malware and exploits is only one end of the business for black hats. Getting that malicious content to users is another. A key way for attackers to do that is through search engine optimization (SEO), which boosts the search engine rankings of compromised or malicious Web pages. “Black hat SEO works by exploiting search […]

Researchers at Armorize Technologies reported that as many as 5 million parked domains belonging to customers of Network Solutions fell victim to an infected widget and were serving up a side order of malware. Armorize has notified Network Solutions, which told eWEEK it is investigating the situation and can’t confirm how many domains may have […]

LogLogic is updating its security information and event management platform to streamline the collection of IT data across its IT infrastructure. In LogLogic 5, the company has added what it dubbed the UCF (Universal Collection Framework) – a WAN-aware, store-and-forward, encrypted, compressed IT data transport designed to allow customers to collect data while increasing resilience […]

Gartner analysts are predicting the worldwide security software market will reach more than $16.5 billion in revenues in 2010. If true, the prediction will represent an 11.3 percent increase from the $14.8 billion in revenues the security industry saw in 2009, the firm said. It also represents a roughly 4 percent bump from the 7 […]

Microsoft has released a database migration tool with the aim of bringing MySQL users to SQL Server and SQL Azure. Microsoft added the new tool kit in a refresh of its existing SSMA (SQL Server Migration Assistant) family of products. In addition, the company added SSMA for Microsoft Access to provide direct migration from Access […]

Facebook has fixed a bug that could have been abused by someone looking to get their hands on the full names and photos of users. Atul Agarwal of Secfence Technologies posted information about the issue to the Full Disclosure mailing list Aug. 11. If someone entered a user’s e-mail address and the wrong password in […]

The developer of a jailbreak for iPhones has posted source code attackers could use to compromise devices. The developer, who goes by the name “Comex,” posted code for JailbreakMe 2.0 on the Web Aug. 11 after Apple released a pair of fixes for the iOS bugs the jailbreak leverages. The patches also address the problems […]

The PCI Security Standards Council released a document Aug. 12 outlining proposed clarifications to be added to the future version of industry regulations. The PCI SSC document highlights several revisions slated to appear in the 2.0 versions of PCI DSS (Payment Card Industry Data Security Standard) and PA DSS (Payment Application Data Security Standard). More […]

McAfee’s July 29 agreement to acquire TenCube was its second attempt to purchase its way deeper into the mobile security business this year, and one of multiple plays in the space by other vendors. Vendors are right to be interested. A June survey of enterprises by The 451 Group found two-thirds of the 91 respondents […]