Google released a new version of its Chrome browser Thursday to fix a high-severity security problem.

The problem affects Google's mainstream stable version of Chrome and is fixed in the new version 1.0.154.59 (download). Google has built Chrome so it updates itself automatically with no user intervention, though the software must be restarted for the new version to run.

The security problem, reported April 8 by Roi Saltzman of the IBM Rational Application Security Research Group, allowed cross-site scripting attacks. Such methods can make a Web browser process unauthorized code such as JavaScript, enabling a variety … Read more

SAN FRANCISCO--It will likely come as no surprise to anyone familiar with virtual worlds and online games that they can be hacked. But what might come as a shock is the sheer breadth of types of exploits that are possible.

That was the broad message of a Thursday panel called, appropriately, "Exploiting Online Games" at the RSA 2009 security conference here.

Moderated by Gary McGraw, CTO of software security consulting firm Cigital and an author of several books, the panel took the audience on a deep dive into the diverse ways that hackers and others have figured out … Read more

Updated 7:50 a.m. PDT April 24 to specify that the infection was in the U.S.

SAN FRANCISCO--The Conficker worm infected several hundred machines and critical medical equipment in an undisclosed number of U.S. hospitals recently, a security expert said on Thursday in a panel at the RSA security conference.

"It was not widespread, but it raises the awareness of what we would do if there were millions" of computers infected at hospitals or in critical infrastructure locations, Marcus Sachs told CNET News after the session. Sachs is the director of the SANS Internet Storm … Read more

A laptop's value is more than meets the eye. Intel says stolen laptops cost corporate owners more than $100,000 in some cases, in a study announced Wednesday.

The study on notebook security, commissioned by Intel and conducted by the Ponemon Institute, states that laptops lost or stolen in airports, taxis, and hotels around the world cost their corporate owners an average of $49,246 "reflecting the value of the enclosed data above the cost of the PC," Intel said.

Analyzing 138 instances of lost and stolen notebooks, the study based the $49,246 price tag on … Read more

Editors' note: In the original version of this blog, we used the beta name for this product. The official name is OnlineFamily.Norton.

Back in February, Symantec debuted a new security program that sought to help parents talk to their kids about how they use the Internet. OnlineFamily.Norton has been a free beta since then, but this Monday at midnight, the program will leave beta and remain free at least until the end of 2009. The program was originally called Norton Family Online.

This parental control suite provides parents with an interesting and possibly unique approach to online child … Read more

SAN FRANCISCO--Technology is not enough to help the security industry keep botnets from stealing peoples' money and committing denial-of-service attacks, a top botnet researcher said on Wednesday. His suggestion? Stop the flow of money to their coffers.

"We need to disrupt their business model and make it hard for them to carry out their attacks and make money," Joe Stewart, a security researcher at SecureWorks, said in an interview at the RSA 2009 security conference here.

"Right now, it's risky to surf the Internet with a PC," he said. "I would like to see … Read more

This story was originally published at CBSNews.com.

Somewhere deep in Washington's national security apparatus, more than a few old-timers surely pine for the clarity of the Cold War. Black versus white, American versus Russian, spy versus spy--the good old days.

Now, however, they face more ephemeral threats from shadowy foes that prefer to cloak their identities.

"There's a cyberwar going on," said Ed Giorgio, who spent nearly 30 years with the National Security Agency before starting an IT security consultancy in 2007. The problem, he says, is that identifying an online adversary isn't as easy as pinpointing an enemy tank formation.

"Adversaries are just as likely to be nationalists as they are likely to be countries," said Giorgio, echoing a theme that cybersecurity experts say is likely to shape the Pentagon's approach to building Internet defenses in an increasingly networked world.

The extent of the problem was hinted at earlier in the day by Defense Secretary Robert Gates. In an upcoming 60 Minutes interview, Gates told CBS News anchor Katie Couric that the United States is "under cyberattack virtually all the time, every day" and that his department will more than quadruple the number of experts to battle cyber attacks. … Read more

In past years, I looked at the RSA security conference as a high-tech flea market staffed by the world's best security carnival barkers. Yes, important security topics were discussed, but the real focus of the show was selling products and doing deals.

This year's event has its share of tacky presentations and booth babes, but I'm hearing a lot of chatter about a far more important topic: the state of information security and its impact on us all. Finally, the combination of unending data breaches, sophisticated malware, and the very real cybersecurity threat has everyone paying attention. … Read more