Wired: AP Technology and Business News from the Outside World on Wired.com: "TOKYO (AP) -- Tiny computer chips used for tracking food, tickets and other items are getting even smaller. Hitachi Ltd., a Japanese electronics maker, recently showed off radio frequency identification, or RFID, chips that are just 0.002 inches by 0.002 inches and look like bits of powder."
source
Can't remember your password? Don't panic-News-Tech & Web-The Web-TimesOnline: "Companies are competing to introduce a single, secure login that would work for all bank accounts, shopping sites and other web activities"
technology.timesonline.co.uk
February 26, 2007
Securing Storage - Express Computer: "Earlier storage was considered a system peripheral, controlled by a mainframe, midrange or server computer. "
source
Computer dangers that lurk within - Pittsburgh Tribune-Review: "Keeping computer records safe, avoiding identity theft and preventing spam no longer come down to using cutting-edge technology -- they now involve psychology and the courts, according to local computer security experts."
source
Diffie: Privacy Laws Could Hurt the Little Guy - Security Feed - News - CSO Magazine: "not the least bit worried about that, partly because of the law, and partly because the essential point of SSL ... is not about the quality of the cryptography -- about which there’s often some doubt -- but about the fact that the certificate costs enough money that the thieves aren’t putting up a front."
source
February 24, 2007
Update: TJX says Data breach worse than previously believed: "An ongoing investigation of the breach has shown that intruders gained access to TJX systems almost a full-year earlier than first thought -- and compromised more payment card data than previously believed"
source
Toshiba secures quantum key distribution: "Researchers at Toshiba Corp. have developed a method that they say makes it possible -- barring a change in the laws of physics -- to absolutely secure distribution of encryption keys across a network."
source
Technology News: Software: Microsoft Denies Vista to Some Mac Users: "Indeed, last year a security analyst showed how AMD chips with virtualization support made computers vulnerable to such an attack. "
source
Technology News: ID Security: Is That Really You? ID Theft and Authentication, Part 1"A January Gartner (NYSE: IT) research report links fraud losses and phishing threats directly to an erosion of consumer confidence in financial institutions and online transactions in general, noted Kerry Loftus, director of product management and authentication at Verisign."
source
Better Security by Thinking as a Hacker » IT Security Blog: "The approach is quite simple. It is a reverse psychology of sorts since to become a full-proof secure system, ways on how to be able to get over the fences for such walls that have been put off must be severely tested. "
source
Elaborate 'pharming' attack targeted 50 banks: "Once lured to the Web site, an unpatched computer would download a Trojan horse in a file called 'iexplorer.exe,' which then downloaded five additional files from a server in Russia."
source
February 21, 2007
EagleTribune.com, North Andover, MA - Common sense is the best computer security: "The famous Nigerian scam (...) is a con game as old as crime itself. There probably was a variant on this in ancient Babylon. The only thing that's special about the high-tech incarnation is that a spammer can send out a couple of million e-mails with little effort or expenditure, thereby increasing the odds for finding that one sucker who is born every minute."
source
An End to Multiple Identities?: "'They are difficult to issue with a high level of trust,' he said."
source
Snort bug is nothing to sniff at | The Register: "Intrusion detection software packages are the CCTV cameras of the network security world, recording hacking attacks, and (in some well defined cases) blocking potentially hostile traffic."
source
SiliconRepublic.com: Cyber crime strikes Irish businesses: "this month and the headline finding is that 98pc of Irish organisations have experienced some form of cyber crime."
source
CERT's Podcast Series: Security for Business Leaders: "Business leaders need to be prepared to communicate with the media and their staff during a high-profile security incident or crisis."
Crisis Communications During a Security Incidentsource
February 20, 2007
Imperfect Storm aids spammers | The Register: "'In the traditional botnet, if you cut off the head, you kill the beast,' said Dean Turner,"
source
Crypto Expert: Moore's Law fuels app obesity epidemic | InfoWorld | Interview | 2007-02-19 | By Paul F. Roberts: "Cryptography is no mean field. After all, the science was invented by humans for the purpose of concealing information from other humans."
source
February 18, 2007
Israel21c: "Network Access Control (NAC), the holy grail of network security, has become a hot topic."
source
Turkish hacker strikes Down Under | The Register: "iskorpitx is estimated to have made about 180,000 attacks in his career"
source
Chinese police plan to release hacker's Panda worm killer: "A hacker arrested only days ago will be allowed to release a fix for the worm that he helped write, China's state media reported today."
source
Security expert: Make vendors liable for bad code: "Today's more secure credit card systems were 'built because the credit card companies were forced to assume the liability for fraud,' Schneier said today at the opening keynote of the first LinuxWorld OpenSolutions Summit held here this week. 'The trick here is to align responsibilities with capabilities.'"
source
February 17, 2007
Chinese police arrest six for computer virus: "Antivirus specialist Sophos PLC last month described Panda Burning Incense as a 'parasitic virus,' which infects executable files on a PC. When infected, the icon of the executable file changes to an image of a panda holding three sticks of incense -- a traditional way of praying in China."
source
Q&A: PayPal fights back against phishing: "What's your biggest security challenge? Essentially, the most significant issue is phishing."
source
Mobile attacks jumped fivefold in 2006, study says: "The number of security attacks reported by mobile phone operators in 2006 jumped fivefold over the year before, a McAfee Inc. study reported today."
source
Digital Identity: Lessons from Malaysia: "It was one of the world's first smart ID cards, so by now we ought be able to learn some useful lessons from a study of its trajectory."
source
PHP security from the inside | The Register: "Stefan Esser: Well the real story is that when I first reported security holes in PHP there was no security@php contact,"
source
February 13, 2007
Cybercrime calculator targets hackers, terrorists: "The University of New Hampshire has unveiled a tool for gauging the level of threat any would-be attacker poses to the energy, emergency response or other sectors of the U.S. economy and infrastructure that rely heavily on IT and networks."
source
NoNAIS.org » RFID Ink Tracking People: "I reported here about the use of RFID enabled inks for tattoos."
source
U.K. big business fails to destroy old data: "A large proportion of such PCs are shipped to Third World countries, where the information can be used in ID theft scams."
source
Act of God hampers spam | The Register: "Mother Nature may be hitting back at the scourge of spam-filled inboxes, according to IE Internet."
source
German court bans police from spying on PCs | InfoWorld | News | 2007-02-05 | By John Blau, IDG News Service: "Germany's High Court has handed down a landmark decision banning police from installing spyware on computers of suspected criminals without their knowledge."
source
Security gets mainstream attention at RSA | Tech News on ZDNet: "Companies including Oracle, Microsoft, Sun Microsystems, Cisco Systems and Intel are vying for a piece of the pie, which may hurt the smaller industry players, they said."
source
February 04, 2007
Dark Reading - Desktop Security - Schneier: In Touch With Security's Sensitive Side - Security News Analysis: "Schneier says the goal of his talk at RSA is not to discuss security technologies or tactics, but to explain how people think, and feel, about security. 'A lot of the time at RSA, we are just puzzled why people don't secure their computers, and why they behave irrationally. Psychology has a way of explaining this,' he says. 'If we in the [security] industry expect to build products, we need to understand our customers.'"
source
Technology News: Security: Are Hackers Gaining Ground in Malware Wars?: "While hacking used to be about kids defacing Web sites or sending out viruses just to see the effect, most of today's Web attacks are designed to avoid attention and generate profits."
source
Software Security Vulnerabilities Will Continue to Rise in 2007 | Press Releases: "IBM anticipates a continued rise in the sophistication of profit-motivated cyber attacks, including an increased focus on the Web browser and advances in image-based spam."
source
February 03, 2007
Network Security - Malware Attacks Getting Much Worse: "Increasingly, organized crime rings, including many in Russia, China and South America, are behind computer viruses, spam and scams."
source
Technology News: Security: Vista: A False Sense of Security?: "Microsoft claims its restricted access to the operating system's kernel will lock out hackers and malware purveyors."
source
Digital Identity: Vocal support for identity: "[Dave Birch] I saw an interesting presentation about using voice biometrics for password reset, which seemed to work pretty well. "
source
www.hardwarezone.com® :: News Flash At A Glance!: "Singapore, 2 February 2007 -- RSA, The security division of EMC, today released the findings of its fourth annual Financial Institution Consumer Online Fraud Survey. "
source
Call the cops: We're not winning against cybercriminals: "Kaspersky Lab Thursday will acknowledge that cybercriminals have the upper hand and cooperative international policing is needed to protect honest users."
source
Survey: ID fraud in U.S. falls by $6.4B: "But the good news was balanced by results showing that young adults, despite their tech-savviness, are at greater risk for ID fraud, and that a fraud-detection 'digital divide' separating the wealthy and the poor was also emerging, according to Javelin Strategy & Research."
source
February 02, 2007
Security Watch from PC Magazine - Storm Blows Through the Internet: Security Tip - News and Analysis by PC Magazine: "When you're on the road it can be handy to surf the Internet from a kiosk computer or Internet cafe, but it isn't always safe to do so. Hackers love to install keyloggers on such computers."
source
Spam may have been sleazy but it sure wasn't cheap: "An Internet-based provider of sexually explicit entertainment has agreed to pay a $465,000 civil penalty for sending unwanted e-mail, the U.S. Federal Trade Commission announced Tuesday."
source