Close
  • Latest News
  • Big Data and Analytics
  • Cloud
  • Networking
  • Cybersecurity
  • Applications
  • IT Management
  • Storage
  • Sponsored
  • Mobile
  • Small Business
  • Development
  • Database
  • Servers
  • Android
  • Apple
  • Innovation
  • Blogs
  • PC Hardware
  • Reviews
  • Search Engines
  • Virtualization
Read Down
Sign in
Close
Welcome!Log into your account
Forgot your password?
Read Down
Password recovery
Recover your password
Close
Search
Logo
Logo
  • Latest News
  • Big Data and Analytics
  • Cloud
  • Networking
  • Cybersecurity
  • Applications
  • IT Management
  • Storage
  • Sponsored
  • Mobile
  • Small Business
  • Development
  • Database
  • Servers
  • Android
  • Apple
  • Innovation
  • Blogs
  • PC Hardware
  • Reviews
  • Search Engines
  • Virtualization
More
    Home Cybersecurity
    • Cybersecurity
    • IT Management

    IE Zero-Day, EU Online Privacy in Security News

    By
    Brian Prince
    -
    November 7, 2010
    Share
    Facebook
    Twitter
    Linkedin

      Online privacy was once again in the spotlight this past week when the European Commission announced it is looking to tighten data protection rules for the Web.

      According to the commission, the rules should require that businesses clearly inform customers how, why, by whom and for how long their data is collected and used. In addition, the rules should reduce discrepancies in European Union (EU) data protection rules and permit people to give their informed consent to the processing of their personal data.

      The commission is accepting public input on the rules through Jan. 15 via its Website. Meanwhile, Facebook was in the news again in regard to the sharing of user IDs (UIDs). This time, it was because the site announced that application developers caught selling UIDs had been suspended.

      According to Facebook, less than a dozen application developers were involved, and none was responsible for any of the 10 most popular apps on the site. In a blog post, Facebook engineer Mike Vernal wrote that the company is “instituting a 6-month full moratorium on (the developers‘ access) to Facebook communication channels, and we will require these developers to submit their data practices to an audit in the future to confirm that they are in compliance with our policies.

      “While we determined that no private user data was sold and confirmed that transfer of these UIDs did not give access to any private data, this violation of our policy is something we take seriously,” he blogged.

      Application security made its way into the news as well, when viaForensics highlighted a number of vulnerable mobile banking applications from companies such as PayPal, TD Ameritrade and Bank of America. The situation highlighted the fact that developers face some unique security challenges when creating mobile applications, security pros said.

      “The mobile device itself cannot be considered to be trusted; devices are lost and stolen all the time,” Richard Wang, U.S. manager of SophosLabs, told eWEEK. “I think these incidents show that the comparative lack of experience of mobile developers when it comes to security considerations [such as] storing usernames and passwords in plain text on the device is a rookie mistake.”

      Malware developers think about security as well-albeit for a different purpose, as highlighted here in a discussion of some of the techniques attackers use to fight back against researchers and rivals.

      They also think about new vulnerabilities, as exemplified by the appearance of a new Internet Explorer zero-day attack. Microsoft issued an advisory on the issue Nov. 3, after researchers at Symantec noticed an attack exploiting the vulnerability to infect users with a backdoor Trojan known as Pirpi. The vulnerability impacts IE 6, 7 and 8, though there are mitigating factors detailed in the advisory.

      According to Microsoft’s pre-Patch Tuesday notification advisory, the IE bug is not on the agenda to be fixed Nov. 9. However, the company does have patches slated for Microsoft Office and Forefront Unified Access Gateway (UAG). Of the three security bulletins (two for Office, one for UAG), two are rated “Important” while the third, which affects Microsoft Office, is rated “Critical.”

      Brian Prince

      MOST POPULAR ARTICLES

      Cybersecurity

      Visa’s Michael Jabbara on Cybersecurity and Digital...

      James Maguire - May 17, 2022 0
      I spoke with Michael Jabbara, VP and Global Head of Fraud Services at Visa, about the cybersecurity technology used to ensure the safe transfer...
      Read more
      Cloud

      Yotascale CEO Asim Razzaq on Controlling Multicloud...

      James Maguire - May 5, 2022 0
      Asim Razzaq, CEO of Yotascale, provides guidance on understanding—and containing—the complex cost structure of multicloud computing. Among the topics we covered:  As you survey the...
      Read more
      Big Data and Analytics

      GoodData CEO Roman Stanek on Business Intelligence...

      James Maguire - May 4, 2022 0
      I spoke with Roman Stanek, CEO of GoodData, about business intelligence, data as a service, and the frustration that many executives have with data...
      Read more
      Applications

      Cisco’s Thimaya Subaiya on Customer Experience in...

      James Maguire - May 10, 2022 0
      I spoke with Thimaya Subaiya, SVP and GM of Global Customer Experience at Cisco, about the factors that create good customer experience – and...
      Read more
      IT Management

      Intuit’s Nhung Ho on AI for the...

      James Maguire - May 13, 2022 0
      I spoke with Nhung Ho, Vice President of AI at Intuit, about adoption of AI in the small and medium-sized business market, and how...
      Read more
      Logo

      eWeek has the latest technology news and analysis, buying guides, and product reviews for IT professionals and technology buyers. The site’s focus is on innovative solutions and covering in-depth technical content. eWeek stays on the cutting edge of technology news and IT trends through interviews and expert analysis. Gain insight from top innovators and thought leaders in the fields of IT, business, enterprise software, startups, and more.

      Facebook
      Linkedin
      RSS
      Twitter
      Youtube

      Advertisers

      Advertise with TechnologyAdvice on eWeek and our other IT-focused platforms.

      Advertise with Us

      Menu

      • About eWeek
      • Subscribe to our Newsletter
      • Latest News

      Our Brands

      • Privacy Policy
      • Terms
      • About
      • Contact
      • Advertise
      • Sitemap
      • California – Do Not Sell My Information

      Property of TechnologyAdvice.
      © 2021 TechnologyAdvice. All Rights Reserved

      Advertiser Disclosure: Some of the products that appear on this site are from companies from which TechnologyAdvice receives compensation. This compensation may impact how and where products appear on this site including, for example, the order in which they appear. TechnologyAdvice does not include all companies or all types of products available in the marketplace.

      ×