Security


Microsoft Buys Mobile Authentication Company

Microsoft has acquired PhoneFactor, a provider of two-factor authentication for mobile applications.

Microsoft Updates Free Windows Security Tool for Enterprise

Microsoft released version 3.0 of its Enhanced Mitigation Experience Toolkit for Windows software on Tuesday.

SQL Azure Labs Offers Security Service for Data in the Cloud

Microsoft cloud users can monitor the security of their databases using SQL Azure Security Services, a monitoring service prototype released by SQL Azure Labs.

Windows 8 Hardware Specs Reignite Secure Boot Debate

Initial fears by the Linux community that Microsoft's requirements for secure boot on Windows 8 machines would thwart Linux use appear to be half-correct.

Banking on the Cloud: Financial Institution Adopts Google Apps

Google is making inroads with its cloud-based suite of Google Apps. The company inked its largest deal to date with Banco Bilbao Vizcaya Argentaria (BBVA), the second-largest banking institution in Spain.

Microsoft Issues Critical Patch for ASP.NET Apps

Microsoft released an out-of-band security bulletin on Friday aimed at patching all versions of the .NET Framework to prevent potential elevation of privilege attacks in ASP.NET-based Web sites.

Microsoft Updates Windows Intune Cloud Service

Microsoft released a major update to Windows Intune, a PC management and security service aimed at mid-size organizations, that became publicly available in March.

Microsoft: October Security Update Patches .NET and Silverlight

Microsoft released its October Security Bulletin alerting users to eight patches, including a critical fix for .NET and Silverlight.

Microsoft Research Secures Windows with SAGE Fuzz Testing

Most fuzz-testing tools use the blackbox approach of throwing random inputs at a program without knowledge of the code. For the last two years, Microsoft has used a whitebox fuzz-testing method developed by Microsoft Research to reduce security flaws in its Windows x86 software.

Microsoft's Nadella Talks about Azure, Office 365

The new head of the Microsoft Server and Tools Business, Satya Nadella, took the stage on Wednesday at the GigaOM Structure event to talk about Windows Azure and cloud computing adoption. Nadella spoke publicly about the company's strategy for the first time since replacing longtime Microsoft executive Bob Muglia in February.

Unplugged: Google Blames Chrome Breach on Adobe Flash

French security group Vupen announced that vulnerabilities in the Google Chrome browser running on Windows allowed its researchers to bypass all security features, including the browser's sandbox mode.

French Security Firm Hacks Chrome

Google Chrome has survived hacker contests for more than two years. Now a security firm claims it's found a zero-day exploit of Chrome running on Windows.

Microsoft's May Security Patch Is Light After Massive Load in April

The May Security Bulletins address remote code execution vulnerabilities in Windows Server and Microsoft Office.

FBI To Disable Coreflood Malware on Private PCs

Federal officials will act against Coreflood malware by sending commands that cause the botnet to remove itself, using the same network the perpetrators used to spread and update Coreflood.

Google Promotes Security and Reliability of its Cloud Operations

In the wake of Amazon's cloud outages, Google on Friday disclosed more information about the physical security, data protection and reliability of its data centers.

Microsoft BPOS Meets Federal Security Standards

In November Microsoft received authorization for its datacenters based on FISMA requirements. Now BPOS-Federal can be used in those datacenters.

Feds Take Action Against Coreflood Botnet Ring

The Coreflood botnet ring is believed to have been in operation for over 10 years, infecting approximately 2.3 million computers--1.86 million in the United States.

Massive April Security Patch from Microsoft Addresses 64 Flaws

This month's patch includes critical fixes for the .NET Framework, scripting engines and other Microsoft Developer Tools.

Microsoft's March Security Update Doesn't Address MHTML Flaw

The March security patch, released on Tuesday, addresses four vulnerabilities related to remote code execution exploits in Windows and related applications.

Cyber War Dominates the Landscape at RSA Conference

Cyber war has emerged as the hot topic at annual RSA Security Conference being held this week.