Saturday, January 2, 2010

Internet Security News: December 31st

This Free IT-Security news feed was compiled and is provided by E-Secure-IT; the most comprehensive and complete Business Risk Management Intelligence Service and IT-Security Risk and Threat Early Warning Service available in the market today.  They offer a 30 day complimentary subscription. 

Visit them at or email for more information on their available services.

 Social networks an ideal crime vector: McAfee 
 (from theage at 31-12-2009) 
 Social networks will face increasingly sophisticated hacker attacks in 2010 but law enforcement is expected to make strides in fighting cybercrime, according to Web security firm McAfee Labs. "The explosion of applications on Facebook and other services will be an ideal vector for cybercriminals, who will take advantage of friends trusting friends to click links they might otherwise treat cautiously," McAfee said.... read more» 

 Whoops! F.C.C. Chairman Spams Facebook Friends 
 (from nytimes at 31-12-2009) 
 Facebook scam artists have closed out 2009 by snagging a prominent victim: Julius Genachowski, chairman of the Federal Communications Commission. On Friday morning at around 10:30 a.m., Mr. Genachowski sent his Facebook friends this puzzling message: “Adam got me started making money with this.” It was followed by a link to a Web page that is no longer active. The messages indicated that Mr. Genachowski’s account had been taken over by a malicious program that was using it to send out spam.... read more» 

 Tweets, sexting "unfriended" in U.S. banned word list 
 (from Reuters at 31-12-2009) 
 After thousands of nominations of words and phrases commonly used in marketing, media, technology and elsewhere, wordsmiths at Lake Superior State University on Thursday issued their 35th annual list of words that they believe should be banned. Tops on the Michigan university's list of useless phrases was "shovel-ready." The term refers to infrastructure projects that are ready to break ground and was popularly used to describe road, bridge and other construction projects fueled by stimulus f... read more» 

 The World’s Top 10 Spammers 
 (from newsweek at 31-12-2009) 
 1. Canadian Pharmacy 2. Leo Kuvayev a.k.a. BadCow 3. HerbalKing 4. Vincent Chan a.k.a. 5. Aleksei Polyakov a.k.a. Alex Blood 6. Nikhil Kumar Pragji a.k.a. Dark-Mailer 7. Pyotr Levashov a.k.a. Peter Severa 8. Yambo Financials 9. Ruslan Ibragimov a.k.a. 10. Rove Digital... read more» 

 Hacker rattles 21,000 iPhone unlockers 
 (from theregister at 31-12-2009) 
 Hackers have mailed 21,000 customers of iPhoneUnlockUK to remind them the company uses unlicensed software, and that their details have been compromised. E-mails were sent out to customers of the iPhone unlocking service, with claims that iPhoneUnlockUK is guilty of stealing software and selling it illegally. The mail goes on to recommend that customers demand their money back from the company.... read more» 

 White Paper - FISMA: Achieving & Maintaining Compliance to Ensure Security of Systems & Data 
 (from govinfosecurity at 31-12-2009) 
 In 2002, Congress passed the E-Government Act, containing the Federal Information Security Management Act (FISMA). This law requires federal agencies - and the foundations, educational institutions, and organizations that receive federal funds to develop, document, and implement information security programs to protect the confidentiality, integrity and availability of the data and systems that support agency operations and assets.... read more» 

 Cybersecurity Year in Review: 10 Top Happenings 
 (from govinfosecurity at 31-12-2009) 
 Excitement swept through the corridors of power in the nation's capital as the year began with the Jan. 20 inauguration of Blackberry-toting Barack Obama, the most tech-savvy president ever to occupy the Oval Office. 1: That Cybersecurity Vision Thing 2: Czar Wars 3: Legislation 'R' Us 4: Summer Breaches 5: CAG: A No Brainer 6: IT Celebrity Cult 7: The Departed 8: Transformational Guidance 9: Help Wanted 10: Retooling NIST... read more» 

 Conficker Expects to Dominate Botnets and Malware in 2010 
 (from spamfighter at 31-12-2009) 
 Security researchers have predicted that the existing Conficker worm will continue to spread its infection in 2010. According to Rodney Joffe (Senior Vice President and Senior Technologist of Neustar), the Conficker menace will stay during the remaining days of December month and carry on in the New Year (2010). The expert, who is also the Director of Conficker Working Group, comments that the worm has no concern for holidays, as reported by SCMagazine on December 18, 2009.... read more» 

 2010: A good year for fighting cybercrime? 
 (from Net-Security at 31-12-2009) 
 McAfee Labs believes cybercriminals will target social networking sites and third-party applications, use more complex Trojans and botnets to build and execute attacks, and take advantage of HTML 5 to create emerging threats. McAfee Labs also predicts 2010 will be a good year for law enforcement’s fight against cybercrime.... read more» 

 Penn State warning 30,000 of privacy breach 
 (from Philly at 31-12-2009) 
 Pennsylvania State University says the Social Security numbers of nearly 30,000 individuals may have been exposed because of a privacy breach caused by infected university computers. A school spokeswoman said yesterday that there was no evidence the information had been accessed by unauthorized parties, but that the university was being cautious in notifying people their information was on an infected computer.... read more» 

 75 computers stolen at Purdue; 29 more were packed to go 
 (from journalgazette at 31-12-2009) 
 Purdue University is beefing up security at the campus’ computer labs following the theft of 75 computers from two buildings. Officials said 60 computers were taken Saturday from Stanley Coulter Hall and 15 computers were taken Dec. 18 from the Civil Engineering Building. After Saturday’s thefts, police discovered that 29 computers had been placed in bubble wrap but had not been removed from another building, Heavilon Hall. Purdue spokesman Jim Bush says campus police are stepping up pa... read more» 

 IT security forecast 2010: Hope for the best and prepare for the worst 
 (from SC Magazine at 31-12-2009) 
 It's that time of year again. Time to recap the things which happened in the past year and give our predictions for what will happen in the future. Are you ready for prognostications of doom...and malware in our phones and our microwaves and cars? Or can we finally dispense with that tradition, once and for all?... read more» 

 Belarus to toughen control over Internet 
 (from Yahoo News at 31-12-2009) 
 Belarus' authoritarian leader is promising to toughen regulation of the Internet and its users in an apparent effort to exert control over the last fully free medium in the former Soviet state. "We will identify any person who disseminates lies and dirt, and will make them answer strictly to the law," President Alexander Lukashenko said Wednesday. He told journalists that a new Internet bill, proposed Tuesday, would require the registration and identification of all online publications and... read more» 

 Jimbo asks online folk to play nice, be civil 
 (from The Register at 31-12-2009) 
 The co-founder of Wikipedia is once again calling on internet surfers to adopt good manners online. Jimmy Wales co-wrote an opinion piece for the Wall Street Journal yesterday in which he griped about "carelessly rude to the intentionally abusive" behaviour on social networking sites, blogs and forums. The Wiki one also adopted a more serious stance about what he described as a "vastly underreported" phenomenon of adults suffering hostility online.... read more» 

 Fox Sports Web Site Infected 
 (from Softpedia at 31-12-2009) 
 Security researchers warn that the Fox Sports website has been compromised by unknown attackers, who injected malicious code into a custom error page. There are two separate offensive script tags, each of them created by a different infection. The page was detected by the ThreatSeeker Network system developed and operated by Websense, a Web security vendor. Security researchers investigating the suspicious link determined that it was pointing to a custom "Page not Found" document, displayed i... read more» 

 2010 Security Outlook: Reply Hazy, Try Again 
 (from DarkReading at 31-12-2009) 
 Every year, Dark Reading editors are subjected to a hail of email from vendors, researchers, and analysts offering "predictions" for the coming year. While some of these predictions are based on actual data gathered by researchers who analyze security trends, the vast majority of these predictions often seem a bit random, if not completely arbitrary. We suspect the widespread use of Ouija boards, crystal balls, tea leaves, and chicken entrails. Seriously, folks, is this the best the securi... read more» 

 X-Box 360 theft suspect busted after online gaming sesh 
 (from The Register at 31-12-2009) 
 An alleged X-Box 360 thief was tracked down after he forgot to disable the game console's auto sign-in feature before hopping on the net. Jeremy Gilliam, 22, from the Bronx in New York City, was arrested after the victim of a theft noticed a gametag he had set up in a recently stolen console had appeared online. The victim told his parents who, in turn, notified the police.... read more» 

 ACM SAC 2010 - Welcome to the 25th Symposium On Applied Computing 
 (from ACM at 31-12-2009) 
 The conference will be held on the campus of the University of Applied Sciences Western Switzerland (HES-SO) in Sierre, Switzerland. Designated hotels are situated in Crans-Montana, the ski resort. The discussion takes examples from the work of many currently active groups in various academic and industrial organizations, and gives special attention to the developments taking place at the ETH Chair of Software Engineering and Eiffel Software in the area of software verification (both tests ... read more» 

 Lawsuit alleges corporate negligence in loss of 30 million Facebook MySpace usernames and passwords 
 (from EXAMINER at 31-12-2009) 
 An Indiana man has filed a lawsuit against the software company RockYou, accusing it of failing to protect it’s customers personal data. RockYou is a developer of online apps ike "SuperWall" on Facebook and "Slideshow" on MySpace. As reported earlier this month, the attack enabled a hacker to steal the personal information of over 32 million users.... read more» 

 No More Dragons: the 26th Chaos Communication Congress Ends 
 (from Avert Labs at 31-12-2009) 
 With a dazzling laser show, the 26th Chaos Communication Congress (26c3) in Berlin, the last big security conference of 2009, has ended. 26c3 has simply outgrown the location it has occupied for the last few years, but this may be offset by a very successful experiment: allowing full remote access to the conference network via VPN for those who couldn’t attend. Other conferences should consider this as well, especially as air travel becomes less and less attractive.... read more» 

 Phishing attacks soar in December 
 (from v3 at 31-12-2009) 
 Phishing attacks soared in December as cyber criminals looked to capitalise on the higher number of online shoppers in the run up to Christmas, according to new research from managed security firm Network Box released today. The firm’s analysis of web-based threats in December 2009 shows that just over 57 per cent of all threats were phishing attacks, compared to 28.3 per cent in November.... read more» 

 Trojans and Botnets Improve Sophistication Level in 2009 
 (from spamfighter at 30-12-2009) 
 As per the managed security company Network Box, the year 2009 has witnessed a major rise in the sophistication level of malware assaults, particularly Trojans. The firm asserts that Trojans like Urlzone, Clampi and ZeuS, which have not only been designed to steal private and financial details, but also to conceal their activities while doing the crime, have seen a remarkable improvement in the sophistication level this year.... read more» 

 Microsoft confirms IIS hole 
 (from h-online at 30-12-2009) 
 Microsoft has confirmed the security hole in its IIS web server, but hasn't disclosed which versions of the product are affected. According to the finder of the "semi-colon bug", versions up to and including version 6 are vulnerable. The hole allows attackers, for instance, to camouflage executable ASP files as harmless JPEG files and upload malicious code to a server.... read more» 

 2010 to bring new resolutions, new attacks on Adobe software 
 (from Arstechnica at 30-12-2009) 
 Cybercriminals will begin to migrate their focus from Office to Adobe's applications in 2010, according to security research firm McAfee. In its 2010 Threat Predictions report, the company said that exploits in Adobe Reader and Flash would become prime targets for hackers looking to spread malware in the coming year, along with social networking sites and even HTML 5.... read more» 

 10 big cloud trends for 2010 
 (from itworld at 30-12-2009) 
 Cloud computing is clearly worming its way into the enterprise, especially as a testing and development environment and as a platform for less than critical apps and services. But cloud vendors are, in short, still trying to grow up and become a platform for business-critical applications. They're already working on standards and security issues, improving service level agreements and encouraging vendors to embrace the meter of pricing based on software use -- not per-seat cost.... read more» 

 Russian coppers arrest Internet whistleblower 
 (from theInquirer at 30-12-2009) 
 RUSSIAN COPPERS have a great way of dealing with whistleblowers who show up how corrupt they are - they arrest them and charge them with corruption. According to Reuters, a former policeman accused senior officers of corruption in a series of video blogs which he posted online. Instead of investigating the accused officials, the Russian police apparently decided it was easier to arrest the whistleblower. We guess they knew where he lived. Former police major Alexei Dymovsky became a househ... read more» 

 The top ten Clu-blogs of 2009 
 (from Sophos at 30-12-2009) 
 2010 is looming large, which can only mean one thing - it's time to break my holiday sabbatical and compile my annual list of the most popular Clu-blog posts of the year. Yep, fill your glasses, put another log on the fire, and prepare to find out what were the most read posts on this blog during 2009. In true beauty contest tradition, I'll start by running down positions in reverse order, from 10 to 6.... read more» 

 Cybercriminals will target filesharing sites in 2010, warn security experts 
 (from Telegraph at 30-12-2009) 
 Hackers and cybercriminals will move away from launching attacks through websites and applications in favour of launching them through filesharing networks, say computer experts at Kaspersky Labs. There has been growing evidence this year that hackers favour torrent sites for spreading malicious software and viruses, with several viruses, including the Virut virus and a Trojan aimed at computers running Apple's Mac OS X system, already propagating through filesharing services.... read more» 

 How security will look in 10 years 
 (from ZDNet at 30-12-2009) 
 Tom Espiner surveys the security landscape for the shape of things to come. When my editor asked me to predict what would happen to security over the coming year, and over the next 10 years, my heart sank. The permanency of internet publishing, caching and so forth means predictions have a habit of coming back to haunt you.... read more» 

 Top 10 Security Nightmares of the Decade 
 (from PCWorld at 30-12-2009) 
 Blame the Internet for the latest decade of security lessons. Without it, you probably wouldn't even recognize the terms phishing, cybercrime, data breach, or botnet. Let's revisit the top security horrors of the past ten years, and try to remember what we learned from each.... read more» 

 The unstoppable growth of Internet crime 
 (from bangkokpost at 30-12-2009) 
 In 2009 cyber crime grew larger than the illegal drug trade, the spread of malware continued unabated and the first proof-of-concept iPhone and Mac viruses proved that no platform is immune once it is large enough to catch the eye of cyber criminals.... read more» 

 Guilty Plea Is Entered in Hacking Case 
 (from WSJ at 30-12-2009) 
 A computer hacker who helped orchestrate one of the largest credit-card thefts in U.S. history pleaded guilty to two counts of conspiracy and wire fraud in the final of three cases brought by federal prosecutors. Albert Gonzalez of Miami has been accused of invading the computer systems of several major retailers and stealing tens of millions of credit and debit card numbers.... read more» 

 Why Can't the Law Get the Crooks? 
 (from Washington Post at 30-12-2009) 
 Victor Rodriguez wants to know why law enforcement agencies can't stop the criminals infecting our PCs. Believe it or not, authorities do occasionally catch cybercriminals. Just last month, British detectives arrested two suspects who may have been involved with the ZeuS/Zbot Trojan.... read more» 

 Lessons learned by IT in 2009 #1: 'Net neutrality' is a myth 
 (from Betanews at 30-12-2009) 
 Betanews begins its transition to the new decade with an examination of the critical issues that taught us valuable lessons in the past year. If you're old enough to remember 1999, you may remember the sense of wonder, possibility, and dreams yet to be fulfilled that was drummed up by what used to be called the "media," during the much-celebrated rollover of the odometer. The first decade of the new millennium hit us squarely between the eyes, awakening us to the colder, more tangible realit... read more» 

 2010 prediction roundup 
 (from SunbeltBlog at 30-12-2009) 
 It’s the time of year to make predictions. I only have one: in 2010, governments around the world will BEGIN to increase their efforts to do something about the massive malware threat that every Internet user on the planet faces. It’s going to be controversial and difficult legally and technically. It’s going to cost serious tax money, political capital and diplomatic work to counter this crime wave that is like nothing the world has ever known.... read more» 

 How this weekend's attempted Terrorist attack relates to IT 
 (from SANS at 30-12-2009) 
 In case you were spending time with your family this weekend and not watching the news, there was an attempted Terrorist attack on a flight from Amsterdam to Detroit, USA on December 25th. As a result, the US Gov't stepped up security. Adding more Air Marshalls, increasing security screening at checkpoints, explosive sniffing dogs, and not allowing people to use PED's during portions of the flight.So, how does this relate to Information Security?It's not enough to ramp up the security that ... read more» 

 Crime prevention and youth get together - The workshop objective of exposing students to issues on cyber and organised crime 
 (from sun-u at 30-12-2009) 
 Sunway University College, the Malaysian Crime Prevention Foundation (MCPF), Selangor Chapter and the Royal Malaysian Police jointly organised a one-day "Psychological Crime Issues in the Modern World" workshop recently. This workshop for university students was organised with the objective of exposing students to issues on personal safety, commercial, cyber and organised crime so they may gain a better insight on crime prevention. Mr. Ryan Connoly of Team Cymru Asia gave a talk on "Preventin... read more» 

 Adobe to be Prime Target for Malware in 2010 
 (from Yahoo at 30-12-2009) 
 2009 is drawing to a close, and 2010 is almost upon us. The Chinese calendar says 2010 is the Year of the Tiger, but a report released from McAfee claims it could be the year of Adobe malware. Traditionally, the most common target for malware is Microsoft. Microsoft holds a dominant stake of the operating system, office productivity, and Web browser markets, so it's only logical that malware developers would want to fish in the pool with the most targets.... read more» 

 Twitter bans obvious passwords 
 (from Help Net Security at 30-12-2009) 
 An applause for Twitter which has recently made it so that when you sign up for an account you can't use one of those very obvious passwords. Here is a list of these passwords (courtesy of The Wundercounter). 111111 11111111 112233 121212 123123 etc.... read more» 

 Wikileaks suspends ops to launch pledge drive 
 (from The Register at 30-12-2009) 
 Wikileaks has temporarily suspended operations while it launches a pledge drive. The whistle blowing site is taking time out until 6 January to ask for support in many forms, not just donations. Wikileaks is appealing for help from volunteer coders, offers of free legal assistance and hosting support as well as cash donations. The site has promised not to accept corporate or government finance in order to protect its integrity.... read more» 

 Y2K - Some Y2K fixes in 1999 were real quick-hacks 
 (from F-Secure at 30-12-2009) 
 It's now the end of 2009. Ten years ago, at the end of 1999, IT professionals around the world were busy overhauling computer systems to make them 2000 compliant. This meant double-checking all legacy software and hardware to make sure the century roll-over wouldn't cause problems.... read more» 

 O2 grovels for London network failure 
 (from The Register at 30-12-2009) 
 O2 has apologised for the repeated network failures in the capital before Christmas, claiming it was caught unawares by excessive data use. The apology was delivered to the Financial Times so aimed at shareholders rather than customers. It admits that O2 coverage in London has been lamentable since the summer, and promises that more base stations and a swift kick to Nokia Siemens will fix everything.... read more» 

 Adobe predicted as top 2010 hacker target 
 (from The Register at 30-12-2009) 
 Adobe will overtake Microsoft as the primary target for hackers and virus writers in 2010, net-security firm McAfee predicts. Attacks targeting vulnerabilities in Acrobat Reader and Flash are already commonplace, driven in part by that software's widespread use. The often-tricky update process and lack of user awareness that apps as well as browsers and Windows need updating further compounds the problem of PDF-based malware - which McAfee reckons will only increase next year.... read more» 

 Providence Health Plans glitch exposes personal data 
 (from KGW at 30-12-2009) 
 Providence Health Plans is re-issuing thousands of insurance cards after personal information was accidentally sent to the wrong policy-holders. Officials with Providence Health Plans say about 4,500 mailings were sent out with the incorrect group and member ID numbers, meaning that some policy holders received others’ information. Officials noticed the problem Monday.... read more» 

 Hacking industry heads top five data security threats for 2010s, warns Imperva 
 (from iTWire at 30-12-2009) 
 Imperva predicts five key security trends for the 2010s: · The industrialisation of hacking, with clear definition of roles developing within the hacking community forming a supply chain that starkly resembles that of drug cartels. · A move from application to data security as cyber-criminals look for new ways to bypass existing application security measures and focus on obtaining the valuable data itself via insider.... read more» 

 Houston Secureworld Expo, February 10 - 11, 2010, Reliant Center 
 (from secureworldexpo at 29-12-2009) 
 SecureWorld Expo provides security education and training with nearly 60 sessions including: Cloud Computing, End Point Security, Data Privacy, Risk Management, PCI Compliance, Cybercrime and much more. Exhibit floor featuring nearly 50 exhibitors with the latest products and services available to effectively secure your enterprise. Earn 12-16 CPE credits toward your CISSP certifications. SecureWorld regional conferences deliver the most affordable, highest quality security education, tr... read more» 

 Philadelphia SecureWorld Expo 2010, 12 May-13 May 2010, Valley Forge Convention Center, Philadelphia PA 
 (from secureworldexpo at 29-12-2009) 
 SecureWorld Expo provides security education and training with nearly 60 sessions including: Cloud Computing, End Point Security, Data Privacy, Risk Management, PCI Compliance, Cybercrime and much more. Exhibit floor featuring nearly 50 exhibitors with the latest products and services available to effectively secure your enterprise. Earn 12-16 CPE credits toward your CISSP certifications. SecureWorld regional conferences deliver the most affordable, highest quality security education, trai... read more» 

 Records of 30,000 at Penn State hacked 
 (from Post-Gazette at 29-12-2009) 
 Penn State University says it is working to notify some 30,000 individuals whose Social Security numbers may have been compromised by a computer breach before Christmas. In a statement, the university said it began on Dec. 23 sending out letters notifying those potentially affected by the malware infections, which are believed responsible for the breaches.... read more» 

 Security in the Ether 
 (from technologyreview at 29-12-2009) 
 In 2006, when Amazon introduced the Elastic Compute Cloud (EC2), it was a watershed event in the quest to transform computing into a ubiquitous utility, like electricity. Suddenly, anyone could scroll through an online menu, whip out a credit card, and hire as much computational horsepower as necessary, paying for it at a fixed rate: initially, 10 cents per hour to use Linux (and, starting in 2008, 12.5 cents per hour to use Windows). Those systems would run on "virtual machines" that could ... read more» 

 Top 10 Security Blogs of 2009 
 (from channelinsider at 29-12-2009) 
 1. Poor Password Management Eclipses Virus Problem 2. Don't Worry About Security Reputation 3. Congressional Ethics Leak Demonstrates DLP Shortcomings 4. Global Warming Email Hack Reveals Value of Routine Correspondence 5. Survey Shows Ignorance Works in Security VARs' Favor 6. Ballmer Blames Security for Vista’s Failure 7. 80% of Security Products Fail to Meet Expectations 8. Adobe: The New Black Hole of App Vulnerabilities 9. My 12 Favorite Security Mergers 10. Morro Could Mark the Su... read more» 

 2009 in review: Security 
 (from v3 at 29-12-2009) 
 - Drive-by downloads - Fake anti-virus - Attacks via social networking sites - Piggy-backing on popular events - Conficker - Botnets and spam; a marriage made in heaven... read more» 

 Protecting Against Cyber Crime 
 (from KCBS at 29-12-2009) 
 Internet security experts said hackers were more sophisticated this year in stealing identity or tapping into credit card accounts. Social networking sites Facebook and Twitter were both attacked by computer hackers in 2009. And Internet security expert Ryan Calo of the Stanford Center for Internet and Society said this is not just a problem in the United States.... read more» 

 Top 10 scams hurt consumers 
 (from news-sentinel at 29-12-2009) 
 Better Business Bureau of Northern Indiana is releasing the 10 top scams nationwide in 2009. “Every scam listed in this release has touched consumers in our service area,” said Michael Coil, President/CEO of BBB of Northern Indiana. “The importance of immediate attention to these scams on a national scale can have a huge impact on whether hundreds of thousands of dollars are lost or saved.... read more» 

 Former Executive Accused Of Selling Data From Matchmaking Firm 
 (from DarkReading at 29-12-2009) 
 A former executive of a matchmaking service firm in China is accused of stealing the personal data of about 16,000 registrants and attempting to sell it to other matchmaking firms. According to a news report by Yomiuri Shimbun, the Chiba-based matchmaking firm, Web In Chiba Prefecture, is planning to lodge a criminal complaint over theft and other crimes against the 49-year-old former board member, who allegedly removed the information before he quit the firm in August 2006.... read more» 

 Episode 31 of the Who and Why Show: Botnet Basics 
 (from YouTube at 29-12-2009) 
 In the 31st episode of Team Cymru's 'The Who and Why Show', we walk through the fundamentals of the three basic types of botnet Command and Control (C&C) technologies: IRC (Internet Relay Chat) based, HTTP (or Web) based and P2P (Peer-to-peer) based. We also explain how botnets are used to steal money in the Underground Economy as well as looking at how the latest botnet technology has evolved in the last few years. For more information : read more» 

 2010 Predictions: the Year of a Major Social Networking Security Breach? 
 (from Avert Labs at 29-12-2009) 
 With the New Year just days away, it’s time for McAfee Labs 2010 Threat Predictions. What should you be wary of in the coming year? Social networks. Sites such as Twitter and Facebook have changed the way we communicate, interact, and share on the web. As user bases for the top online social destinations reach record highs, cybercriminals are building out their criminal toolkits, taking advantage of new technologies, third-party applications, and hotspots of activity to exploit users.... read more» 

 Top Security Stories of 2009 
 (from EWeek at 29-12-2009) 
 1) Conficker Countdown 2) Cyber Security Coordinator 3) Gonzalez and His Gang Taken Down 4) Social Networking Security and You 5) Apple iPhone Security Woes 6) Hacktivists Stay Busy 7) Electric Grid Security Lights Out 8) F-35 Fighter Plans Hijacked by Hackers... read more» 

 Top 10 tech stories of the decade 
 (from ComputerWorld at 28-12-2009) 
 While the computer industry in the 1990s thrived as corporations re-engineered business processes to incorporate IT, this decade has seen technology truly become part of mainstream culture and commerce via the Internet and ever-cheaper and smaller computing devices. Yes, the Internet revolution began in the '90s, but it was not until this decade that 14-year-olds raced ahead of professionals in figuring out how to tap social networks with hundreds, and sometimes thousands, of contacts. Here,... read more» 

 Cyber criminals threaten to dampen New Year celebrations 
 (from Business-Standard at 28-12-2009) 
 Be careful this time around as cyber criminals armed with a new set of web threats, including viruses, spam and cyber-scams, would be on the prowl to trap gullible internet users. Hackers use their best schemes during holidays to steal people's money, credit card or net-banking information. Following seasonal trends, these thieves create holiday-related websites and other convincing emails that can trick even the most cautious internet users, say experts.... read more» 

 Gartner Identity & Access Management Summit, 3 - 4 March 2010, Lancaster London, UK 
 (from Gartner at 28-12-2009) 
 The Gartner Identity & Access Management Summit will help you to exploit the full potential of new and future IAM investments, to fully realize their risk-management and governance benefits and their direct business value.... read more» 

 InfoSec World Conference & Expo 2010, 19 April-20 April 2010, Disney's Coronado Springs Resort, Orlando, FL 
 (from Misti at 28-12-2009) 
 InfoSec World offers a curriculum of hard-hitting topics that will help you avoid the dangers facing your systems and organization. Your time and money are precious. InfoSec World 2010 will save you both by offering a carefully orchestrated agenda full of practical advice to navigate the minefields that threaten information security --- and your job. Whether you need to know how to prevent data leakage in a Web 2.0 environment, the best free tools to conduct a Wi-Fi audit, the security hazard... read more» 

 2010 Conference on Optical Document Security will be held 20 - 22 January 2010 in San Francisco 
 (from opticaldocumentsecurity at 28-12-2009) 
 Optical Document Security – the follow-up to the biannual Conference on Optical Security and Counterfeit Deterrence Techniques focuses on technical and scientific developments in optical security for valuable documents and products. The conference offers a platform to researchers, developers, manufacturers and users of security to present their findings, new work and new techniques on a technical and scientific level. Some of the most significant developments in banknote and identity documen... read more» 

 H2 2009 E-Threats Landscape Report - Malware and Spam Trends 
 (from BitDefender at 28-12-2009) 
 Year 2009 witnessed a wide range of security threats aiming at both end-users and at corporate networks. The Downadup worm (also known as Conficker or Kido) took a dramatic surge and managed to stay one of the top three global e–threats during 2009. Although not entirely dangerous (as variants A, B and C had no malicious payload), its spreading mechanisms and its resistance to detection may be regarded as the cornerstone of the upcoming breeds of highly-destructive malware.... read more» 

 Fake antivirus & smartphone attacks are 2010's top threats 
 (from pcadvisor at 28-12-2009) 
 Smartphones based on Google's Android present a different situation. Google has not made itself the gatekeeper of applications, but malware disguised as helpful applications could end up on Google application stores and people could end up downloading malicious code, unaware of the consequences.... read more» 

 Code That Protects Most Cellphone Calls Is Divulged 
 (from nytimes at 28-12-2009) 
 A German computer engineer said Monday that he had deciphered and published the secret code used to encrypt most of the world's digital mobile phone calls, in what he called an attempt to expose weaknesses in the security of the world’s wireless systems. The action by the encryption expert Karsten Nohl aimed to question the effectiveness of the 21-year-old GSM algorithm, a code developed in 1988 and still used to protect the privacy of 80 percent of the world's mobile calls.... read more» 

 Chinese hackers linked to Warmergate climate change leaked emails controversy 
 (from dailymail at 28-12-2009) 
 The investigation into the so-called Warmergate emails - the leaked data from the University of East Anglia’s climate change department - took a new twist last night when The Mail on Sunday tracked the stolen messages to a suspect computer which provides internet access to China. The address used to post the emails is also on an international ‘black list’ which highlights suspicious behaviour on the internet.... read more» 

 Computers monitored in Chinese Internet cafes for crackdown on illegal online games 
 (from english.people at 28-12-2009) 
 China has put more than 4.65 million computers in over 81,000 Internet cafes across the country under watch to crack down on illegal online games, according to Minister of Culture Cai Wu. In an interview with Xinhua, Cai said the ministry has closed 219 illegal Internet games with lewd, pornographic and violent contents, and has blocked the access to illegal games and relevant websites for more than 87 million times since the beginning of this year.... read more» 

 U.S. Cyber challenge to defeat criminal identity theft 
 (from EXAMINER at 28-12-2009) 
 President Obama has chimed in with a directive to review the nations cyber security as it relates to security and our critical infrastructures. CNN recently reported about the “U.S. Cyber Challenge” to find and develop 10,000 cybersecurity specialists to help the U.S. regain the lead in cyberspace. In its simplest form, the U.S. Cyber Challenge participants are white-hats in training who play a game called NetWars, which is an online version of Capture the Flag, with competitors vying to pene... read more» 

 Security Predictions For 2010 
 (from ComputerWorldUk at 28-12-2009) 
 1. Cloud security standards emerge. By the end of 2010, we’ll see a framework emerge for establishing a well defined set of technology, practices, and processes, organised into different levels of trust. Ultimately, adherence to these specifications will need be certified by third parties. The effort won’t be complete, but it will be underway. Look to the government as key industry (other than the vendors) driving this effort. COROLLARY: The use of cloud will take off as adopting organisation... read more» 

 Cyber criminals threaten to dampen New Year celebrations 
 (from rediff at 28-12-2009) 
 Shopping online for a New Year gift? Or clicking on that New Year e-greeting link? Be careful this time around as cyber criminals armed with a new set of web threats, including viruses, spam and cyber-scams, would be on the prowl to trap gullible internet users. Hackers use their best schemes during holidays to steal people's money, credit card or net-banking information.Following seasonal trends, these thieves create holiday-related websites and other convincing emails that can trick even th... read more» 

 Hackers Wreak Huge Holiday-Time Fraud 
 (from officialwire at 27-12-2009) 
 Computer hackers obtained information belonging to an Anchorage, Alaska, retailer that pertained to between 150 and 1,000 credit card users, police said. Police said credit card fraud on the part of what appears to be an organized national scheme started trickling in about a month ago and rapidly grew during the holiday shopping season, the Anchorage Daily News reported Wednesday.... read more» 

 Dentist's Account Missing Nearly $400K 
 (from News4jax at 27-12-2009) 
 A St. Johns County dentist office recovering from a recent phone sex attack is now trying to recover nearly $400,000 missing from the account of the dentist targeted by the harassing calls. Thousand thinks it may have been a recent work trip to the Bahamas that gave crooks the chance to gain access to his computer and cell phone. "Somebody could have come in the room and put some sort of trojan horse on the computer I have there on my laptop and went from there," Thousand said.... read more»

Disqus for ePayment News