Welcome!

Security News Desk

Subscribe to Security News Desk: eMailAlertsEmail Alerts
Get Security News Desk via: homepageHomepage mobileMobile rssRSS facebookFacebook twitterTwitter linkedinLinkedIn


Top Stories by Security News Desk

Web Security Journal: There's been a flurry of discussion this week among Internet and Web standards heavy-hitters around WebSocket, the new communications protocol supported in Chrome 4 and Safari 5. What was the main issue? Is there some kind of fundamental security vulnerability with the WebSocket (WS) protocol? John Fallows: When surfing the Web, our browsers may communicate with Web servers via HTTP proxies that deliver many benefits, such as providing previously cached Web content more efficiently than repeatedly contacting the target server. These proxies may be either explicitly configured at the browser or they may form part of the general network topology to intercept the communication path implicitly. Securely encrypted Web communication cannot be intercepted by such proxies. Members of the Hypertext Bidirectional (HyBi) IETF Working Group recently comp... (more)

"Security Requires Fundamentally New Thinking About Software," Says Gates

Bill Gates's e-mail last week - "Microsoft Progress Report: Security" - began by noting that, while malicious code is nothing new, "only in the last few years have the Internet, high-speed connections and millions of new computing devices converged to create a truly global computing network in which a virus or worm can circle the world in a matter of minutes." "Meanwhile," Gates continued, "criminal hackers have become more sophisticated, creating and distributing digital epidemics like Slammer, Blaster, Sobig and Mydoom that spread almost instantaneously, threatening the potent... (more)

Linux Kernel Bug Found...and Quickly Fixed

Although "trivially" fixable - and already fixed - a "kernel-crasher" bug was discovered by Øyvind Sæther, a young Norwegian programmer, earlier this week. The exploit could be used, Sæther reported, to take down several "lame free-shell providers" servers. Stressing that hacking is an illegal activity in most parts of the world, Sæther posted several patches to 2.4 and 2.6 kernels designed to keep the exploit from crashing systems Although the bug doesn't give an attacker any other control of a Linux system than crashing it, Linus Torvalds was fast to act and had already fixed i... (more)

Cloudmark and Qpass Team to Block Mobile Spam

Cloudmark Inc. and Qpass announced from the CTIA Wireless IT and Entertainment conference that they have partnered to provide mobile carriers all around the world with a new mobile version of Authority, Cloudmark's award-winning gateway solution, to protect against spam, malware and other attacks targeting wireless devices. With Cloudmark delivered through Qpass, mobile operators can rapidly deploy Authority to selected subscribers as a value add or paid service to protect its users, strengthen customer satisfaction and reduce churn. With Cloudmark, subscribers become a part of ... (more)

Ubuntu Moves into Enterprise Linux with IBM's DB2 Certification

Ubuntu has successfully gone through the stringent process whereby IBM ensures that DB2 Universal Database for Linux operates in the Ubuntu environment. By working closely together, IBM and Ubuntu have shown that DB2 UDB and Ubuntu deliver a stable environment in which to run business applications using DB2 as the chosen database. The combination of this certification and the recently announced server edition of Ubuntu opens up new opportunities for users and developers to access the power of DB2 UDB on Ubuntu. Enterprises of all sizes can now leverage the strengths of DB2 UDB an... (more)