About
"Distrust and caution are the parents of security" - Benjamin Franklin
The U.S. Federal Trade Commission on Tuesday settled charges against two companies, Ceridian Corporation and Lookout Services, Inc., provided they implement an ample information security program and agree to have audits performed on their company every other year for 20 years.
Mozilla has released the first update to their Firefox browser since making Firefox 4 available in March. Firefox 4.0.1 fixes three security and stability issues, two that are rated critical.
The Cold War ended more than two decades ago, but Russia and the U.S. are still rivals. Now the two countries have agreed to some rules of the road for the next theater of conflict: cyber warfare.
Officials from the Department of Health and Human Services’ Office for Civil Rights have revised their list of healthcare information breaches over the past month to include 16 additional incidents, according to a GovInfoSecurity.com report.
The ongoing controversy over a hidden feature in Apple iPhones that tracks and stores the whereabouts of the phone became a bit murkier, after an analysis by the Wall Street Journal found that Apple may not be abiding by its own user privacy agreement by continuing to track its customers’ whereabouts even after location services on its iPhones have been.
Confidential Information about the nation’s nuclear
stockpile could be at risk according to an audit of Lawrence
Livermore National Laboratory issued by the Department of Energy (DOE) earlier
this week.
The audit (.PDF) found the government-funded Bay Area-lab failed to effectively implement its security system. Three of four security plans reviewed were
incomplete and some system changes made within the lab were done without the consent of federal officials.
The Oak Ridge National Laboratory, a science and technology complex that houses one of the world’s fastest computers, was forced to suspend Internet access and e-mail capabilities for employees on Friday in response to what has been described as a targeted phishing attack, according to Computerworld.
Barracuda Networks found themselves the victim of an SQL injection
attack over the weekend. The breach did not affect any financial
information but did compromise a database containing the names and
e-mails of some of the company’s partners, employees and leads.
The takedown of the Mariposa botnet is an example of both the possibilities and complications facing law enforcement around the world as they work to stamp out botnets. A cyberlaw enforcement success story, the take down of Mariposa by Spanish authorities in December, 2009, followed months of work analyzing the botnet, which numbered close to 13 million infected computers at its height and generated €20,000 a month in revenues.
The takedown of Mega-D, also known as Ozdok, was spearheaded by researchers at anti-botnet firm FireEye. The botnet, a byproduct of PC infections linked to the Mega-D Trojan, comprised tens of thousands of machines and was responsible for sending out a large portion of the spam on the Internet–at some points north of 30 percent. By March, 2010, researchers had identified the botnet and had a good handle on its command-and-control structure. Researchers at FireEye then worked with Internet Service Providers (ISPs) to take the servers offline.
Infosec Insider content is written by a trusted community of Threatpost cybersecurity subject matter experts. Each contribution has a goal of bringing a unique voice to important cybersecurity topics. Content strives to be of the highest quality, objective and non-commercial.
Sponsored Content is paid for by an advertiser. Sponsored content is written and edited by members of our sponsor community. This content creates an opportunity for a sponsor to provide insight and commentary from their point-of-view directly to the Threatpost audience. The Threatpost editorial team does not participate in the writing or editing of Sponsored Content.
