Posted on 15 March 2012.

Silver Tail Systems announced Profile Analyzer, which provides real-time analysis of both individual user behavior and crowd behavior on websites to identify malicious activity online.

The pace of innovation delivered by websites has expanded the capabilities and value delivered by financial services and ecommerce companies to their customer base. However, it has also prompted cybercriminals to look for new ways to exploit web functionality to commit fraud and other ...

Posted on 14 March 2012.

What is it that makes the Ukraine such a fitting refuge for hackers and cyber crooks?

According to a number of well-informed individuals, it is a combination of inadequate legislation, a police force that lacks knowledge and authority, poverty, and politics heavily influenced by corruption and organized crime.

As the five Ukrainian hackers who have allegedly used the Conficker worm to syphon over $72 million from US bank accounts still walk around free while the inve...

Posted on 14 March 2012.

Thales announced its Key Management Device (KMD) for payment hardware security modules (HSMs) to provide high assurance security for the critical task of forming cryptographic keys securely from components.
This capability, critical to enabling secure key exchange between communicating parties, reduces the risk of component exposure that exists with traditional approaches by enabling direct key component entry into a tamper-resistant security module (TRSM).

This als...

More than half of IT leaders (62 percent) fear that malware is growing more sophisticated faster than they can upgrade their analysis capabilities. Additionally, 58 percent cited the growing number of threats as their biggest worry for 2012, according to Norman.
"It is widely recognized that the volume and sophistication of threats continues to grow dramatically, yet many organizations are only incrementally adding resources to better understand these threats," said Darin Andersen, vice pres...

by Mirko Zorz - Wednesday, 14 March 2012.

The past 10 years represent a very interesting timeframe for reviewing vulnerability disclosures and ensuing changes that continue to affect risk management in IT organizations around the world.

Vulnerability disclosures across the industry in 2011 were down 11.8 percent from 2010. The overall vulnerability severity trend has been a positive one. Medium and High severity vulnerabilities have steadily decreased since their high points in 2006 and 2007...

Posted on 14 March 2012.

At the CanSecWest conference held last week in Vancouver, a team of vulnerability researchers from French security firm VUPEN has managed to hack Microsoft's Internet Explorer 9 on a fully patched Windows 7 SP1 machine.

They managed to bypass the browser's DEP and ASLR protection with a 0-day heap overflow vulnerability, and then used a separate memory corruption bug to break out of its Protected Mode.

As VUPEN founder Chaouki Bekrar claims, the memory corruption bug...

Posted on 14 March 2012.

AirTight Networks introduced device fingerprinting techniques in its SpectraGuard Enterprise WIPS and AirTight Cloud Services that provide BYOD security and detection, classification and policy enforcement for smart devices connecting to enterprise networks.
The BYOD trend is causing new security concerns for enterprise network and data security administrators. Corporate users (e.g. employees, contractors) are accessing enterprise network and data, and bypassing cor...