Security researchers from antivirus vendor Trend Micro have come across a Web-based attack that exploits a known vulnerability in Windows Media Player. "Earlier today, we encountered a malware that exploits a recently (and publicly) disclosed vulnerability, the MIDI Remote Code Execution Vulnerability (CVE-2012-0003)," Trend Micro threat response engineer Roland Dela Paz said in a blog post on Thursday.

For such a small device, the plastic, handheld USB flash drive can cause big security headaches. Even if you have robust end-point security and establish rigid policies about employee use of these drives, employees still find a way to copy financial reports and business plans for use at home. While other security breaches are more traceable, a flash drive is more difficult to monitor, especially after the employee leaves work.

Apple recently has improved its mobile device management features, but IT groups are discovering a new set of challenges when they start to move to larger numbers of iOS devices, MacIT conference attendees are confirming this week.

CloudPassage is launching a new security product for virtual servers in public clouds such as Amazon Web Services that it says takes care of the all-important need for security when using services from infrastructure providers.

In honor of National Data Privacy Day this Saturday, Jan. 28, we've put together a list of the 15 worst Internet privacy scandals of all time. These high-profile privacy scandals involve many underlying technologies, from search to social media, email to voice mail, mobile phones to Webcams to GPS. But at the heart of all of these privacy scandals are companies collecting personal data without the user's knowledge or consent and then either sharing it with third parties or simply failing to keep it safe.