News

• Duqu, Stuxnet link unclear

  A report by Dell SecureWorks on Wednesday debunked the idea that the newly discovered Duqu Trojan is related to last year's Stuxnet worm or was created by the same authors.

• Spammers create their own URL shortening services

  Spammers have created their own services to shorten URLs (uniform resource locators) in an apparent attempt to circumvent security measures in place at well-known shortening websites, according to Symantec.

• Hard to fully assess Duqu threat yet, researchers say

  As new information about Duqu continues to come out, some experts are starting to question whether the danger posed by the trojan has been exaggerated.

• Security roundup for Oct. 21: Duqu for you; Google Apps in LA; researching smartphones

  Symantec last week was the first to get the word out about Duqu, the newly discovered network espionage malware designed to go after industrial control systems. It was quickly dubbed "Son of Stuxnet" by the media, and Symantec said 50% of the code base seems to be the same used in Stuxnet.

• Despite Stuxnet, Duqu, control system flaws still overlooked

  Efforts to strengthen critical infrastructure targets continue to focus on front-end systems rather than on underlying industrial control systems where the real problems exist, security experts warned this week.

• FAQ on son of Stuxnet

  What is Duqu?

• Symantec, McAfee differ on Duqu threat

  Two top security vendors appear to have come to slightly different conclusions about the specific dangers posed by a newly discovered Trojan program called Duqu .

• Duqu Trojan a precursor to next Stuxnet, Symantec warns

  Security vendor Symantec is warning of a new malware threat that it says could be a precursor to the next Stuxnet.

• Survey shows shift to cloud-based services, despite concerns

  A survey of 5,300 IT and security managers in 38 countries about cloud computing offers a vivid snapshot of expectations, anxieties and sometimes shattered hopes.

• Symantec updates flagship storage, high availability suites

  Symantec Corp. this week unveiled version 6.0 of its flagship storage management and high availability suite of products, which include upgrades designed to help users build private-cloud architectures out of existing infrastructures.

• iPad data LP: Security savior or strong-arm tactic

  It's a late night, and you've fired up Facebook on your ACME.com company-owned iPad to post some bad news. "A reduction in workforce is going to happen this week," you type into your update status field and tap the post button.

• Protect iPad data without hobbling users

  Concerned about sensitive corporate data that lives on employees' iPads finding their way to places they shouldn't? Symantec says it has an answer to that risk, and it won't get in users' way. In early 2012, it plans to deliver an extension to its data loss prevention (DLP) product that enables DLP filtering from the iPad or, more precisely, from files, emails, and any other communication sent via HTTP and HTTPS from an iPad through the network.

• Symantec makes cloud-based security service available for corporate trials

  Symantec today said its new cloud-based single sign-on (SSO) service called O3 is available to enterprise customers to test.

• Catching up with mobile security threats

  Development of enterprise mobile apps has been moving more slowly than development of consumer-facing apps, according to Gartner. One main reason is IT leaders' concerns about the security of mobile devices, which are often employees' personal devices, and are vulnerable to being lost, hacked or stolen. While there are plenty of established tools and practices for keeping Web visitors from straying (or hacking) into sensitive corporate data, managing security across a diverse set of mobile devices remains a challenge, IT experts say.

• Scammers pretend to be friendly office printers

  Hackers have found a new hook to trick people into opening malicious attachments: send emails that purport to come from office printers, many of which now have the ability to email scanned documents.