Internet service providers have the ability to wipe nearly all malicious activity in their network without stepping on individual privacy and civil liberties, said Adam Rice, chief security officer at Mumbai-based Tata Communications. Read the full article. [TechTarget]

Computer scientists and policy experts say that such seemingly innocuous bits of self-revelation on social networking sites like Facebook, Twitter, Flickr, etc. can increasingly be collected and reassembled by computers to help create a picture of a person’s identity, sometimes down to the Social Security number. Read the full article. [NY Times]

Most small business owners have no clue about the threats they face or the liability they assume when banking online, even as the frequency and sophistication of attacks appears to be increasing. Read the full article. [KrebsonSecurity]

In need of a fresh example that cybercriminals are actively looking for ways to monetize infected Mac OS X hosts? Early-stage discussions at several web forums, including a PoC (proof of concept, source code included) Mac OS X blocker as well as potential GUIs for the ransomware, offer an insight into the potential to monetize OS X infected hosts using SMS-based ransomware.

A bogus application that lures Facebook users by falsely offering to show who has been viewing their profile has been exposed as a scam. A researcher warns he has already identified 25 different copies of the same rogue app but using different monikers such as peeppeep-pro, profile-check-online and stalk-my-profile. Read the full article. [The Register]

The latest version of the Zeus do-it-yourself crimeware kit goes to great lengths to thwart would-be pirates by introducing a hardware-based product activation scheme similar to what's found in Microsoft Windows. Read the full article. [The Register]

Reported losses from online fraud more than doubled last year, from $265 million in 2008 to nearly $560 million in 2009, according to figures released Friday by the FBI. Read the full article. [KrebsonSecurity]

Humza Zaman, a co-conspirator in the hack of TJX and other companies, was sentenced Thursday in Boston to 46 months in prison and fined $75,000 for his role in the conspiracy. The sentence matches what prosecutors were seeking. Read the full article. [Wired]

The takedown of 100 servers used to control Zeus-related botnets may be a short-lived victory, security researchers said after discovering that about a third of the orphaned channels were able to regain connectivity in less than 48 hours. The resurrection of at least 30 command and control channels came after their ISP found a new upstream provider to provide connectivity to the outside world, autonomous system records showed. Read the full article. [The Register]

A network frequently used for malware delivery was shut down Wednesday night, probably against the will of its operators. Troyak.org, an Internet service provider well-known for serving Zeus botnets and other malware delivery methods, went dark overnight, resulting in the shutdown of as many as 25 percent of the world's Zeus botnets, according to researchers. Read the full article. [Dark Reading]