Software engineers who attend Microsoft's annual Windows Hardware Engineering Conference later this month could get their first taste of a new Windows user permissions model that could change the way thousands of programs are developed and run. But as the company prepares for the final Longhorn development push, questions remain about its plans for a new user privileges model called Least-Privilege User Account, or LUA.
Stories by Paul Roberts
Beware of Web postcards bearing greetings. That's the advice from The SANS Institute's Internet Storm Center (ISC), which is warning about e-mail messages that pose as Web postcards, then direct recipients to a Web site that installs a Trojan horse program.
A new round of so-called "pharming" attacks is targeting the .com Internet domain, redirecting some Internet users who are looking for .com Web sites to Web pages controlled by the unknown attackers.
A new service from e-mail security vendor MessageLabs uses encryption to protect e-mail sent between business partners over the Internet, the company announced Wednesday.
Security software company Symantec acknowledged that software flaws in some of its antivirus products could allow malicious hackers to use denial of service (DOS) attacks to crash systems running the software, disrupting automatic protection features.
Computer Associates International (CA) has purchased technology for finding and purging unused user IDs on mainframe computers, the company announced Tuesday.
Leading global telecommunications companies, ISPs (Internet service providers) and network operators will begin sharing information on Internet attacks as members of a new group called the "Fingerprint Sharing Alliance," according to a published statement from the new group.
A company that offered US$25,000 for the first virus that automatically spreads among Apple Computer computers running the OS X operating system cancelled the virus writing contest and retracted the offer of cash, citing concerns about legal liability.
The Mozilla Foundation issued a patch Wednesday for a previously undisclosed hole in its popular Firefox Web browser and is encouraging Firefox users to download the software update as soon as possible.
Enterprise management software company BMC Software is continuing its identity-management buying spree, announcing that it is buying OpenNetwork Technologies, a maker of Web access management and single sign-on technology, for US$18 million in cash.
New technology from IBM is designed to stop spam by identifying the Internet domain it came from, and can help spot online scams such as phishing attacks and e-mail spoofing.
A new report released by security company Symantec found that incidents of online identity theft scams, also known as "phishing attacks," skyrocketed in the second half of 2004, as did spam and new software vulnerabilities. But other Internet blights, such as zombie networks of compromised computers, or "bots," actually declined.
With a little bit of technical acumen and a few hundred dollars, enterprising thieves can walk away with some late model cars and gas them up for free to boot, according to research published by computer security experts at The Johns Hopkins University (JHU) in Baltimore and RSA Security's RSA Laboratories in Bedford, Massachusetts.
Stealthy, remote system access programs called "rootkits" could fuel the next big wave of malicious code, and are already beginning to influence the design of new Internet worms and viruses, according to security experts. Now security software companies are sitting up and taking notice, releasing software that can spot and remove rootkits from infected systems.
Technology isn't going to protect e-commerce customers -- stronger government regulation is what will get the attention of online banks and merchants, forcing them to stop being casual about security, said Bruce Schneier, founder and chief technology officer of Counterpane Internet Security.