While you struggle to figure out whether your significant other would rather have jewelry, chocolate, flowers, or all of the above, Microsoft has an entirely different view on what to give for Valentine’s Day. Although we’re nearly half way through the month, it just so happens that today is the second Tuesday of February--and that means it’s Patch Tuesday.

As predicted in its Patch Tuesday preview last week, Microsoft released a total of nine new security bulletins today. Four of them are rated as Critical, and the remaining five are Important. I got some input from security experts to help you understand which updates are most urgent, and enable you to prioritize your patch management resources accordingly.

Next Tuesday is a big deal. Yes, it is Valentine’s Day, but that’s not what I’m talking about. It is also the second Tuesday in the month of February which makes it Patch Tuesday. Microsoft revealed today that there are nine new security bulletins slated for next Tuesday. Happy Valentine’s Day?

Of the nine security bulletins, four are rated as Critical and the remaining five are all Important. Based on the limited information Microsoft shares in the Patch Tuesday preview, the security updates impact Windows, Internet Explorer, Microsoft Office, the .NET framework, Silverlight, and Microsoft Server software.

There are only five days to Valentine’s Day. Those of you who are shocked by that revelation are prime targets for Valentine’s Day related spam and phishing attacks as hackers hope to catch you with your guard down for this day of romance.

Messages targeting Valentine’s Day are expected to quadruple globally in the coming days – in part because cyber criminals are adept at targeting holidays and current events as bait for attacks. An offer for a dozen roses for $5 might get some traction any time of the year, but with the clock quickly counting down to Valentine’s Day it has much higher odds of duping frantic lovers in search of a last minute gift.

“Do Not Track” technologies have become an increasingly standard part of the Internet today, offering users a variety of ways to protect their privacy as they surf the Web.

Yet while there are numerous anti-tracking tools out there to help users avoid being tracked--both within the leading browsers and as extra add-ons--many of them are browser-specific, confusing, or just plain difficult to use, according to a Carnegie Mellon University report from last fall.

Hard on the heels of the controversy that arose recently around Symantec and its claims that numerous apps on the Android Market were actually malware in disguise, Google on Thursday unveiled a new tool to help it identify malicious apps.

Symantec subsequently recanted its assertions, of course, but in the meantime there's now a service called “Bouncer” that aims to keep the Android Market free of malware by quietly and automatically scanning it for questionable apps.

VeriSign – the company behind the root DNS servers that provide the foundation for the Web, and formerly the largest encryption certificate authority – has revealed that it was repeatedly hacked in 2010. Details are sparse thus far, but the revelation calls into question the security of the Internet itself.

Let’s start with what (little) we know. The disclosure did not happen as a result of VeriSign discovering the breach and taking responsible, proactive action to alert customers and address the situation. No, VeriSign buried the information in a quarterly Securities and Exchange Commission (SEC) filing as if it was just another mundane tidbit.

Symantec stirred up controversy last week when it announced the discovery of apps in the Android Market that it deemed malicious. Symantec has now stepped back from calling the apps “malware”, but it still maintains that the apps in question do unwanted things that legitimate apps shouldn’t do…so what’s the difference, exactly?

First a quick recap. Symantec identified some apps from the official Android Market that were doing suspicious things, and dubbed the “threat” Android.Counterclank. Lookout Mobile Security took issue with the Symantec news and claimed that the apps are simply part of an “aggressive” ad network rather than malware. Upon further investigation, Symantec recanted on its malware claims and agreed that the apps are, in fact, adware or spyware.

It's been known for some time that there are security issues associated with the increasing use of RFID tags in credit cards, but this past weekend afforded a fresh demonstration of just how easy it is for hackers to take advantage of them.

Onstage at the Shmoocon hacker conference in Washington, D.C., Recursion Ventures security researcher Kristin Paget used about $350 in equipment to wirelessly read a volunteer’s RFID-enabled credit card and then encode its key data onto a blank card, as described Monday by Forbes.

If you're anything like me, you're usually quick to reach for the "Forgot Password" link on most webpages that you don't visit that often. Sure you could have your browser remember your passwords for everything, but that probably isn't the best approach when it comes to handling your login information.

Today, Norton launched a public beta of its new Norton Identity Safe service for Windows, Mac, iOS, and Android. Similar to 1Pass, Norton Identity Safe will store your website login info into an encrypted file that is protected by a single master password. That way, instead of having to remember several different passwords and usernames, you only need to remember the one.

Despite the popularity of real-time communications like instant messaging, as well as updates via Facebook and Twitter, most workplaces still use and rely on email. As handy as email can be, it can also be dangerous. Attachments can contain viruses, and email messages can hide phishing links that lead you to fake websites in an attempt to steal your login information.

Tech giants including Google and Facebook aim to establish a new standard called DMARC to reduce these threats in the future. For now, however, there are five things you can do to help secure your email.

SourceFire is a trusted name in information security. It has been around for over 10 years, and it is the steward of popular open source tools like Snort intrusion detection. Now, SourceFire is using big data analytics to give organizations better tools to fight malware with FireAMP.

FireAMP is a malware discovery and analysis platform that can identify advanced malware threats, and provide data necessary to understand the scope of the threat, and contain it. It uses a small agent on endpoints to relay data to FireCLOUD--a cloud-based analysis engine that uses big data analytics to identify and score threats that are missed by other security tools.

The hacker collective known as “Anonymous” has always been controversial. With the massive effort to retaliate for the takedown of file-sharing site MegaUpload.com, though, it may have cross the line from “hacktivist” to common cyber criminal.

In response to the United States government takedown of MegaUpload.com, Anonymous has joined the cause with distributed denial of service (DDoS) attacks aimed at knocking sites like the FBI, DOJ, White House, Universal Music, MPAA, RIAA, and others offline. In and of itself, the activity is not unusual for Anonymous.