newspaper.jpgBelow is a round up of news stories relating to information security that we have collated from the past few days.  For ease of use we have categorised the stories under the most appropriate headings.  If there are other stories that may be of interest please let us know via the comments feature.

 

VULNERABILITIES

AV Still Weak on Rootkit Detection, Fixing Infections
http://www.darkreading.com/document.asp?doc_id=148266&print=true

Windows Home Server Bug Won’t Be Fixed Until June
http://www.informationweek.com/shared/printableArticle.jhtml?articleID=206903032
http://www.heise.de/english/newsticker/news/104982

Possible vulnerability in TrueCrypt 5.1
http://www.heise-online.co.uk/security/Possible-vulnerability-in-TrueCrypt-5-1–/news/110308

BlackBerry servers ripe for the hacking
http://www.techworld.com/security/news/index.cfm?newsID=11663

Counterfeit Chips Raise Big Hacking, Terror Threats, Experts Say
http://www.popularmechanics.com/technology/industry/4253628.html

RealPlayer vulnerable in Internet Explorer
http://www.zdnetasia.com/news/security/0,39044215,62038863,00.htm

Insecure by design: Cisco product shipped with backdoor
http://www.heise-online.co.uk/security/Insecure-by-design-Cisco-product-shipped-with-backdoor–/news/110320

Virtualization’s secret security threats
http://www.infoworld.com/article/08/03/13/11NF-virt-security_1.html

Security Card Chip Can Be Hacked
http://news.smh.com.au/security-card-chip-can-be-hacked/20080313-1z2o.html
http://www.linuxworld.com.au/index.php/id;1618903200;fp;2;fpid;1

Unpatched RealPayer bug paves way for drive-by downloads
http://www.theregister.co.uk/2008/03/12/realplayer_bug/

Pacemakers Vulnerable To Hacking
http://www.informationweek.com/shared/printableArticle.jhtml?articleID=206903321
http://www.heise.de/english/newsticker/news/104983
http://news.smh.com.au/pacemakers-at-danger-from-hackers-study/20080313-1z24.html
http://www.theregister.co.uk/2008/03/12/heart_monitor_hacking/

PATCHES

Microsoft Updates Office 2008 For Mac With Critical Fixes
http://www.informationweek.com/shared/printableArticle.jhtml?articleID=206903062

Microsoft Patch Tuesday Fixes A Dozen Office Flaws
http://www.informationweek.com/shared/printableArticle.jhtml?articleID=206903046
http://www.zdnetasia.com/news/security/0,39044215,62038864,00.htm
http://www.scmagazine.com/uk/news/article/790218/microsoft-patches-excel-zero-day-bug-three-fixes/
http://www.theregister.co.uk/2008/03/12/march_patch_tuesday/
http://www.vnunet.com/vnunet/news/2211791/office-fixes-dominate-monthly

Cisco sets dates for IOS patch releases
http://www.scmagazine.com/uk/news/article/790167/cisco-sets-dates-ios-patch-releases/

Cisco patches holes in Secure Access Control Server
http://www.heise-online.co.uk/security/Cisco-patches-holes-in-Secure-Access-Control-Server–/news/110312
http://www.informationweek.com/shared/printableArticle.jhtml?articleID=206903346

Adobe goes on patching spree
http://www.heise-online.co.uk/security/Adobe-goes-on-patching-spree–/news/110310
http://www.informationweek.com/shared/printableArticle.jhtml?articleID=206903346

COMPUTER VIRUSES, WORMS & TROJANS

Olympic trojan beats Microsoft to Excel patch
http://www.zdnetasia.com/news/security/0,39044215,62038852,00.htm

EXPLOITS & ACTIVE ATTACKS

Rent-a-bot gang rises from the DDoS ashes
http://www.channelregister.co.uk/2008/03/13/loadscc_rises_again/

Mac security site littered with malware
http://www.theregister.co.uk/2008/03/12/mac_security_site_malware_infestation/

Hackers claim iPhone 2.0 breakthrough
http://www.zdnetasia.com/news/security/0,39044215,62038909,00.htm

Exploit code created for hole in RealPlayer
http://www.scmagazine.com/uk/news/article/790194/exploit-code-created-hole-realplayer/

BBC iPlayer targeted by hackers
http://technology.timesonline.co.uk/tol/news/tech_and_web/article3546963.ece

Thieving Third-Party Gmail App Highlights Google Security Worries
http://www.informationweek.com/shared/printableArticle.jhtml?articleID=206902839
http://www.zdnetasia.com/news/security/0,39044215,62038812,00.htm

GOVERNMENT SECURITY ISSUES

NSA Pushes ‘Labeled’ Access Control for NFS
http://www.darkreading.com/document.asp?doc_id=148360&print=true
http://www.gcn.com/online/vol1_no1/45944-1.html

Police e-crime funding set for green light?
http://software.silicon.com/security/0,39024655,39170345,00.htm

Police and UK Plc call for a national e-crime unit
http://software.silicon.com/security/0,39024655,39170344,00.htm

US military concerned about increasing cyber attacks
http://www.heise-online.co.uk/security/US-military-concerned-about-increasing-cyber-attacks–/news/110307
http://www.ft.com/cms/s/0/258b5638-efd9-11dc-8a17-0000779fd2ac.html

Nova, PPG test readiness for cyber war
http://www.post-gazette.com/pg/08072/864263-28.stm

Cyberexercise shows need for better training to avoid major network failures
http://www.govexec.com/story_page.cfm?articleid=39524

SPAM, PHISHING & ONLINE SCAMS

Spam Takes a Vacation
http://www.darkreading.com/document.asp?doc_id=148157&print=true
http://www.theregister.co.uk/2008/03/11/global_spam_trends/

Measures sought against VoIP spam
http://www.heise.de/english/newsticker/news/104928

PIRACY & COPYRIGHT

Publishers Phase Out Piracy Protection on Audio Books
http://www.nytimes.com/2008/03/03/business/media/03audiobook.html?_r=1&oref=slogin

BBC calls DRM cops on iPlayer download party
http://www.theregister.co.uk/2008/03/13/iplayer_iphone_drm_loophole_closed/

DATALOSS/INFORMATION SECURITY BREACHES

HealthNow data goes missing as laptop vanishes
http://www.buffalonews.com/145/story/296415.html

MTV Breach Underscores Company’s Need For DLP
http://www.crn.com/security/206902848

MoD admits to losing 11,000 ID cards
http://www.silicon.com/publicsector/0,3800010403,39170355,00.htm

Harvard Says Hacker Broke Into System
http://news.smh.com.au/harvard-says-hacker-broke-into-system/20080314-1zbg.html

Counselling Service admits breach of trust after releasing over 300 emails
http://www.nouse.co.uk/2008/03/13/counselling-service-admits-breach-of-trust-after-releasing-over-300-emails/print/

Amerindian Center warns about security breach
http://www.greenbaypressgazette.com/apps/pbcs.dll/article?AID=/20080313/GPG0101/803130643/1207/GPGnews

Police suffer memory loss
http://www.thecomet.net/content/comet/news/story.aspx?brand=CMTOnline&category=News&tBrand=herts24&tCategory=newscomnew&itemid=WEED13%20Mar%202008%2010%3A22%3A10%3A867

Harvard grad students hit in computer intrusion
http://www.computerworld.com/action/article.do?command=viewArticleBasic&articleId=9068221&intsrc=hm_list

Thousands hit by breaches of data
http://news.bbc.co.uk/2/hi/uk_news/scotland/7290981.stm

MoD confirms data of 63,000 recruits at risk
http://www.theherald.co.uk/news/news/display.var.2111679.0.MoD_confirms_data_of_63_000_recruits_at_risk.php

40,000 names, Social Security numbers on stolen computer
http://www.ocregister.com/news/computer-fullerton-stolen-1996864-detectives-king

Recovered computer held information on employees
http://www.modbee.com/local/story/235943.html

Lost PEIA tape still not found
http://media.www.marshallparthenon.com/media/storage/paper534/news/2008/03/11/News/Lost-Peia.Tape.Still.Not.Found-3262181.shtml

Oklahoma County Clerk’s records reveal social security numbers
http://www.tulsatoday.com/newsdesk/index.php?option=com_content&task=view&id=1485&Itemid=2

Trend Micro’s web site infected
http://www.heise-online.co.uk/security/Trend-Micro-s-web-site-infected–/news/110319
http://www.theregister.co.uk/2008/03/13/trend_micro_website_infected/
http://news.zdnet.co.uk/security/0,1000000189,39366046,00.htm

Laptop with patient information stolen from University Health Care
http://www.ksl.com/?nid=148&sid=2849851

ARRESTS, SENTENCING & CONVICTIONS

LSDigital drops federal botnet confession
http://www.theregister.co.uk/2008/03/14/bot_herder_cops_plea/

DATA PRIVACY & PROTECTION

Virtual demos over net censorship
http://news.bbc.co.uk/2/hi/in_depth/7292130.stm
http://www.heise.de/english/newsticker/news/104866

Germany and US to share fingerprint, DNA databases
http://www.zdnetasia.com/news/security/0,39044215,62038849,00.htm

Lobby group condemns big four labels’ attack on Eircom
http://www.siliconrepublic.com/news/news.nv?storyid=single10502

Syria expands “iron censorship” over Internet
http://today.reuters.co.uk/news/newsArticle.aspx?type=internetNews&storyID=2008-03-13T193521Z_01_L1383536_RTRIDST_0_OUKIN-UK-SYRIA-INTERNET.XML

Open Rights Group questions Phorm
http://news.bbc.co.uk/2/hi/technology/7291637.stm
http://www.vnunet.com/vnunet/news/2211959/open-rights-group-raises

EU and US reach deal on travel security negotiations
http://euobserver.com/9/25828

REPORTS & RESEARCH

Card fraud up by a quarter to £535m
http://www.silicon.com/retailandleisure/0,3800011842,39170334,00.htm
http://www.vnunet.com/vnunet/news/2211943/online-banking-fraud-decline
http://www.vnunet.com/computing/news/2211782/card-fraud-abroad-soars

Security certification needs to be strengthened
http://www.vnunet.com/computing/news/2211785/security-certification-needs

Compliance to drive archiving technology growth
http://www.siliconrepublic.com/news/news.nv?storyid=single10498

Foreign losses jack UK plastic fraud up to £535.2m
http://www.theregister.co.uk/2008/03/12/card_fraud_latest_apacs/

Cyber-attack launched from 10,000 web pages
http://www.vnunet.com/vnunet/news/2211936/cyber-attack-launched-web-pages
http://security.blogs.techtarget.com/2008/03/13/mcafee-discovers-10000-malware-laced-sites/

COMMENTARY

Analysts call for secure Facebook access for workers
http://www.theregister.co.uk/2008/03/13/gartner_facebook_secure_business/

Corporate espionage: Not if, but when
http://resources.zdnet.co.uk/articles/features/0,1000002000,39365959,00.htm

Make vendors liable for exploits
http://www.theregister.co.uk/2008/03/10/security_economics/

Your next high-tech gadget may come bundled with an extra _ a virus
http://news.smh.com.au/your-next-hightech-gadget-may-come-bundled-with-an-extra–a-virus/20080314-1zde.html

STUDIES AND SURVEYS

‘Risky’ remote workers fuel security spending
http://www.zdnetasia.com/news/security/0,39044215,62038883,00.htm
http://software.silicon.com/security/0,39024655,39170328,00.htm
http://www.vnunet.com/vnunet/news/2211857/security-budgets-rise

Banks more trustworthy than government over data security
http://www.vnunet.com/computing/news/2211996/banks-trustworthy-government

Online services create security headache for airlines
http://www.zdnetasia.com/news/security/0,39044215,62038854,00.htm

Security skills top IT chiefs’ wish-lists
http://software.silicon.com/security/0,39024655,39170362,00.htm

MISC

SOA-based system compels security overhaul at hotel chain
http://www.networkworld.com/news/2008/031208-soa-security-starwood.html

Chinese ‘hacker’ denies CNN report
http://www.china.org.cn/china/national/2008-03/11/content_12264393.htm

Banking industry teams up with fraud police
http://www.vnunet.com/computing/news/2211651/banking-industry-welcomes-fraud

Russian serfs paid $3 a day to break CAPTCHAs
http://www.theregister.co.uk/2008/03/14/captcha_serfs/

Convicted cybercrook stands for election in the Ukraine
http://www.theregister.co.uk/2008/03/14/hackers_form_ukrainian_political_party/

Stories courtesy of the following sources, RTE, The Irish Independent, SiliconRepublic.com, ZDNet, The Register, Pogowasright.org, Heise Magazine, BBC, SC Magazine, VNUNET, Sydney Morning Herald, New Zealand Herald, EU Observer, The Times & the Web Hacking Incidents Database.

About the Author: bhimport

Let’s Talk

Please leave your contact details and a member of our team will be in touch shortly.

Name*