Below is a round up of news stories relating to information security that we have collated from the past few days. For ease of use we have categorised the stories under the most appropriate headings. If there are other stories that may be of interest please let us know via the comments feature.

VULNERABILITIES

Password weak link in Apple’s Keychain
http://www.zdnetasia.com/news/security/0,39044215,62038325,00.htm

Security experts warn of potential malicious AIR code
http://www.zdnetasia.com/news/security/0,39044215,62038215,00.htm

VMware security bug exposed
http://www.zdnetasia.com/news/security/0,39044215,62038163,00.htm
http://www.theregister.co.uk/2008/02/25/vmware_critical_vuln/
http://news.zdnet.co.uk/security/0,1000000189,39341144,00.htm?r=2

PATCHES

VMware Moves To Counter Virtual Machine Security Threat
http://www.informationweek.com/shared/printableArticle.jhtml?articleID=206900669
http://www.scmagazine.com/uk/news/article/787543/vmware-releases-api-simplifies-securing-vitalized-environments/

Firefox 3 final beta to be released in March
http://news.zdnet.co.uk/security/0,1000000189,39352913,00.htm?r=2

Symantec closes holes in Backup Exec for Windows Server
http://www.heise-online.co.uk/security/news/print/110203

COMPUTER VIRUSES, WORMS & TROJANS

Another worm burrows through Orkut
http://www.heise-online.co.uk/security/Another-worm-burrows-through-Orkut–/news/110220
http://www.scmagazine.com/uk/news/article/786824/googles-orkut-hit-self-propagating-trojan/
http://www.theregister.co.uk/2008/02/29/orkut_worm_reloaded/

Malware removes rival rootkits
http://www.channelregister.co.uk/2008/02/28/rootkit_wars/

InfoJack Trojan burrows into Windows CE machines
http://www.theregister.co.uk/2008/02/27/infojack_trojan/

EXPLOITS & ACTIVE ATTACKS

Mac OS X: Undetected malware and plain text passwords
http://www.heise-online.co.uk/security/Mac-OS-X-Undetected-malware-and–plain-text-passwords–/news/110215

‘Safe’ websites stealing info
http://www.news.com.au/story/0,23599,23297473-2,00.html

Hackers claim they broke key security code
http://www.registerbee.com/servlet/Satellite?pagename=DRB/MGArticle/DRB_BasicArticle&c=MGArticle&cid=1173354796772

Link hack redirects MySpace visitors to phishing site
http://www.scmagazine.com/uk/news/article/786778/link-hack-redirects-myspace-visitors-phishing-site/

Underground tools foil generic virus detection
http://www.theregister.co.uk/2008/03/03/underground_malware_testing/

Bitlocker hack is easily prevented, Microsoft says
http://www.channelregister.co.uk/2008/02/27/bitlocker_hack_prevention/

Encryption firms speak up on DRam attack
http://www.vnunet.com/vnunet/news/2210836/encryption-firms-speak-dram

GOVERNMENT SECURITY ISSUES

US seeks terrorists in web worlds
http://news.bbc.co.uk/2/hi/technology/7274377.stm

EU extends net safety programme
http://news.bbc.co.uk/2/hi/technology/7270790.stm
http://news.smh.com.au/eu-to-spend-euro55-million-on-initiatives-to-make-internet-safe-for-children/20080228-1vct.html

Aussie govt hunts outsourcer for e-threat warnings
http://www.zdnetasia.com/news/security/0,39044215,62038170,00.htm

EU-wide security project proposed
http://www.computing.co.uk/computing/news/2210541/european-knowledge-store

DHS gives itself a ‘C’ for cybersecurity
http://www.govexec.com/story_page.cfm?articleid=39393

Cyber Storm II stirring
http://www.fcw.com/online/news/151806-1.html

DH seeks tougher sanctions for security breaches
http://www.e-health-insider.com/news/3516/dh_seeks_tougher_sanctions_for_security_breaches

Patient database open to access by non-qualified NHS staff
http://www.computerweekly.com/Articles/2008/03/03/229636/patient-database-open-to-access-by-non-qualified-nhs.htm

SPAM, PHISHING & ONLINE SCAMS

Six botnets responsible for nearly all spam
http://www.heise-online.co.uk/security/Six-botnets-responsible-for-nearly-all-spam–/news/110219
http://www.theregister.co.uk/2008/02/29/botnet_spam_deluge/

Phishers clean up at online casinos
http://www.theregister.co.uk/2008/02/28/casino_phishing/

Phishing attacks escalate sharply
http://www.zdnetasia.com/news/security/0,39044215,62038425,00.htm

DATALOSS/INFORMATION SECURITY BREACHES

Brazil’s oil data mystery cracked
http://www.chron.com/disp/story.mpl/business/5580547.html

Wheat trader for MF Global loses $141.5 million in unauthorized trading
http://www.iht.com/articles/2008/02/29/business/29trader.php

Hackers penetrate police email accounts
http://www.thelocal.se/10170/20080229/

HP leaks personal data on Web site
http://search.japantimes.co.jp/mail/nb20080301n3.html

Arsenal fan site hacked
http://www.webuser.co.uk/news/news.php?id=195374
http://www.theregister.co.uk/2008/02/29/gooner_malware_assault/

Dutch tax office deletes 730,000 tax returns
http://www.theregister.co.uk/2008/02/29/sorry_we_lost_your_tax_return/

Computer Sweden: Swedish Officials’ Passwords Revealed by Hacker
http://www2.csoonline.com/blog_view.html?CID=33588

Hackers attack MySpace and Facebook
http://www.vnunet.com/vnunet/news/2210932/buffer-overflow-hacks-target

ARRESTS, SENTENCING & CONVICTIONS

“Bot herder” AKILL appears in court
http://www.heise-online.co.uk/security/Bot-herder-AKILL-appears-in-court–/news/110213
http://www.smh.com.au/news/security/bail-for-alleged-spybot-leader/2008/02/29/1204226977398.html
http://www.theregister.co.uk/2008/02/29/nz_botmaster_latest/
http://www.nzherald.co.nz/section/story.cfm?c_id=5&objectid=10495528

Spurned internet-dater faces jail for spreading nude pics
http://www.timesonline.co.uk/tol/news/uk/article3447080.ece

Prolific spammer’s felony conviction upheld
http://www.msnbc.msn.com/id/23411441/
http://news.smh.com.au/prolific-spammers-conviction-upheld/20080301-1w04.html
http://www.vnunet.com/vnunet/news/2210969/spammer-loses-free-speech

HK celeb’s nude pics lead to more arrests (+photos)
http://www.nzherald.co.nz/section/story.cfm?c_id=5&objectid=10495612

Spam King trial set to start next month
http://www.computingsa.co.za/article.aspx?id=717503

FEDERAL PLEAS HEARD IN EASTERN DISTRICT OF TEXAS
http://www.ntxe-news.com/artman/publish/article_44139.shtml

2 get prison terms in ID theft from clinic patients
http://www.chron.com/disp/story.mpl/headline/metro/5583753.html

Nine arrested as B.C. identity-theft ring busted
http://www.canada.com/calgaryherald/news/story.html?id=fd7c7860-462d-474d-ae2c-ec74a24740a3

COURT CASES AND LEGAL ISSUES

Legal aid for whistle-blower site
http://news.bbc.co.uk/2/hi/technology/7268581.stm

Lawyer admits computer breach
http://sundaygazettemail.com/News/200803010561

US judge restores Wikileaks website
http://news.smh.com.au/us-judge-restores-wikileaks-website/20080302-1w76.html

INDUSTRY STANDARDS, COMPLIANCE & REGULATORY ISSUES

Software company says it can still resell Microsoft licences
http://www.channelregister.co.uk/2008/02/29/microsoft_licence_resale/

DATA PRIVACY & PROTECTION

EU guidelines on RFID aim to protect privacy
http://news.zdnet.co.uk/security/0,1000000189,39336502,00.htm?r=2

In a State of surveillance
http://www.siliconrepublic.com/news/news.nv?storyid=single10383

German court allows limited Internet surveillance
http://news.smh.com.au/german-court-allows-limited-internet-surveillance/20080228-1vdt.html

REPORTS & RESEARCH

Healthcare organizations feeling cyberattacks growing
http://www.networkworld.com/news/2008/022708-healthcare-cyberattacks.html

IT governance rising up the agenda
http://www.vnunet.com/vnunet/news/2210908/third-companies-implementing

Malware writers team up for virus testing
http://www.vnunet.com/vnunet/news/2210835/malware-writers-team-virus

Virus authors ‘pack’ malware to avoid detection
http://www.vnunet.com/vnunet/news/2210837/virus-authors-pack-malware

Data breaches cost an average business £1.4m
http://news.zdnet.co.uk/security/0,1000000189,39341215,00.htm?r=2

COMMENTARY

Extra staff needed to boost bank IT security
http://www.vnunet.com/vnunet/news/2210961/extra-staff-needed-boost-bank

STUDIES AND SURVEYS

Internet shoppers clueless on Web security
http://www.zdnetasia.com/news/security/0,39044215,62038211,00.htm

Survey shows IT security employees in demand, but skills lack
http://www.scmagazine.com/uk/news/article/787540/survey-shows-security–employees-demand-skills-lack/

Surfers not confident with online security
http://www.vnunet.com/vnunet/news/2210842/european-surfers-confident

DISASTER RECOVERY & BUSINESS CONTINUITY

LinkedIn networking site suffers hourlong outage related to big upgrade
http://news.smh.com.au/linkedin-networking-site-suffers-hourlong-outage-related-to-big-upgrade/20080301-1w0u.html

Glitch blocks some users’ access to Microsoft’s Hotmail
http://news.smh.com.au/glitch-blocks-some-users-access-to-microsofts-hotmail/20080227-1v4v.html

Stories courtesy of the following sources, RTE, The Irish Independent, SiliconRepublic.com, ZDNet, The Register, Pogowasright.org, Heise Magazine, BBC, SC Magazine, VNUNET, Sydney Morning Herald, New Zealand Herald, EU Observer, The Times & the Web Hacking Incidents Database.