Latest security headlines from the Internet.
(Updated 07/22/2010)

07/22/2010 - Drop 'responsible' from bug disclosures, Microsoft urges Computerworld - Microsoft today pitched its own proposal for how software makers react to bugs reported by researchers, calling for a name change to describe the process it prefers. (Read full dispatch...)

07/19/2010 - New rootkit threatens all versions of Windows A highly dangerous zero-day rootkit is in the wild with no patches available yet. (Read full dispatch...)

07/14/2010 - R.I.P. Windows XP SP2 Computerworld - Microsoft on Tuesday officially retired Windows XP Service Pack 2 (SP2), the company's most significant service pack, several security experts said. (Read full dispatch...)

07/08/2010 - Microsoft Security Bulletin Advance Notification for July 2010 Microsoft Security Bulletin Advance Notification issued: July 8, 2010 Microsoft Security Bulletins to be issued: July 13, 2010 This is an advance notification of security bulletins that Microsoft is intending to release on July 13, 2010. (Read full dispatch...)

06/23/2010 - Apple patches the iPhone but leaves the iPad vulnerable Monday's iOS 4 patches a record 65 bugs, but the iPad will go unpatched until the fall (Read full dispatch...)

06/23/2010 - How HTML5 will change the Web HTML5 will spawn richer, more sophisticated Websites while also easing development. Here are nine ways the impact of HTML5 will be felt (Read full dispatch...)

05/27/2010 - Microsoft puts kibosh on Ballmer-at-WWDC rumor Computerworld - Contrary to widespread reports on the Web, Microsoft CEO Steve Ballmer will not show up on stage at rival Apple's annual developer conference, Microsoft said Thursday. (Read full dispatch...)

05/12/2010 - Microsoft Security Bulletin Summary for May 2010 This bulletin summary lists security bulletins released for May 2010. (Read full dispatch...)

05/11/2010 - Microsoft to end support for Windows 2000, XP SP2 July 13 Windows XP users can extend support at no cost by upgrading to SP3, but Windows 2000 users have no such option (Read full dispatch...)

05/11/2010 - Worms Attack Skype, Yahoo Messenger Security researchers at Symantec and BKIS report worms hitting users of Yahoo Messenger and Skype via malicious instant messages. (Read full dispatch...)

05/06/2010 - Microsoft goes small for next week's Patch Tuesday It plans to issue just two patches for Windows and Office (Read full dispatch...)

05/06/2010 - New Facebook features secretly add apps to your profile Apps, which seem related to Facebook's latest sharing features, are quietly added at sites such as the Gawker network of blogs, TechCrunch, and CNET (Read full dispatch...)

05/05/2010 - Report blames IT staff for school Webcam 'spying' mess The IT department of the Pennsylvania school district accused of spying on students using their school-issued laptops took the brunt of the blame in an independent report released Monday. (Read full dispatch...)

04/29/2010 - Major malware campaign abuses unfixed PDF flaw Message poses as e-mail reset instructions, plants worm that can spread via flash drive (Read full dispatch...)

04/23/2010 - McAfee apologizes for crippling PCs with bad update Blames changes in testing for letting buggy update get loose; users want to hear CEO say 'sorry' (Read full dispatch...)

04/22/2010 - Flawed McAfee update paralyzes corporate PCs Cripples Windows XP machines with endless reboots after critical system file quarantined (Read full dispatch...)

04/21/2010 - Other top-secret Apple projects found at a bar Secret investigation unfolds what else could be coming from Apple (Read full dispatch...)

04/20/2010 - Network Solutions sites hacked again Newest wave infects hosted sites, sends users to Ukrainian attack server (Read full dispatch...)

04/14/2010 - Hackers exploit new Java zero-day bug Song lyrics site redirects users to Russian attack server, which attacks IE, Firefox users (Read full dispatch...)

04/14/2010 - Microsoft Security Bulletin Summary for April 2010 With the release of the bulletins for April 2010, this bulletin summary replaces the bulletin advance notification originally issued April 8, 2010. For more information about the bulletin advance notification service, see Microsoft Security Bulletin Advance Notification. (Read full dispatch...)

04/09/2010 - Microsoft slates 25-patch Windows update for next week Double-digit Patch Tuesday to target flaws in Windows, Office and Exchange (Read full dispatch...)

04/06/2010 - Users experiencing iPad technical issues Apple's forums are already bristling with iPad pioneers running into serious problems (Read full dispatch...)

04/01/2010 - Google's April Fools hoaxes in 2010 Text-based YouTube videos, a new name for Google, and 12 more pranks. (Read full dispatch...)

Security Glossary

Authentication Establishing the identity of a user for secure e-commerce transactions and virtual private networking.

Broadband A term used to describe any high-speed network that can carry multiple services on the same line, such as data, voice, and video. DSL and cable are broadband.

Content Filtering A content filter allows schools, businesses, and other organizations to set and enforce Acceptable Use Policies (AUPs) governing what materials can and cannot be accessed on the organization’s computers.

Digital Certificates Best method for establishing user identities for e-commerce and virtual private networking.

DoS Denial of Service. A hacker attack designed to disable a server or network by bombarding it with service requests, which prevents legitimate users from accessing the network resource.

DHCP Dynamic Host Configuration Protocol. A protocol that allows IP addressing information to be dynamically assigned by a server to clients on an as-needed basis. IP addresses for the network are stored in a pool of available IP addresses, which are allocated when a computer on the network boots up. The DHCP server functionality is incorporated into routers and works in conjunction with NAT (Network Address Translation).

DNS Domain Name System. The name resolution service for IP addresses that provides the friendlier text based addressing used for Internet resources, such as www.sonicwall.com

DSL Digital Subscriber Line. The generic term that refers to the underlying technology inherent in all flavors of DSL, such as ADSL, SDSL, or ISDL.

Firewall A security device that controls access from the Internet to a local network by using information associated with TCP/IP packets to make decisions about whether to allow or deny access.

ICSA International Computer Security Association. The worldwide leader in security assurance services. ICSA operates the security industry’s product testing and certification body, ICSA Labs.

IP Internet Protocol. The network protocol that forms the basis of the networking functions of the TCP/IP, which is the basis of the Internet.

IPSec Internet Protocol Security. A robust VPN standard that covers authentication and encryption of data traffic over the Internet.

LAN Local Area Network. A data network that connects computers in an area usually within the confines of an office or building. A LAN enables users to share information and network resources, such as a printer or a broadband connection.

NAT Network Address Translation. An Internet standard that allows your local area network to use private IP addresses, which are not recognized on the Internet. The IP address used for the router is the only routable IP address. Computers behind NAT can access the Internet through the router but Internet users can’t access the computers behind the router.

Packet A unit of information that is sent across a packet-switching network, such as the Internet. A data packet contains addressing information, error checking, and user information in addition to the application data.

Proxy Server Session-level firewall that examine the data within IP packets to verify their authenticity. A proxy server accepts or rejects data traffic based on the entire set of IP packets associated with an entire application session to the same IP address. This upper level examination, however, causes significant performance degradation on your Internet connection. Proxy servers require a server and client software on each computer on the LAN.

Packet Filtering Typically implemented on routers, packet filters examine the individual data packets passing across the router. Examining data passing to and from a network, packet filters use rules to block access according to information located in each packet: the IP port number for which data is intended, source or destination address, or data type. A packet filter firewall is complex to set up and maintain and is vulnerable to IP spoofing and other security threats.

Router A device that routes data between networks through IP addressing information contained in data packets. A router forwards packets to other routers until packets reach their destination.

Stateful Packet Inspection Stateful packet inspection firewalls are based on advanced packet-filtering technology that is transparent to users on the LAN, requires no client configuration, and secures the widest array of IP protocols. Stateful Packet Inspection is also well suited to protect networks against the growing threat of Denial of Service attacks. Many network security experts recommend Stateful Packet Inspection as the most trusted firewall technology.

Virus Malicious software programs that attach themselves to applications and files in memory or on disks are a leading security threat to Internet-connected networks. Destructive viral code can infect networked PCs through E-mail attachments, web content or infected files.

VPN Virtual Private Network A way that private data can safely pass over a public network, such as the Internet. The data traveling between two hosts is encrypted for privacy along with other security features.