Below is a round up of news stories relating to information security that we have collated from the past few days. For ease of use we have categorised the stories under the most appropriate headings. If there are other stories that may be of interest please let us know via the comments feature.
VULNERABILITIES
Vulnerabilities in Cisco IP telephony products
http://www.heise-online.co.uk/security/Vulnerabilities-in-Cisco-IP-telephony-products–/news/110123Multiple flaws reported in Linux
http://www.zdnetasia.com/news/security/0,39044215,62037780,00.htm
PATCHES
FreeBSD closes vulnerabilities
http://www.heise-online.co.uk/security/FreeBSD-closes-vulnerabilities–/news/110129Cisco plugs VoIP malware loophole
http://www.theregister.co.uk/2008/02/15/cisco_voip_update/
COMPUTER VIRUSES, WORMS, TROJANS & OTHER MALWARE
Sophos: Linux machines hijacked for botnets
http://www.heise-online.co.uk/security/Sophos-Linux-machines-hijacked-for-botnets–/news/110132
EXPLOITS & ACTIVE ATTACKS
Use of Rogue DNS Servers on Rise
http://ap.google.com/article/ALeqM5ifrgeDBfUGAvXtLH_vgVrKcm0s_wD8UPLR8O1
Multifunction Printers: The Forgotten Security Risk
http://www.eweek.com/c/a/Printers/Multifunction-Printers-The-Forgotten-Security-Risk/
Public information kiosks vulnerable to hacking
http://www.zdnetasia.com/news/security/0,39044215,62037896,00.htmExploiting QuickTime flaws in ‘Second Life’
http://www.zdnetasia.com/news/security/0,39044215,62037883,00.htm
Researcher releases exploit codes for Linux kernel 2.6 flaws
http://www.scmagazine.com/uk/news/article/783741/researcher-releases-exploit-codes-linux-kernel-26-flaws/
GOVERNMENT SECURITY ISSUES
OMB does not support bill to update FISMA
http://www.fcw.com/online/news/151642-1.html
U.K. police unprepared for security ‘arms race’
http://www.zdnetasia.com/news/security/0,39044215,62037857,00.htm
http://software.silicon.com/security/0,39024655,39170040,00.htm
Web porn software filter a dud
http://www.smh.com.au/news/web/web-porn-software-filter-a-dud/2008/02/16/1203190635858.html
EU must educate SMEs on IT security
http://www.vnunet.com/computing/news/2209583/eu-educate-smes-security-3821213HMRC gets bugging powers
http://www.accountingweb.co.uk/cgi-bin/item.cgi?id=179396&d=1025&h=1019&f=1026Defense, GSA lead way on encryption technology
http://www.govexec.com/dailyfed/0208/021408n1.htm
PIRACY & COPYRIGHT
War on music piracy
http://www.smh.com.au/news/web/war-on-music-piracy/2008/02/16/1203190635860.html
Legal attack dogs chase software pirates from eBay
http://www.channelregister.co.uk/2008/02/14/ebay_pirate_auctions/
SPAM, PHISHING, ONLINE SCAMS & IDENTITY THEFT
UK banks targeted by phishing attacks
http://www.zdnetasia.com/news/security/0,39044215,62037901,00.htm‘Fake’ scam text messages warn against rip-offs
http://networks.silicon.com/mobile/0,39024665,39170059,00.htmUK bank blames fraudsters for World of Warcraft ban
http://www.theregister.co.uk/2008/02/15/halifax_blizzard_block/
DATALOSS/INFORMATION SECURITY BREACHES
Another public sector laptop goes missing
http://www.heise-online.co.uk/security/Another-public-sector-laptop-goes-missing–/news/110127
http://www.dailymail.co.uk/pages/live/articles/news/news.html?in_article_id=514463&in_page_id=1770 http://www.theregister.co.uk/2008/02/15/more_nhs_data_losses/
http://www.vnunet.com/vnunet/news/2209789/nhs-laptop-discharged-patientsInadvertent computer error places names of Texas A&M System Agricultural employees on Web site
http://agnews.tamu.edu/showstory.php?id=353Major Linux security glitch lets hackers in at Claranet
http://www.theregister.co.uk/2008/02/14/claranet_linux_security_hole/Stolen photos from laptop tell a tawdry tale
http://www.smh.com.au/news/web/stolen-photos-from-laptop-tell-a-tawdry-tale/2008/02/14/1202760468956.htmlInternet security breach at Vodacom
http://www.thetimes.co.za/PrintEdition/News/Article.aspx?id=707712F.B.I. Gained Unauthorized Access to E-Mail
http://www.nytimes.com/2008/02/17/washington/17fisa.html?_r=1&adxnnl=1&oref=slogin&adxnnlx=1203331204-f6KYeP+WO3ONSi0MP+OhHwDebit hackers make ‘huge’ haul
http://cnews.canoe.ca/CNEWS/Crime/2008/02/15/4849041-sun.htmlSan Jose councilman’s former intern accused of hacking into city e-mail
http://www.mercurynews.com/valley/ci_8280565LGT says customer data stolen in 2002
http://www.guardian.co.uk/feedarticle?id=7313316Lexmark employees notified of breach
http://www.kentucky.com/101/story/318946.htmlData breaches: No more than normal
http://software.silicon.com/security/0,39024655,39170070,00.htm
ARRESTS, SENTENCING & CONVICTIONS
Software police nab top UK chipper
http://www.vnunet.com/vnunet/news/2209823/elspa-nabs-top-uk-chipper
COURT CASES AND LEGAL ISSUES
HP settles spying case
http://www.vnunet.com/vnunet/news/2209799/hp-settles-spying-case
A ‘high-tech lock pick’ is upheld in Dorozhko insider trading case
http://www.iht.com/articles/2008/02/14/business/norris.php
INDUSTRY STANDARDS, COMPLIANCE & REGULATORY ISSUES
SAFECode on software assurance
http://www.gcn.com/online/vol1_no1/45811-1.htmlData encryption requirement sought
http://www.indystar.com/apps/pbcs.dll/article?AID=/20080216/BUSINESS/802160415/-1/LOCAL17
DATA PRIVACY & PROTECTION
Net firms reject monitoring role
http://news.bbc.co.uk/2/hi/technology/7246403.stmAnger over pupils database plan
http://news.bbc.co.uk/2/hi/uk_news/politics/7242326.stmBrussels attacks new US security demands
http://euobserver.com/9/25657EU Commission criticizes watermarks on colour laser printouts
http://www.heise.de/english/newsticker/news/103576
http://www.theregister.co.uk/2008/02/15/secret_printer_tracking_dots/Smeared on the internet? Then call in the cleaners
http://technology.timesonline.co.uk/tol/news/tech_and_web/the_web/article3382175.eceData laws: protecting society or invading privacy?
http://www.enn.ie/article/10123901.html
REPORTS & RESEARCH
Conditions ripe for phone viruses to spread
http://www.smh.com.au/news/security/conditions-ripe-for-phone-viruses/2008/02/14/1202760476621.htmlRise in Mac malware attacks ‘inevitable’
http://www.vnunet.com/vnunet/news/2209812/macs-expected-targeted-futureUS elections become latest malware lure
http://www.vnunet.com/vnunet/news/2209756/elections-become-latest-malwareFriendly ‘worms’ could spread software fixes
http://technology.newscientist.com/article/dn13318-friendly-worms-could-spread-software-fixes.html
http://www.smh.com.au/news/security/microsoft-wants-to-worm-its-way-into-your-pc/2008/02/15/1202760555255.html
http://www.theregister.co.uk/2008/02/15/ms_friendly_worm/
STUDIES AND SURVEYS
Execs should be jailed for data loss
http://www.zdnetasia.com/news/security/0,39044215,62037843,00.htm
http://www.silicon.com/research/specialreports/fulldisclosure/0,3800014102,39170042,00.htm
COMMENTARY
Security expert: ROI figures are meaningless
http://www.zdnetasia.com/news/security/0,39044215,62037905,00.htm
MISC
Anti-Spyware Company Accused Of Deception
http://www.informationweek.com/shared/printableArticle.jhtml?articleID=206600029
