02/06/2012

Mobile device management: Understanding Apple's extra requirement

Anyone wanting to buy mobile device management (MDM) software to manage Apple iOS devices need a special digital certificate from Apple to activate it, a requirement that doesn't apply to the same MDM software when used to manage Google Android devices, for instance.
02/06/2012

How to protect your intellectual property in the cloud

Around this time last year, the cloud computing contract signings were coming fast and furious -- not just for commodity work like IT management or email, but for software and infrastructure closer to the core of corporate value. Not long after that, the calls started to come in to Greg Bell, the Americas service leader for information protection at KPMG.
02/06/2012

The in-depth guide to data destruction

A key part of any information security strategy is disposing of data once it's no longer needed. Failure to do so can lead to serious breaches of data-protection and privacy policies, compliance problems, and added costs.
02/03/2012

Facebook malware scam takes hold

A "worrying number" of Facebook users are sharing a link to a malware-laden fake CNN news page reporting the U.S. has attacked Iran and Saudi Arabia, security firm Sophos said Friday.
02/03/2012

PHP 5.3.10 fixes critical remote code execution vulnerability

The PHP Group released PHP 5.3.10 on Thursday in order to address a critical security flaw that can be exploited to execute arbitrary code on servers running an older version of the Web development platform.

The vulnerability is identified as CVE-2012-0830 and was discovered by Stefan Esser, an independent security consultant and creator of the popular Suhosin security extension for PHP.
02/03/2012

Google won't delay new privacy policy despite E.U. concerns

Google does not plan to delay its new privacy policy despite calls from Europe's data protection watchdog.
02/03/2012

Microsoft researchers say anonymized data isn't so anonymous

Data routinely gathered in Web logs -- IP address, cookie ID, operating system, browser type, user-agent strings -- can threaten online privacy because they can be used to identify the activity of individual machines, Microsoft researchers say.

At the same time, analysis of such data when anonymized can help detect malicious activity and so improve overall Internet security, they add.
02/03/2012

Symantec warns of Android Trojans that mutate with every download

Researchers from security vendor Symantec have identified a new premium-rate SMS Android Trojan horse that modifies its code every time it gets downloaded in order to bypass antivirus detection.

This technique is known as server-side polymorphism and has already existed in the world of desktop malware for many years, but mobile malware creators have only now begun to adopt it.
02/03/2012

Apple updates Lion, patches 51 bugs in Mac OS X

Apple this week patched 51 vulnerabilities in Mac OS X, most of them critical, in 2012's first security update.

Both Mac OS X 10.7, aka Lion, and 10.6, better known as Snow Leopard, were updated with fixes. The two operating systems were last updated in mid-October 2011.
02/03/2012

Google finally scans malware-ridden Android Market

In an effort to improve security in its Android Market, Google has been using a service providing automated scanning of applications submitted to the mobile application store, Google revealed on Thursday afternoon.

Code-named Bouncer, the service scans the market for potentially malicious software without disrupting the user experience or requiring developers to submit to an application approval process, said Hiroshi Lockheimer, vice of engineering for Android, in a blog post: