InfoSec News

Court documents released on Thursday related to indictments over a massive international financial cybercrime operation provide a fascinating -- if scary -- glimpse into how the crooks operated within the U.S.
 
Nothing miraculous has transformed Leo Apotheker since his old school ways failed to energize SAP employees or customers during his brief stint as CEO. Apotheker is not the best choice--even if HP has designs on enterprise software or SAP itself.
 
Initial reactions to HP's appointment of Leo Apotheker as its new CEO has been double-takes. But what's clear from the move is that Oracle is in its sights.
 
In its continuing attempts to make the Web faster, Google is trimming down the size of image files, which make up about 65% of the bytes on the Web.
 
U.S. authorities dealt a significant blow to the most successful computer crime organization this week, but it's unclear whether the masterminds behind the Zeus malware will ever be brought to justice.
 
Hewlett-Packard has named Leo Apotheker, a former CEO of SAP, to be its new chief executive, replacing Mark Hurd who resigned abruptly last month in the midst of a scandal.
 
Pedro Bueno (pbueno /%%/ isc. sans. org) Twitter: http://twitter.com/besecure (c) SANS Internet Storm Center. http://isc.sans.org Creative Commons Attribution-Noncommercial 3.0 United States License.
 
Two U.S. lawmakers have introduced legislation that would ban the export of broken electronic waste products from the country in an effort to reduce the recycling of dangerous materials in unsafe overseas facilities.
 
HP has named Leo Apotheker, a former CEO of SAP, to be its new chief executive, replacing Mark Hurd who resigned abruptly last month in the midst of a scandal.
 
Kaiser Permanente said it has donated to the U.S. government and an international standards organization its medical terminology dictionary and translation engine in the hopes that it might spur the adoption of electronic medical records.
 
Are we winning or losing the war on spam? Is there more or less spam in your inbox now than there was five years ago? Experts diagree.
 
Security researchers today offered another tantalizing clue about the possible origins of the notorious Stuxnet worm, but cautioned against reading too much from the obscure tea leaves.
 
Google is reportedly set to announce that it has developed a JPEG alternative that should speed up the Web.
 
The update to Windows Live now includes photo editing and other features.
 
HP has named Leo Apotheker, a former CEO of SAP, to be its new chief executive, replacing Mark Hurd who resigned abruptly last month in the midst of a scandal.
 
Microsoft today released its latest emergency patch to its Windows Update distribution service, making good on a promise earlier this week.
 
Microsoft may be one of the only remaining mobile operating-system providers that charges handset makers a licensing fee, but in exchange vendors get at least one important benefit: protection from intellectual property worries.
 
Sprint Nextel CEO Dan Hesse and two other Sprint executives have resigned from the board of Clearwire "out of an abundance of caution" after Clearwire raised concerns about possible antitrust issues, Clearwire said.
 
Computerworld lists five reasons why proposals and legislation aimed at limiting the outsourcing of U.S. jobs are likely to fail.
 
Despite what had been growing excitement about the semiconductor market this year, one research company is lowering its chip revenue forecast for 2010.
 
Apple this week added to its attack on Nokia over patent violations by filing a lawsuit in the U.K., alleging multiple counts of infringement.
 
U.S. authorities have charged more than 60 people in connection with the money-stealing Zeus Trojan program, according to the U.S. Department of Justice.
 
A network neutrality proposal floated by Democratic members of the U.S. House Energy and Commerce Committee this week stalled after a top Republican declined to support it.
 
U.S. authorities have charged more than 60 people in connection with the money-stealing Zeus Trojan program, according to the U.S. Department of Justice.
 

Wikileaks founder could face prosecution over US military document release
ComputerWeekly.com
... represented "a potential force protection, counterintelligence, operational security (OPSEC), and information security (INFOSEC) threat to the US Army".

and more »
 
Eleven Eastern Europeans arrested earlier this week for their alleged involvement in a computer hacking and money laundering scheme were denied bail in the U.K. on Thursday.
 
Businesses that experienced a network outage suffered more than $1.7 billiion in profit loss, despite having business continuity and disaster recovery plans in place.

Add to digg Add to StumbleUpon Add to del.icio.us Add to Google

Disaster recovery - Business - Emergency management - Fire and Security - Business Services
 
The Stuxnet Trojan remains a threat to a small group of critical infrastructure facilities, but experts say future malware writers may attempt to copy its processes.

Add to digg Add to StumbleUpon Add to del.icio.us Add to Google

Malware - Critical infrastructure - Organizations - Security - Malicious Software
 
If you're looking for power in a laptop, you've found it--the Dell Precision M6500 is about as powerful as modern desktop replacement laptops get. The M6500 has a number of features that you won't find anywhere else: support for up to four memory DIMM slots (holding up to 32GB of RAM); over 1TB of hard-drive storage space; and a 17-inch, 1920-by-1200-pixel screen.
 
Fact: Your Windows PC is slowing down. Maybe it takes longer to boot up or shut down. Perhaps the hard drive grinds in the background constantly. Or maybe launching an application takes much longer than it once did. And although Windows 7 is speedier than previous versions, it can still become sluggish, particularly if you install and uninstall a lot of applications.
 
The Stuxnet Trojan remains a threat to a small group of critical infrastructure facilities, but experts say future malware writers may attempt to copy its processes.

Add to digg Add to StumbleUpon Add to del.icio.us Add to Google

Malware - Critical infrastructure - Organizations - Security - Malicious Software
 
Intel will not position its Atom processor for the server market, even as some vendors are building servers around collections of hundreds of low-power Atom processors, a company executive said.
 
SugarCRM has repackaged its open-source, browser-based customer relationship management platform to make it easier for other vendors to put their own brand on products and services built with SugarCRM, the company announced Thursday. But it is also working on a native iPhone app that will put the brand under the noses of many more users.
 
The first units of Nokia's N8 have left factories in China and Finland, and the smartphone will become broadly available in the coming weeks, the company said on Thursday.
 
Google CEO Eric Schmidt said the future of search will be autonomous, which means that Google eventually will offer you search results even before you've looked for them.
 
Traditionally outsourced, e-discovery is now such an everyday request by business users that more companies are finding it makes sense to move the function under IT's control.
 
What does the world's wealthiest man do when he can't tweet? For Bill Gates, a trip to China this week has meant a jump to a Chinese micro-blogging platform.
 
A free Android application to be unveiled on Thursday at the Mobilize conference in San Francisco will let mobile phone users send and receive text messages without touching or looking at the phone.
 
Digg, the pioneering social news site whose traffic has been faltering, is poised to make a comeback, now that the company is again focused on improving and extending its service, Digg founder Kevin Rose said Wednesday.
 
How to configure Microsoft's new Windows operating system to beat malware and keep data secure
 
InfoSec News: Microsoft to issue emergency patch for ASP.Net vuln: http://www.theregister.co.uk/2010/09/27/asp_dot_net_padding_oracle_fix/
By Dan Goodin in San Francisco The Register 27th September 2010
Microsoft will release an emergency patch on Tuesday that plugs a security hole in a variety of its web developer tools that has been [...]
 
InfoSec News: Biggest insider threat? Sys admin gone rogue: http://www.networkworld.com/news/2010/092710-insider-threats.html
By Ellen Messmer Network World September 27, 2010
What's one of the biggest insider threats to the corporate network? The high-tech folks that put it together, make changes to it, and know more [...]
 
InfoSec News: British Raid Nabs 19 Suspects in $9 Million Online Bank Heist: http://www.wired.com/threatlevel/2010/09/zeus-raid/
By Kim Zetter Threat Level Wired.com September 29, 2010
In a rash of dawn raids, police in the United Kingdom nabbed 19 people suspected of stealing more than $9 million from online bank accounts, according to reports. [...]
 
InfoSec News: ASIO files found in drug raid: http://www.theage.com.au/national/asio-files-found-in-drug-raid-20100928-15vva.html
By Nick McKenzie and Richard Baker The Age September 29, 2010
A CACHE of secret files stolen from ASIO and police and anti-corruption agencies has been discovered during a drug raid in Melbourne, raising [...]
 
InfoSec News: Backchannel Chatter: DHS badges don’t get no respect: http://blog.washingtonpost.com/spy-talk/2010/09/backchannel_chatter_dhs_badges.html
By Jeff Stein Spy Talk The Washington Post September 29, 2010
More than seven years after 22 agencies were squished together to create the Department of Homeland Security, togetherness remains a dream. [...]
 
They worked as Web designers, supermarket workers, day laborers, some were unemployed. But U.K. police say that the group of Eastern Europeans,picked up in early morning raids Tuesday also made millions by operating a network of bank-robbing Trojan horse programs.
 

Posted by InfoSec News on Sep 30

http://www.theregister.co.uk/2010/09/27/asp_dot_net_padding_oracle_fix/

By Dan Goodin in San Francisco
The Register
27th September 2010

Microsoft will release an emergency patch on Tuesday that plugs a
security hole in a variety of its web developer tools that has been
under active attack for more than a week.

The vulnerability in ASP.Net applications allows attackers to decrypt
password files, cookies, and other sensitive data that is...
 

Posted by InfoSec News on Sep 30

http://www.networkworld.com/news/2010/092710-insider-threats.html

By Ellen Messmer
Network World
September 27, 2010

What's one of the biggest insider threats to the corporate network? The
high-tech folks that put it together, make changes to it, and know more
about what's on it and how it works than anybody else.

When the database, network or systems administrator goes rogue --
stealing data, setting up secret access for themselves, even in...
 

Posted by InfoSec News on Sep 30

http://www.wired.com/threatlevel/2010/09/zeus-raid/

By Kim Zetter
Threat Level
Wired.com
September 29, 2010

In a rash of dawn raids, police in the United Kingdom nabbed 19 people
suspected of stealing more than $9 million from online bank accounts,
according to reports.

The suspects -- 15 men and 4 women ranging in ages 23 to 47-- are
believed to be part of an East European gang that allegedly used the
ubiquitous Zeus malware to infect...
 

Posted by InfoSec News on Sep 30

http://www.theage.com.au/national/asio-files-found-in-drug-raid-20100928-15vva.html

By Nick McKenzie and Richard Baker
The Age
September 29, 2010

A CACHE of secret files stolen from ASIO and police and anti-corruption
agencies has been discovered during a drug raid in Melbourne, raising
fears of a major breach of national security and crime intelligence.

Police are investigating whether the former head of intelligence and
phone tapping at...
 

Posted by InfoSec News on Sep 30

http://blog.washingtonpost.com/spy-talk/2010/09/backchannel_chatter_dhs_badges.html

By Jeff Stein
Spy Talk
The Washington Post
September 29, 2010

More than seven years after 22 agencies were squished together to create
the Department of Homeland Security, togetherness remains a dream.

Take security badges. Early last year a study showed that most agencies
had just begun to implement Homeland Security Presidential Directive 12,
which...
 
iPass unveiled an application Thursday designed to give Android smartphone users secure connections to 150,000 Wi-Fi hotspots globally
 

Internet Storm Center Infocon Status