Michael Mimoso

Government requests for user account information made to Twitter pale in comparison to the number made to Google, but nonetheless, the number is on the rise according to Twitter’s Transparency Report, released today. Twitter’s report said government requests are generally made in conjunction with some kind of criminal investigation; 815 requests came from the United States government and Twitter complied 69 percent of the time; 57 percent worldwide.

Facebook is serious about its new Graph Search feature, which helps users of the social media site narrowly search for friends with common interests in a much more intuitive fashion than a Google search, for example. Founder Mark Zuckerberg had tagged Graph Search the third Facebook pillar, right alongside the site’s news feed and timeline. So why are security and privacy experts nervous? There’s some serious horsepower behind Graph Search, and there are users whose interests aren’t as benign as finding friends of friends in a particular location who happen to like country music, fine wine and yoga.

GitHub’s search capability remains dark Friday after it was discovered that the code-sharing site’s search feature could be used to dredge up passwords, private crypto keys, and other credentials developers use in their projects.

Several undocumented remote administration backdoors were discovered in a number of Barracuda Networks products that could provide not only the company with access to the affected appliances, but also provide that access to a number of other outside entities.

While every corporate general counsel, CIO and anyone with a CISSP will tell you that hacking back against adversaries is illegal and generally a bad thing to do, there are alternatives that companies can use to gain insight into who is behind attacks, collect forensic evidence and generally confound hackers, perhaps to the point where they veer away from your network.

Charges will be brought today in the U.S. District Court for the Southern District of New York against three men allegedly involved with creating and distributing the Gozi banking Trojan. Gozi infected more than a million computers worldwide, including a handful at NASA, leading to tens of millions of dollars in lost banking funds and damages to computer systems and networks.

Siemens S7 programmable logic controllers, the same PLC family exploited by the Stuxnet malware, are in the crosshairs of a password-cracking tool that is capable of stealing credentials from industrial control systems.