Brian Prince

Virtualization, Cloud PCI Compliance Tips for Your Enterprise by Brian Prince Do Ask, Do Tell Companies should get independent verification that its cloud/virtualization vendor is PCI-compliant, and make sure there are measures in place to maintain that compliance. Companies should study their SLA to see if it protects them in the event of a data […]

Microsoft is arming Windows users with a new automated tool to help thwart exploits of a zero-day that has come under attack. The bug, which lies in the Windows shell component of the operating system, exists because Windows parses shortcuts in a way that permits malicious code to be executed when the icon of a […]

FileMaker is nudging the iPad and iPhone further into the enterprise space by bringing their database technology to the mobile devices’ users. The company released FileMaker Go iPhone and FileMaker Go for iPad Tuesday, and the programs are now available through Apple’s iTunes App Store. With FileMaker Go, users can view, edit and search for […]

Adobe Systems is adding new sandboxing technology to Adobe Reader to tighten security and close down doors for attackers. Known as -Protected Mode’, the technology will be included in the next full version of the PDF viewing software, and comes at a time when attackers are increasingly using Adobe vulnerabilities to compromise computers. The technology […]

In August 2009, Arbor Networks researcher Jose Nazario uncovered a botnet using Twitter as a command and control mechanism. Since then, other examples of attackers taking advantage of Web 2.0 sites have continued to sporadically pop up. The tactic remains quite rare, but there are a number of reasons why attackers may increasingly look to […]

Microsoft released the beta versions of upcoming editions of Microsoft Security Essentials and Forefront Endpoint Protection 2010. In Security Essentials, Microsoft has added several new features and enhancements, including integration with Internet Explorer to protect against Web threats as well as a network inspection system to prevent network-based exploits. According to a spokesperson, the network […]

News of a Microsoft Windows zero-day vulnerability may have put the Stuxnet malware on the public’s radar, but it has not stopped the malware’s purveyors from trucking along. As of this morning, Microsoft said it detected nearly 10,000 unique machines where Stuxnet infections were prevented. The target of the malware is not ordinary users, but […]

VeriSign has announced plans to make a move into malware scanning to bolster its role in ensuring Website security. The anti-malware service is part of a handful of new features VeriSign is offering to its customers to help them create a safe, trusted experience for visitors. In addition to malware scanning, VeriSign SSL-protected sites will […]

Some security pros are taking issue with Microsoft’s advisory on a zero-day vulnerability one researcher referred to as “simple to exploit.” The vulnerability lies in the Windows Shell component. While Microsoft asserted in its advisory July 16 that the result of the vulnerability is that “malicious code may be executed when the user clicks the […]

Microsoft issued an advisory today to address a zero-day vulnerability linked to a Trojan spreading through infected USB devices. According to Microsoft, the vulnerability at the center of the reports exists because Windows incorrectly parses shortcuts in a way that allows malicious code may be executed when the user clicks the displayed icon of a […]