Below is a round up of news stories relating to information security that we have collated from the past few days. For ease of use we have categorised the stories under the most appropriate headings. If there are other stories that may be of interest please let us know via the comments feature.
VULNERABILITIES
Security vulnerability in RealPlayer ActiveX
http://www.heise-online.co.uk/security/Security-vulnerability-in-RealPlayer-ActiveX–/news/110276Security flaws unearthed in Google’s Android
http://www.zdnetasia.com/news/security/0,39044215,62038565,00.htm
http://networks.silicon.com/mobile/0,39024665,39170282,00.htm
PATCHES
Vista And XP Users May Need Daylight-Saving Time Patch
http://www.informationweek.com/shared/printableArticle.jhtml?articleID=206902428Cisco hops onto patching treadmill
http://www.theregister.co.uk/2008/03/06/cisco_patch_cycle/Sun Microsystems addresses critical Java flaws
http://www.scmagazine.com/uk/news/article/789449/sun-microsystems-addresses-critical-java-flaws/Microsoft to deliver four patches in March cycle
http://www.scmagazine.com/uk/news/article/789440/microsoft-deliver-four-patches-march-cycle/
http://www.vnunet.com/vnunet/news/2211474/four-office-patches-coming
COMPUTER VIRUSES, WORMS & TROJANS
Automated malware hits Yahoo and Microsoft IM
http://www.zdnetasia.com/news/security/0,39044215,62038719,00.htm
EXPLOITS & ACTIVE ATTACKS
Attackers hijacking web site search engines to push malware
http://www.heise.de/english/newsticker/news/104790Chinese backdoors “hidden in router firmware”
http://www.pcpro.co.uk/news/173883/chinese-backdoors-hidden-in-router-firmware.htmlHigh-tech thieves steal PINs
http://www.smh.com.au/news/biztech/hightech-thieves-steal-pins/2008/03/08/1204998261302.htmlResearchers demo ‘easy’ Windows-based ATM hack
http://news.zdnet.co.uk/security/0,1000000189,39362134,00.htm
GOVERNMENT SECURITY ISSUES
Pentagon cyber attack more serious than previously assumed
http://www.heise.de/english/newsticker/news/104819
http://www.govexec.com/story_page.cfm?articleid=39456
http://www.theregister.co.uk/2008/03/06/pentagon_breach_assessment/India turns to Canada’s spies to avert threat of espionage via BlackBerry
http://business.timesonline.co.uk/tol/business/markets/india/article3516623.eceAustralia confirms cyber attacks
http://canberra.yourguide.com.au/news/local/general/australia-confirms-cyber-attacks/1198660.html
http://www.news.com.au/technology/story/0,25642,23335575-5014239,00.htmlCyber terrorism equates to ‘missile attack’
http://www.zdnetasia.com/news/security/0,39044215,62038725,00.htmDHS stages cyberwar exercise
http://www.metimes.com/Security/2008/03/10/analysis_dhs_stages_cyberwar_exercise/4c4c/Fed networks increasingly under siege
http://federaltimes.com/index.php?S=3411563E-games to test infrastructure security
http://news.theage.com.au/egames-to-test-infrastructure-security/20080306-1xnn.html
http://www.theregister.co.uk/2008/03/10/cyber_storm_ii_exercises/U.S. unprepared for ongoing cyberwar, say top military and intelligence officials
http://www.govexec.com/story_page.cfm?articleid=39466Nato beefs up cyber defenses
http://www.zdnetasia.com/news/security/0,39044215,62038562,00.htmPentagon bans Google from US bases
http://technology.timesonline.co.uk/tol/news/tech_and_web/article3503624.eceUK government data protection is a shambles
http://www.theregister.co.uk/2008/03/10/uk_gov_data_protection_shambles/
SPAM, PHISHING & ONLINE SCAMS
Google Report Highlights Spam As Top Security Issue
http://www.informationweek.com/shared/printableArticle.jhtml?articleID=206902563Gmail falls prey to spam bots
http://www.zdnetasia.com/news/security/0,39044215,62038708,00.htmCybercrooks beating CAPTCHA to send more spam
http://www.scmagazine.com/uk/news/article/789445/cybercrooks-beating-captcha-send-spam/eBay warns of Romanian phishing threat
http://software.silicon.com/security/0,39024655,39170306,00.htmMoney or your life, scam warns
http://www.nzherald.co.nz/section/story.cfm?c_id=5&objectid=10497340Outlook bleak for Phishing defeat
http://weblog.infoworld.com/zeroday/archives/2008/03/phishing_apwg_m.html
PIRACY & COPYRIGHT
Olympics website hosting ‘pirated’ games
http://www.vnunet.com/vnunet/news/2211616/olympic-game-piracy-allegedUS cracks multimillion-dollar piracy ring
http://www.vnunet.com/vnunet/news/2211588/software-pirates-porridge
DATALOSS/INFORMATION SECURITY BREACHES
Cutting-edge PDP Tech Leaked to Chinese Firm
http://english.donga.com/srv/service.php3?bicode=040000&biid=2008030681038
http://news.smh.com.au/skorea-alleges-factory-design-espionage/20080307-1xox.html
http://news.smh.com.au/skorea-indicts-man-for-allegedly-passing-plasma-technology-to-chinese-company/20080306-1xni.html245 computers stolen from 19 universities
http://www.yomiuri.co.jp/dy/national/20080309TDY01305.htmMissing Laptop Prompts ID Theft Concern at Blue Cross-Blue Shield of WNY
http://www.wgrz.com/sports/sports_article.aspx?storyid=56110&provider=gnewsSecurity breach investigated in Troy schools
http://www.thedailyreview.com/site/news.cfm?newsid=19372545&BRD=2276&PAG=461&dept_id=465049&rfi=6Hospital donor files compromised
http://www.bendbulletin.com/apps/pbcs.dll/article?AID=/20080306/NEWS0107/803060442/1006&nav_category=Widow, 65, humiliated by Bebo web page that painted her as a scarlet woman
http://technology.timesonline.co.uk/tol/news/tech_and_web/the_web/article3498888.eceMedicaid computers stolen from office
http://galvestondailynews.com/story.lasso?ewcd=a3aa2e57aa6c0cc5&-session=TheDailyNews:42F941E80785800A93KPm22DB644ICO probes 40 fresh Govt data breaches
http://www.precisionmarketing.co.uk/Articles/256135/ICO+probes+40+fresh+Govt+data+breaches.htmlGambling site brought to its knees by ‘unstoppable’ botnet
http://software.silicon.com/security/0,39024655,39170296,00.htm
http://www.zdnetasia.com/news/security/0,39044215,62038610,00.htm
http://news.zdnet.co.uk/security/0,1000000189,39364638,00.htmConfidential files stolen from MTV computers
http://www.reuters.com/article/domesticNews/idUSN0737164120080308?feedType=RSS&feedName=domesticNews
http://www.news.com/8301-10784_3-9889035-7.htmlHoustonians’ Personal Information Found On Internet
http://www.click2houston.com/news/15523600/detail.html
ARRESTS, SENTENCING & CONVICTIONS
NYPD breaks up massive credit card fraud ring
http://www.newsday.com/news/local/newyork/ny-liring0307,0,283158,print.story
http://www.securityfocus.com/brief/697Officer admits taking personal data from police computer
http://www.newsguardian.co.uk/latest-news/Officer-admits-taking-personal-data.3857063.jpBrothers caged for selling pirated Adobe software
http://www.channelregister.co.uk/2008/03/07/adobe_internet_piracy_ring_cracked/Dutch court convicts Nigerian Internet fraudsters
http://today.reuters.co.uk/news/articlenews.aspx?type=internetNews&storyID=2008-03-10T172304Z_01_L10465441_RTRIDST_0_OUKIN-UK-DUTCH-FRAUD.XML&archived=False
http://www.nzherald.co.nz/section/story.cfm?c_id=5&objectid=10497388Exhibitors Raided at German Tech Fair
http://www.vnunet.com/vnunet/news/2211637/police-launch-massive-cebit
http://news.smh.com.au/exhibitors-raided-at-german-tech-fair/20080307-1xoo.html
http://news.smh.com.au/authorities-seize-gadgets-during-patent-raid-at-german-tech-fair/20080307-1xo2.html
COURT CASES AND LEGAL ISSUES
IBM Hit With $6 Million Software Fraud Suit
http://www.informationweek.com/shared/printableArticle.jhtml?articleID=206902734NSW police to search computer networks
http://www.abc.net.au/news/stories/2008/03/06/2182021.htmTories want new ‘cybercrime’ police unit
http://www.telegraph.co.uk/news/main.jhtml?xml=/news/2008/03/06/ncyber106.xml
http://software.silicon.com/security/0,39024655,39170292,00.htm
DATA PRIVACY & PROTECTION
Ad system ‘will protect privacy’
http://news.bbc.co.uk/2/hi/technology/7280791.stmBankrupt lenders throwing away your privacy
http://www.msnbc.msn.com/id/23505497/Google-Double Click merger raises privacy concerns
http://euobserver.com/9/25793More FBI Privacy Violations Confirmed
http://ap.google.com/article/ALeqM5gxSQM-Pj5GvDDx_r9HNZvtF6JAGgD8V7HN7O0Denver airport blocking potentially racy sites from Wi-Fi system
http://news.smh.com.au/denver-airport-blocking-potentially-racy-sites-from-wifi-system/20080306-1x9u.htmlCitizens must realise value of private data
http://www.vnunet.com/computing/analysis/2211306/citizens-realise-value-private-3859725Gateway reviews must look at privacy, says Information Commissioner
http://www.vnunet.com/computing/news/2211261/gateway-reviews-look-privacy-3862899Facebook could cause “privacy chernobyls”
http://www.zdnet.com.au/news/security/soa/Facebook-could-cause-privacy-chernobyls-/0,130061744,339286631,00.htm?feed=rss
REPORTS & RESEARCH
ID fraud – the top 25 leaky institutions
http://www.heise.de/english/newsticker/news/104799Make vendors liable for exploits
http://www.theregister.co.uk/2008/03/10/security_economics/77,500 cases of ID theft a year
http://news.scotsman.com/uk/77500-cases-of-ID-theft.3858822.jpMisconfigured networks create huge security risks
http://searchsecurity.techtarget.com/news/article/0,289142,sid14_gci1303728,00.html?track=sy160&asrc=RSS_RSS-10_160
COMMENTARY
Forum Sounds The Trumpets For Defense In Depth
http://www.informationweek.com/shared/printableArticle.jhtml?articleID=206901980Sites With Anti-Fraud Sign Still Flawed
http://news.smh.com.au/sites-with-antifraud-sign-still-flawed/20080306-1xab.html
STUDIES AND SURVEYS
Airport ad-hoc hot spots could be dangerous
http://www.zdnetasia.com/news/security/0,39044215,62038620,00.htmSecurity skills are top IT priority
http://www.vnunet.com/computing/news/2211454/security-skills-top-priorityChannel urged to plug the security skills gap
http://www.vnunet.com/crn/news/2211492/channel-urged-plug-security-3875031Brits worth billions to online fraudsters
http://www.vnunet.com/vnunet/news/2211510/brits-worth-billions-onlineSMBs Plagued by Spyware
http://www.midmarket.eweek.com/c/a/News/Survey-SMBs-Plagued-by-Spware/IT security lacking in best practices
http://www.networkworld.com/news/2008/030708-it-security-lacking-in-best.html?fsrc=rss-security
SECURITY AWARENESS
Don’t forget to secure your BlackBerry, companies told
http://software.silicon.com/security/0,39024655,39170322,00.htm
DISASTER RECOVERY & BUSINESS CONTINUITY
Computer problems threaten 2010 Census
http://www.miamiherald.com/top_stories/story/449154.html
MISC
Camera ‘looks’ through clothing
http://news.bbc.co.uk/2/hi/technology/7287135.stm
http://www.informationweek.com/shared/printableArticle.jhtml?articleID=206902745
http://www.nzherald.co.nz/section/story.cfm?c_id=5&objectid=10497187Legendary virus programmer group dissolved
http://www.heise.de/english/newsticker/news/104820
http://www.theregister.co.uk/2008/03/07/29a_rip/HSBC forgets to renew its digital certificate
http://www.theregister.co.uk/2008/03/10/hsbc_cert_glitch/South Korea grounds astronaut for security gaffe
http://www.theregister.co.uk/2008/03/10/south_korean_astronaut/IE 8, Firefox 3 to tackle malware
http://www.zdnetasia.com/news/security/0,39044215,62038618,00.htm
Linux tool speeds up computer forensics for cops
http://www.zdnetasia.com/news/security/0,39044215,62038612,00.htm
Stories courtesy of the following sources, RTE, The Irish Independent, SiliconRepublic.com, ZDNet, The Register, Pogowasright.org, Heise Magazine, BBC, SC Magazine, VNUNET, Sydney Morning Herald, New Zealand Herald, EU Observer, The Times & the Web Hacking Incidents Database.
About the Author: bhimport
