For the first time in recent memory, the United States is no longer among the world’s premier spam distributors. In fact, the US isn’t even in the top ten, according to a new report from Kaspersky Lab.
Microsoft on Tuesday released (again) the five security bulletins for its September Patch Tuesday. None of the fixes being released today is rated critical, with all five being rated important. Three of the bulletins fix flaws that could result in code execution.
Adobe has released its quarterly patch update for Acrobat and Reader, fixing a total of 13 vulnerabilities in the two applications. The flaws affect Reader on Windows, Unix and OS X and Acrobat for Windows and OS X.
Perhaps no segment of the security industry has evolved more in the last decade than the discipline of software security. At the start of the 2000s, software security was a small, arcane field that often was confused with security software. But several things happened in the early part of the decade that set in motion a major shift in the way people built software: the publication of Bill Gates’s Trustworthy Computing memo, the release of Building Secure Software and Writing Secure Code, and a wave of high-profile attacks such as Code Red and Nimda that forced Microsoft, and ultimately, other large software companies, to get religion about software security. To get some persepctive on how far things have come, Threatpost spoke with Gary McGraw of Cigital about the evolution of software security since 2001.
QR tags have become the next big thing in interactive marketing. But as smart phone users flock to the trendy, postage-stamp sized bar codes, researchers are warning that they could be used to hijack mobile phones by directing them to malicious Web pages.
The ripple effects of an August attack on the website kernel.org washed up on the Linux Foundation last week, forcing the group to take down its Web site and warn users that their account information may have been compromised.
Adobe is set to release “critical” security updates on a number of their products on Tuesday as part of their monthly patch update to fix critical vulnerabilities in Adobe Reader and Acrobat.
It was December 8, 2000 – the waning days of the Clinton Administration. Richard Clarke, a member of President Clinton’s National Security Council, was addressing attendees at SafeNet 2000, a conference sponsored by Microsoft Corp. that brought together computer security experts from around the country to talk about ways to increase cooperation around cyber security.
A rare mistake by Microsoft’s security team resulted in the company’s September software patches to be released to the public days early.
Apple has finally released a fix for the certificate trust issue caused by the attack on DigiNotar, more than a week after the fraudulent certificates were identified and other browser vendors moved to revoke trust in them. However, the company did not update the mobile version of Safari to remove the certificates in iOS.
Infosec Insider content is written by a trusted community of Threatpost cybersecurity subject matter experts. Each contribution has a goal of bringing a unique voice to important cybersecurity topics. Content strives to be of the highest quality, objective and non-commercial.
Sponsored Content is paid for by an advertiser. Sponsored content is written and edited by members of our sponsor community. This content creates an opportunity for a sponsor to provide insight and commentary from their point-of-view directly to the Threatpost audience. The Threatpost editorial team does not participate in the writing or editing of Sponsored Content.
