Product News

Apple updates Snow Leopard, preps for Lion

By

Apple on Thursday released an update to Mac OS X Snow Leopard (10.6), closing multiple vulnerabilities that could allow an attacker to run malicious code on an affected system.

Gartner sees 11 percent software security revenue jump

By

Thanks to compliance requirements and a threat environment marked by growing sophistication, sellers of software security products are expected to earn more than $16.5 billion in revenue this year, an 11.3 percent jump from 2009, according to a Gartner forecast released this week.

FaceTime sells name to Apple

By

FaceTime Communications has sold its trademark to Apple. The computing giant plans to call its new iPhone video calling application FaceTime. The Belmont, Calif.-based FaceTime Communications, which currently offers instant messenger, web and unified communications security, plans to rebrand itself and announce a new name in the coming months, the company said in a statement. — DK

LifeLock settles with FTC over ID theft product claims

By

LifeLock will pay $11 million to the Federal Trade Commission (FTC) and $1 million to a group of 35 state attorneys general to settle charges that the Tempe, Ariz.-based company made false claims that its product could prevent identity theft.

Fortinet to become first IT security IPO since 2008

By

Fortinet, maker of UTM appliances, is set to make a rare IT security initital public offering.

Newly branded M86 buys Finjan for web gateway security

By

Trying to meet the demands of larger businesses in their fight against web threats, M86 on Tuesday acquired Finjan.

Google to offer webmasters samples of malware code

By

A new feature from Google is designed to help website administrators identify malicious code on their sites.

WCL partners with OPSWAT

By

West Coast Labs (WCL), an independent test facility for information security products and services, has partnered with OPSWAT, a provider of development tools that power software application manageability. The alliance will allow for the incorporation of data from WCL's Checkmark Certification program into the OPSWAT OESIS Framework, a development toolkit for managing endpoint security applications. — CAM

Security Essentials ready

By

The final version of Microsoft Security Essentials is now available for download. According to the company, the software provides real-time protection for PCs against viruses, spyware and other malicious software. The free consumer solution is backed by research from the Microsoft Malware Protection Center (MMPC), enabling it to quickly respond to new threats and placing it in competition alongside offerings from Symantec and McAfee in the anti-virus market. — CAM

Gartner finds IT security spending up eight percent

By

The global software security market still is growing despite a far-reaching recession.

Microsoft releases free tools for security development

By

Microsoft has released two new tools that developers and testers can leverage to meet the requirements of the company's industry-accepted SDL software security assurance process.

Firefox pings Flash users

By

Users who upgrade to the next versions of the Firefox web browser -- 3.5.3 and 3.0.14, due out Wednesday -- will be notified if they are running a vulnerable version of the Adobe Flash Player, Mozilla's "Human Shield" Johnathan Nightingale announced Friday. The move comes out of concerns that a majority of Flash users are running out-of-date versions of the software. Nightingale said the warnings will enable people to avoid crashes, stability issues and other security problems. Mozilla plans to partner with other plug-in providers to offer similar alerts. — DK

Actimize buys Fortent

By

Actimize, provider of anti-fraud solutions for financial firms, announced Monday that it has acquired its biggest competitor, Fortent, for $73.5 million. The deal will enable New York-based Actimize to offer customers an "integrated platform" for money laundering prevention, brokerage compliance and case and investigation management, according to a news release. The company, a subsidiary of NICE Systems, is expected to generate $100 million in business in 2010. Fortent, also based in New York, was founded in 1993 and is best known for creating statistically based anti-money laundering technology. — DK

AV makers fault Apple on Snow Leopard malware scanner

By

The new anti-virus feature in Snow Leopard could entice cybercriminals to create more Mac malware, say security firms.

Snow Leopard to contain anti-malware component

By

Apple appears to be getting at least somewhat serious about security, with plans to include an anti-virus mechanism in the next version of its Mac OS X.

NAC firm ConSentry closes

By

ConSentry Networks is the latest network access control (NAC) vendor to bite the dust. The Milpitas, Calif.-based company, which lately had shifted its focus to making LAN switches and controllers, closed its doors last Thursday, according to Network World, which broke the story. No one at ConSentry answered the telephone on Tuesday, and an email went unreturned. Earlier this year, Trustwave acquired Mirage Networks, and in March 2008, prominent NAC player Lockdown Networks went out of business. Experts said pure-play NAC providers have had trouble competing against bigger companies. -- DK

Microsoft leads browsers in malware, phishing defense

By

Surprised? Microsoft came out on top in a recent test that studied how well the leading web browsers respond to malware and phishing.

China backs off on web filtering software mandate

By

The Chinese government has bowed to criticism over its internet filtering software requirement.

Fluke snares AirMagnet

By

Everett, Wash.-based Fluke Networks, which installs, tests, certifies and monitors networks used by enterprises and telecommunications carriers, announced Thursday that is has acquired AirMagnet, provider of wireless LAN security solutions. The deal -- terms of which were not disclosed -- is expected by some industry observers to make Fluke a leader in Wi-Fi testing. Sunnyvale, Calif.-based AirMagnet is best known for its WLAN security and performance management offering. — DK

Forrester: The good and bad of security technologies

By

A new report says web application firewalls and intrusion prevention systems are necessary technologies for many businesses, but intrusion detection systems and network behavior anomaly detection technologies are declining in popularity.

It's official: Microsoft to offer free anti-malware service

It's official: Microsoft to offer free anti-malware service

By

Next week, Microsoft will make available to consumers a new, free anti-malware service to replace its subscription model.

Windows 7 ships Oct. 22

By

Microsoft's Windows 7 will go into general commercial availability on Oct. 22, according to a Microsoft spokeswoman. The company did not announce prices for the several versions it plans, but said it will introduce a program -- a "Tech Guarantee" or Windows Upgrade Option -- that enables people who buy current PCs with Vista to get a free upgrade to the new Windows 7 software when it becomes available. — CAM

Google's new Chome browser comes with privacy option

By

Google has introduced its latest version of Chrome, and claims to have enhanced speed and privacy features.

Microsoft releases SDL tool

By

Microsoft on Tuesday released a free tool to help application developers better secure their programs. The SDL (Secure Development Lifecycle) Process Template for Visual Studio Team System provides a framework -- including auditable requirements -- for building security into applications. The offering complements previous Microsoft SDL releases: Optimization Model, Pro Network and Threat Modeling Tool. Microsoft developed SDL in 2004 to address security vulnerabilities in its software. The program is credited with reducing vulnerabilities in Vista and SQL Server. — DK

Oracle to acquire Virtual Iron

By

Redwood City, Calif.-based Oracle has agreed to acquire Virtual Iron Software, a vendor of server virtualization software that addresses a variety of data center issues. Oracle said the incorporation of Virtual Iron's technology is expected to provide more dynamic resource management across the full software stack. The deal is pending approvals and is expected to close this summer. Meanwhile, the companies will operate independently. Financial details were not disclosed. Lowell, Mass.-based Virtual Iron was founded in 2003. — GM

Microsoft changes AutoRun

By

Microsoft is planning to update its Windows platforms so that their AutoRun features - one of the preferred vectors for spreading the infectious Conficker worm - does not support USB sticks, the company announced Tuesday. In the next version of the operating system, Windows 7, AutoRun - a technology that automatically runs programs when media is plugged into a PC - only will work for CDs and DVDs. Engineers plan to extend this change to Vista and XP platforms. — DK

Microsoft Forefront now in the clouds

By

Microsoft has extended its Forefront brand and is now putting messaging security into the cloud.

ActiveX flaw detector released

By

The CERT Coordination Center at the Carnegie Mellon Software Engineering Institute in Pittsburgh on Thursday released a free, open-source tool that software developers can use to detect ActiveX vulnerabilities. Dubbed Dranzer, the tool was tested on 22,000 ActiveX controls produced by more than 5,000 organizations. Dranzer is designed for use during the quality assurance phase of software creation and can help prevent flaws, such as buffer overflows, from being shipped in software to the public. — DK

OWASP releases code guide

By

The Open Web Application Security Project (OWASP), an open-source project, has announced a free, 216-page guide for how to review code for application vulnerabilities. The book complements the already released "OWASP Security Developer Guide" and the "Security Testing Guide." The latest publication is "part of OWASP's strategy to make application security visible and enable the market to support the development of secure application software," according to the organization. — DK

"High-priority" Firefox patch being readied

By

A new patch for Firefox is being readied for shipment early next week to fix a vulnerability detected on Wednesday.

Sign up to our newsletters

RECENT COMMENTS

FOLLOW US