Criminals like to attack the biggest target because BIGGER generally provides a better Return On Investment (ROI). Windows is a good example. Mac is indeed safer than Windows but it isn’t necessarily because Mac is more secure

View original post here:
I’m Feeling Lucky?

Google recently announced its latest service Google Buzz , which is considered as the company’s first step in entering the social-networking scene. Naturally, hordes of Internet users became interested in the new application.

The rest is here:
The Buzz on Google Buzz Malware

A recent study published by 7Safe, UK Security Breach Investigations Report , analyzed 62 cybercrime breach investigation and states that in “86% of all attacks, a weakness in a web interface was exploited ” (vs 14% infrastructure) and the attackers were predominately external (80%). These results are largely consistent with the US-based Verizon Data Breach Incident Report (2008) which tracks over 500 cases

See original here:
Infrastructure vs. Application Security Spending

Would somebody please tell us why there’s so much hype regarding privacy issues and Google Buzz ? Buzz integrates into Gmail… an e-mail service that reads (i.e.

The rest is here:
Google’s Buzz, there is no such thing as bad publicity…

Just a quick note to readers to be aware of e-mails purportedly from Gmail administrators. One of our Fellows recently received a message from “The Google Mail Team” asking users to verify their account details to combat “anonymous registration of accounts”: The reply-to address is listed as ‘verifyscecssze@gmail.com’, which obviously isn’t an official Gmail admin account. Meanwhile, the domain name gmeadmailcenter.com is registered to a Catholic church in Michigan.

Link:
Gmail Phish

A new spam campaign gives the phrase “too good to be true” a whole new spin: spammed messages purporting to come from Google in response to job applications. While most spammed messages take advantage of a specific special occasion , holiday , or even a currently newsworthy item , spammers have hit a new low with their latest scheme.

See original here:
Spammers Fake Responses from Google Job Applications

There are several security issues affecting all major Web browsers that have remained unaddressed for years (probably because the bad guys haven’t leveraged them aggressively enough, but the potential is there). The problem is that the only known ways to fix these issues (adequately) is to “break the Web” — i.e. negatively impact the usability of a significant and unacceptable percentage of websites

Read more:
The Web won’t be safe, let alone secure, unless we break it

The recent attacks on Google and other large organizations (currently being referred to by others as Aurora, Google Attacks, Hydraq) were a set of carefully orchestrated, sophisticated and highly complex attacks. They comprised malicious threats to all three communication vectors – email, web and files, plus most notably, a zero-day vulnerability in Internet Explorer.

Originally posted here:
Trend Micro To Help Proactively Protect Against Zero-Day Attacks like the recent IE Explorer Exploit

After the earthquake that hit Haiti last week, January 12, the Internet was flooded with requests for financial donations, although it may be noted that not all of which were true to their stated intentions. Martin Roesler, Trend Micro Director of Threat Research, warns users of the internet to be very careful when following links regarding the latest earthquakes in Haiti.

View post:
Haiti: Earthquake Unearths Malware

It has been about a week since news of the mysterious Hydraq Trojan (also known as Aurora) attack broke with the unveiling of a threat by Google to pull its operations out of China. In between then and now there has been a lot of rumour and debate about all aspects of this attack with many truths and mistruths being carried in public.

Read the original here:
The Trojan.Hydraq Incident