In this wide ranging interview, cryptographer, Taher Elgamal, chief security officer of Axway Inc. and  initial driving force behind SSL, explains how applications may be better adapted to defend against attacks and how cloud computing may alter data protection and authentication. Read the full article. [TechTarget]

Cybercriminals are using a fake Windows Update installation dialogue box to sell a bogus security product called Anti-malware Defender, security researchers have warned. Read the full article. [Computer Weekly]

By Danny Tijerina

Last week at the RSA Conference, my colleague Derek Brown and I, presented findings from a research project titled MOBOTS: Pocketful of Pwnage, which was designed to show how easy it would be to create a large mobile botnet. Please note that we did not actually create a botnet; we simply presented results of two different experiments that showed how easy it would be to create one.

By Stefan Tanase

Yesterday's shut down of Troyak-as was definitely good news for the whole IT security community. Seeing cybercriminals getting kicked out from the Internet and then trying to get back inside calls for popcorn and soda.

But unfortunately, as some botnets struggle, others stay unaffected: Koobface, for example, which uses compromised legitimate websites as proxies for their main command and control server.

An Estonian virus writer has been jailed for two and a half years for creating a Windows worm family that launched denial of service attacks on the websites of a local insurance firm and ISP. Read the full article. [The Register]

Pennsylvania's chief information security officer, Robert Maley, has been fired, apparently for talking publicly at the RSA security conference last week about a recent incident involving the Commonwealth's online driving exam scheduling system. Read the full article. [Computerworld]

Using obvious clues from a McAfee blog post, an Israeli hacker was able to pinpoint the latest Internet Explorer zero-day vulnerability and create working exploit code.

The exploit code, which provides a clear roadmap to launch drive-by download attacks against IE 6 and IE 7 users, is being fitted into the Metasploit point-and-click tool.

Malicious hackers have pounced on a newly patched Adobe PDF Reader vulnerability to plant Trojan downloaders on tardy Windows users.

According to researchers in Microsoft's malware protection center, the vulnerability (CVE-2010-0188) was patched less than a month ago, proving that malicious hackers are quick to find fresh targets for malware.

WhitePages.com has stopped ad networks from delivering ads to its site after they were found to contain fake antivirus malware. Visitors to the Drudge Report, The New York Times, the San Francisco Chronicle, and other Web sites were found to be delivering ads containing malware last year. Read the full article. [CNet]

A Cambridge University study has shown how easy it is to guess the answer to common questions, such as someone's mother's maiden name. It found attackers will be able to break into 1 in 80 accounts if they get three chances to guess answers. Read the full article. [BBC]