Heartland Payment Systems has agreed to pay $5 million to Discover to settle claims arising from the massive data breach disclosed by the payment processor last year. Read the full article. [Computerworld]

Shorten URL: . Click to copy to clipboard or post to Twitter

The Norwegian University of Science and Technology (NTNU) and the University of Erlangen-Nürnberg together with the Max Planck Institute for the Science of Light in Erlangen have recently developed and tested a technique exploiting imperfections in quantum cryptography systems to implement an attack. Read the full article. [Science Daily]

Shorten URL: . Click to copy to clipboard or post to Twitter

Organized cyber thieves stole more than $600,000 from the Catholic Diocese of Des Moines, Iowa earlier this month with the help of dozens of unwitting co-conspirators hired through work-at-home job scams, at least one of whom was told the money was being distributed to victims of the Catholic Church sex abuse scandals. Read the full article. [KrebsonSecurity]

Shorten URL: . Click to copy to clipboard or post to Twitter

According to the developers, the latest release of the free SSH connectivity tools include a number of bug fixes and several new features. Read the full article. [The H Security]

Shorten URL: . Click to copy to clipboard or post to Twitter

In this video from the OWASP AppSec Research conference in Sweden, security researcher Ivan Ristic of Qualys discusses practical methods for breaking SSL.

Shorten URL: . Click to copy to clipboard or post to Twitter

Penn State researchers managed to identify the pass code patterns on two Android smartphones (the HTC G1 and the HTC Nexus One), 68 percent of the time using photographs taken under different lighting conditions, and camera positions. Read the full article. [ZDNet]

Shorten URL: . Click to copy to clipboard or post to Twitter

Digital Underground podcast with Dennis Fisher

Dennis Fisher talks with Alex Hutton of the Verizon Business RISK team about the new Data Breach Investigations Report, the involvement of the Secret Service in this year’s report and the need for more and better data on attacks and successful defenses.

Shorten URL: . Click to copy to clipboard or post to Twitter

digital_underground_67.mp3

A password of less than seven characters will soon be "hopelessly inadequate" even if it contains symbols as well as alphanumerical characters, according to computer scientists at the Georgia Tech Research Institute. Read the full article. [The Register]

Shorten URL: . Click to copy to clipboard or post to Twitter

A non-profit group that tracks malicious activity online has just started a new free service that enables users to check executable files against a database of known good applications and to help determine whether a given file is malicious.

Shorten URL: . Click to copy to clipboard or post to Twitter

A 15-year-old vulnerability in technology used to authenticate users on Windows and Unix networks continues to put the organizations that rely on it at risk, said a researcher. Read the full article. [The Register]

Shorten URL: . Click to copy to clipboard or post to Twitter