Think Information. Think Security.
 
Picture
Microsoft Windows and Microsoft Office users must take note of these updates. The latest patch will prevent attackers from remotely executing arbitrary codes in your system.

Microsoft fixed 22 bugs with July’s Patch Tuesday update release, which closed security holes in Windows, including a critical flaw in the Bluetooth stack.

Microsoft addressed 22 security vulnerabilities across four security bulletins in July’s Patch Tuesday update. Three of the patches fix issues in the Windows operating system.

The four bulletins patched issues in all versions of the Windows operating system and in Microsoft Visio 2003 Service Pack 3, Microsoft said in its Patch Tuesday advisory, released July 12. Of the patches, only one has been rated “critical.” The remaining three are rated "important," according to Microsoft.


 
Picture
The PDF vulnerability apparently still lingers in iOS.

Last week Germany's Federal Office for Information Security issued a warning claiming that a security hole in several versions of iOS leaves users vulnerable to malicious code contained in infected PDF files.

The exploit, originally uncovered by a team of hackers at JailbreakMe.com, grants the hacker administration privileges over Apple's devices, giving access to passwords, banking information, email, contact information and even allows for telephone conversation interception... all of which is undetected by the user. So far, the only available patch released to resolve the issue is for jailbroken Apple devices. And so far, there have been no reports of hackers actually taking advantage of this newly-discovered exploit.


 
Picture
Computers components and other electronics imports may increasingly contain malicious software, according to a Congressional cyber-security expert, adding to the growing list of cyber-security threats affecting the U.S. government.

Hackers may be able to inject bad code into components imported from overseas plants, planting tools to help them launch cyber attacks on the U.S., according to Representative Jim Langevin (D., R.I.).

"Corrupting hardware and software is embedded in the supply chain," Langevin said. "We have a real challenge on our hands to better secure the supply chain."


 
Picture
Hackers infected computers, derailed websites, and plundered networks in a memorably miserable quarter, according to a report released Wednesday by Internet security firm PandaLabs.

Hacking groups Lulz Security and Anonymous caused "widespread mayhem" during the three months ending June 30, and malicious software "spread substantially," according to the research unit of Spain-based Panda Security.

"This quarter has been one of the worst on record," PandaLabs said in a quarterly security report.

"The number of attacks suffered by businesses and large organizations has set alarm bells ringing as systems and companies that until now were considered 'hack-proof' have fallen victim to cyber-crime," the report continued.


 
Picture
British tabloid News of the World said today it is closing down over a phone hacking scandal in which workers for the Rupert Murdoch-owned newspaper allegedly snooped on voice mail messages left on the mobile phones of murder victims, as well as celebrities, politicians, and the British royal family.

If unethical journalists can do it chances are anyone can, right?

To test my theory I called up Kevin Mitnick, who wrote about the hacking and social engineering that landed him in jail in a fascinating book coming out this summer, "Ghost in the Wires," and who serves as a security consultant, helping clients prevent against privacy breaches such as this.


 
Picture
Mantra is an open source, Firefox-based security testing framework.

Mantra is an open source, browser-based framework for penetration testing and security assessments. It's based on Mozilla's Firefox Web browser, so it's cross-platform, and it's part of the Open Web Application Security Project — OWASP.

The following is an interview with the with project leader Abhi M. Balakrishnan to talk about Mantra and its goals.


 
Picture
Until your email is hacked, you may not know that you have a lot to protect. Various gadgets and devices are readily available to help you stop hackers, writes JAYNE AUGOYE.

The world over, hacking persists despite technological advancements and precautionary measures. With millions dollars lost on a daily basis to cyber crime, it remains a major challenge to individuals, organisations and government



 
Picture
An Internet Explorer vulnerability was patched after being actively exploited in the wild.

According to M86 Security, remote code execution vulnerability CVE-2011-1255, which was patched last month as part of bulletin MS11-050, was being exploited before Microsoft released details about the particular vulnerability.

M86 Security's Avri Schneider said that the company was asked to inspect the URL of a legitimate website of a large private company that was blocked by one of the proactive detection rules implemented in its Secure Web Gateway product.


 
Picture
Because home relax is a very relax environment and where parents-children bonding is happening.

Poor information security practices by employees and their children at home could have a negative effect on the security of networks at work, warned a new study by GFI Software.

A full 90% of parents who have work computers said they have taken them home and used them for non-work related purposes, and 37% of these said they let their teens use them as well, according to a survey of 1,070 adults and teenagers in GFI’s 2011 Parent-Teen Internet Safety Report.


 
Picture
The U.S. Department of Homeland Security (DHS) has issued a warning after a security researcher discovered software from a Chinese company contained bugs which hackers could exploit to launch attacks on critical infrastructure including utilities, Reuters reported.

The newswire wrote Friday that the DHS' Industrial Control Systems Cyber Emergency Response Team cautioned organizations against products from Beijing-based Sunway ForceControl Technology, which are said to be widely used in China to run infrastructure systems and to a lesser extent in other countries including the United States.