The Register - Security

• Microsoft wins court order crushing mighty spam botnet
• Adobe Reader 0day under active attack
• Safari and Firefox updates plug critical holes
• UK hacker fined for personnel database mischief
• Privacy watchdogs challenge laptop seizures at US borders
• Twitter bug creates account hijacking peril
• Scammers seize on tax rebates as phishing lure
• Spammers exploit another Facebook flaw
• TechCrunch purges Zeus malware attack
• MS probes mystery IE bug
• Symantec finally secures HackIsWack
• iPad scammers hack Kirstie Allsopp's Twitter
• Browser security warning lookalike pushes malware
• USB stick with anti-terror training found outside police station
• Google pays $8.5m to settle Buzz privacy invasion suit
• Nigerian man gets 12 years for $1.3m 419 scam
• Spammers latch onto Ping to pump iPhone survey scams
• Symantec Snoop Dogg rap contest site rickrolled
• Phone bugging scandal reignited as NotW suspends reporter
• Microsoft freshens retro code lock-down tool
• iTunes update plugs WebKit flaw
• Symantec and Snoop Dogg launch cybercrime rap contest
• Cyber-jihadists deface home of teddy bears' picnic
• Feds crack phone clone scam that cost Sprint $15m
• Microsoft releases FixIt for critical flaw in 100 apps
• Survey scammers serve up supposed shelter from survey scams
• Russian cops cuff 10 ransomware Trojan suspects
• Hardware hackers defeat quantum crypto
• CarderPlanet founder charged in $9.4m RBS WorldPay hack
• Judge bashes warrantless cellphone tracking
• Fake TweetDeck update lures prompt password resets
• Crooks said swiped church funds were for sex crime victims
• Scotch tape maker buys biometric tech firm
• E-voting critic released on bail (finally)
• Apple QuickTime backdoor creates code-execution peril
• Once-prolific Pushdo botnet crippled
• Police extend detention of e-voting critic
• Pro-Palestine hackers spraypaint gov training quango
• Apple kills Jailbreakme Mac bug
• Wikileaks publishes secret CIA memo
• Pentagon confirms attack breached classified network
• Home Office unveils new UK passport
• Firefox, uTorrent, and PowerPoint hit by Windows DLL bug
• Skeletal scanner would ID terrorists from 50 meters
• Microsoft ID guru slams 'duplicitous' Apple
• Alleged bad Appler stashed $150,000 in shoeboxes
• McAfee re-issues fake visa waiver virus warning
• Microsoft confirms code-execution bug in Windows apps
• Nokia Siemens slammed for supplying snoop tech to Iran
• Halo: Reach leaked to net 3 weeks before release

CNET News.com

Tech news and business reports by CNET News. Focused oninformation technology, core topics include computers, hardware, software,networking, and Internet media..

• Adobe warns of zero-day hole in Reader, Acrobat

Critical vulnerability could allow an attacker to take control of a computer, company says, and no patch is available yet.

• Antivirus isn't dead--it's growing up

Despite longtime diagnoses that antivirus software is doomed, security will become a service for mobile devices, experts predict.

• Mozilla fixes Firefox holes, curtails clickjacking

Along with the security fixes, Firefox 3.6.9 gets a new feature to help Web developers reduce clickjacking risks. Also: Chrome 6 gets bug fixes.

• Norton's new Power Eraser goes free

The tool for removing aggressive malware is part of Symantec's 2011 refresh to its Norton consumer security suites.

• Study: Two-thirds of Web surfers fall prey to online crime

Survey finds China, Brazil, India, and the U.S. at top of list of countries with the most cybercrime victims.

• Trend Micro bets on the cloud

Trend Micro revamps its consumer-protection suites by wagering heavily on cloud-based protection, creating security suites that the company claims are faster at detection and lighter on system resources.

• Court allows warrantless cell location tracking

Philadelphia appeals court rules that no search warrant is needed for police to track Americans' cell phone whereabouts but says individual judges can "sparingly" require one.

• Facebook closes hole that let spammers auto-post to walls, friends

Social-networking site plugs a second hole that allowed spammers to automatically post to people's pages.

• Apple's Ping dinged by spam

The new iTunes-based social network is getting hit by comment spam since Apple apparently left it vulnerable through a lack of spam- or URL- filtering, according to Sophos.

• U.N. exec: Cyberwar could be 'worse than tsunami'

Proposal for a global "cyberpeace" treaty has met "a lot of resistance" from industrialized nations, says head of U.N.'s International Telecommunication Union.

DarkReading - All Stories
• String Of Deals Shows Demand for Cloud-Based Authentication
• Tech Insight: Retooling Vulnerability Scanning, Penetration Testing For IPv6
• Five Ways To Stop Mass SQL Injection Attacks
• IPv6 Transition Poses New Security Threats
• Networked Scanners Offer A Window Into The Enterprise, Researcher Says
• U.S. Businesses Could Lose Up To $1 Billion In Online Banking Fraud This Year
• Product Watch: Verizon, VMware Team Up With Hybrid Cloud Service
• Could USB Flash Drives Be Your Enterprise's Weakest Link?
• Delaware Contractor Mistakenly Posts Personal Data Of 22,000 Employees
• IBM Corrects Unpatched Vulnerability Numbers After Google Challenge
• Major Disruption of Pushdo Botnet Wasn't The Original Goal
• China, Taiwan Nab 450 Suspects In Biggest Fraud Raid Ever
• Four Best Practices For Tokenization
• Mariposa Botnet Operators Didn't Bite In 'Cookie-Stuffing' Offer
• Careful With That Third-Party Web Widget
• California Legislation Would Require Companies To Specify The Data Exposed In Breaches
• DNSSEC Will Drive Certificate Market
• Mobile Devices Threaten Enterprises From Within
• United Nations Website Contains SQL Injection Flaws Three Years After Hack, Researcher Says
• Tech Insight: Using Network Segmentation And Access Control To Isolate Attacks
• Tiger Team Sends DHS Suggestions On How To Better Safeguard Patient Privacy
• Intel To Purchase McAfee For $7.68 Billion In Cash
• Slideshow: Fashion Statements from DEFCON 2010
• Researcher Cracks ReCAPTCHA
• Ferreting Out Rogue Access Points And Wireless Vulnerabilities
• Mass Drive-By Attack Used Web Widget
• Inside Verizon's Insider Threat Data
• Six Healthcare Data Breaches That Might Make Security Pros Sick
• A Peek At The Next Version Of PCI
• Small And Midsize Businesses Look For Ways To Cut Compliance Costs
• Six Florida Colleges Victims Of Widespread Data Breach
• New Mobile Security Threat: Fingerprint Oil
• Targeted Attack Nets 3,000 Online Banking Customers
• Healthcare Suffers More Data Breaches Than Financial Services So Far This Year
• Microsoft Investigates New Zero Day Reported In Windows Kernel
• Flawed Deployments Undermine Kerberos Security
• Tech Insight: Building The Right Defense Against Social Engineering
• Social Engineers Successfully Gather Info
• Slide Show: Barnaby Jack Hits The Jackpot With ATM Hack
• Holy Zeus! Popular Botnet Rules As New Exploits Come Online
• Cloud-Based Denial Of Service Attacks Looming, Researchers Say
• Researchers Throw Down Vulnerability-Disclosure Gauntlet
• Majority Of IS Pros OK With Government Online Spying: Sophos
• Building Botnets For Fun And Profit
• Ghost In The Machine: Database Weaknesses Expose SAP Deployments
• Researcher Reads RFID Tag From Hundreds Of Feet Away
• Metasploit To Get More Powerful Web Attack Features
• Researcher Intercepts GSM Cell Phones During Defcon Demo
• Former NSA, CIA Director Says Intelligence-Gathering Isn't Cyberwar
• Most SSL Sites Poorly Configured

Microsoft Security Bulletins

• MS10-060 - Critical: Vulnerabilities in the Microsoft .NET Common Language Runtime and in Microsoft Silverlight Could Allow Remote Code Execution (2265906)
• MS10-059 - Important: Vulnerabilities in the Tracing Feature for Services Could Allow Elevation of Privilege (982799)
• MS10-058 - Important: Vulnerabilities in TCP/IP Could Allow Elevation of Privilege (978886)
• MS10-057 - Important: Vulnerability in Microsoft Office Excel Could Allow Remote Code Execution (2269707)
• MS10-056 - Critical: Vulnerabilities in Microsoft Office Word Could Allow Remote Code Execution (2269638)
• MS10-055 - Critical: Vulnerability in Cinepak Codec Could Allow Remote Code Execution (982665)
• MS10-054 - Critical: Vulnerabilities in SMB Server Could Allow Remote Code Execution (982214)
• MS10-053 - Critical: Cumulative Security Update for Internet Explorer (2183461)
• MS10-052 - Critical: Vulnerability in Microsoft MPEG Layer-3 Codecs Could Allow Remote Code Execution (2115168)
• MS10-051 - Critical: Vulnerability in Microsoft XML Core Services Could Allow Remote Code Execution (2079403)
• MS10-050 - Important: Vulnerability in Windows Movie Maker Could Allow Remote Code Execution (981997)
• MS10-049 - Critical: Vulnerabilities in SChannel could allow Remote Code Execution (980436)
• MS10-048 - Important: Vulnerabilities in Windows Kernel-Mode Drivers Could Allow Elevation of Privilege (2160329)
• MS10-047 - Important: Vulnerabilities in Windows Kernel Could Allow Elevation of Privilege (981852)
• MS10-046 - Critical: Vulnerability in Windows Shell Could Allow Remote Code Execution (2286198)
• MS10-045 - Important: Vulnerability in Microsoft Office Outlook Could Allow Remote Code Execution (978212)
• MS10-044 - Critical: Vulnerabilities in Microsoft Office Access ActiveX Controls Could Allow Remote Code Execution (982335)
• MS10-043 - Critical: Vulnerability in Canonical Display Driver Could Allow Remote Code Execution (2032276)
• MS10-042 - Critical: Vulnerability in Help and Support Center Could Allow Remote Code Execution (2229593)
• MS10-041 - Important: Vulnerability in Microsoft .NET Framework Could Allow Tampering (981343)
• MS10-040 - Important: Vulnerability in Internet Information Services Could Allow Remote Code Execution (982666)
• MS10-039 - Important: Vulnerabilities in Microsoft SharePoint Could Allow Elevation of Privilege (2028554)
• MS10-038 - Important: Vulnerabilities in Microsoft Office Excel Could Allow Remote Code Execution (2027452)
• MS10-037 - Important: Vulnerability in the OpenType Compact Font Format (CFF) Driver Could Allow Elevation of Privilege (980218)
• MS10-036 - Important: Vulnerability in COM Validation in Microsoft Office Could Allow Remote Code Execution (983235)

Moreover Technologies - Personal data privacy news - 30 of 1163 returned

• High Growth Stock Alerts Up 625% - Sponsored Link
• CYBERCOM Chief: America Must Secure the Internet, Safeguard Citizens’ Privacy Online
• Content Insider #151 - Privacy
• Echelon pitches smart grid apps platform
• Consumer Watchdog posts new video to promote privacy
• Ruling Tosses Location Privacy Issues Deeper Into Gray
• Interview: Microsoft's chief privacy officer on the challenge of e-identity
• Content Insider #151 - Privacy
• Which Survey Service Offers Better Privacy?
• Tossing Your Cookies: The Privacy Implications of Context-Aware Agents
• Tossing Your Cookies: The Privacy Implications of Context-Aware Agents
• First Orion Announces PrivacyStar 2.0 for BlackBerry Smartphones
• Echelon overhauls smart grid tech, takes first order for same
• Privacy 9/11: Companies, Consumers Should Prepare Now
• Interview: Microsoft's chief privacy officer on the challenge of e-identity
• Mark Rasch Joins CSC as Director, Cybersecurity and Privacy Consulting
• Duke Energy to Deploy New Echelon Edge Control Node Running Echelon Control SystemEchelon's ECoS provides an open and secure application framework for monitoring and controlling devices at the edge of the grid - the critical point where the distr...
• Echelon Transforms the Electric Grid with Intelligent Distributed Control ApplicationsEchelon's ECoS will run throughout the edge of the grid on the new Edge Control Node (ECN) 7000 series of open and extensible hardware solutions. (Graphic: Busi...
• Mark Rasch Joins CSC as Director, Cybersecurity and Privacy Consulting
• Azerbaijani Cabinet of Ministers approves regulations to protect personal data
• Mobile and Online Media Veteran Mark Connon Joins Umber Systems as Corporate Development and Chief Privacy Officer
• Turkish General Staff refutes wiretap allegations
• Duke Energy to Deploy New Echelon Edge Control Node Running Echelon Control SystemEchelon's ECoS provides an open and secure application framework for monitoring and controlling devices at the edge of the grid - the critical point where the distr...
• Mark Rasch Joins CSC as Director, Cybersecurity and Privacy Consulting
• Echelon Transforms the Electric Grid with Intelligent Distributed Control ApplicationsEchelon's ECoS will run throughout the edge of the grid on the new Edge Control Node (ECN) 7000 series of open and extensible hardware solutions. (Graphic: Busi...
• Mark Rasch Joins CSC as Director, Cybersecurity and Privacy Consulting
• Mark Rasch Joins CSC as Director, Cybersecurity and Privacy Consulting
• Mobile and Online Media Veteran Mark Connon Joins Umber Systems as Corporate Development and Chief Privacy Officer
• Canada: Proposed Amendments to the Personal Information Protection and Electronic Documents Act : Relief is on the Way for M&A Transactions - Gowling Lafleur Henderson LLP
• NY Lawsuit to Stop Electronics Snooping
• Duke Energy to Deploy New Echelon Edge Control Node Running Echelon Control System