New Mass Data Security Law Come March

Beginning in March, personal identifiable data of customers and employees in Massachusetts will be required to be encrypted on any mobile device such as laptops or portable USB drives. Read the full article. [EnterpriseNews]

FDA Trying to Close Fake Prescription Sites

The U.S. Food and Drug Administration is pressuring a number of Internet service providers to shut off nearly 12 dozen Web sites alleged to be selling counterfeit or unapproved prescription drugs. The agency said none of the sites represent pharmacies located in the United States or Canada, as most claim. Read the full article. [Washington Post]

Kryogeniks Indicted for Comcast Hack

Three alleged members of the hacker gang Kryogeniks were hit with a
federal conspiracy charge for a 2008 stunt that replaced
Comcast’s homepage with a shout-out to other hackers. Prosecutors identified Christopher Allen Lewis, 19, and James Robert
Black Jr., 20, as the hackers “EBK” and “Defiant,” known for hijacking
Comcast’s domain name in May of last year — a prank that took down the
cable giant’s homepage and webmail service for more than five hours,
and allegedly cost the company over $128,000. Read the full article. [Wired] Read the Federal indictment.

Microsoft today denied that it has built a
backdoor into Windows 7, a concern that surfaced yesterday after a
senior National Security Agency (NSA) official testified before
Congress that the agency had worked on the operating system. “Microsoft has not and will not put ‘backdoors’ into Windows,” a company spokeswoman said. Read the full article. [Computerworld]

The Federal Trade Commission has charged those behind the shady online
check service Qchex with contempt, and wants daily fines imposed on
them until they give up the ghost. The group has launched a new site—a
Qchex clone—with the same questionable policies that made Qchex a
“dinner bell for fraudsters.” This has left the FTC fuming, and it
wants the site’s operators to quit helping criminals rip people off—now. Read the full article. [Ars Technica] Read the FTC complaint. 

It’s not a very good day when a security report concludes: Disruptive cyber activities expected to become the norm in future political and military conflicts. But such was the case as the Government Accountability Office took yet another critical look at the US federal security systems and found most of them lacking. Read the full article.

Authorities in the U.K. have arrested two people in connection with using a notorious Trojan in a scheme to steal online banking information. The man and the woman, both 20, were arrested by the Metropolitan Police Service in Manchester, according to police. The duo is accused of using the Zeus Trojan, also known as Zbot, in a plot to steal information. It is believed the Trojan was configured to record victim’s online bank account information and passwords, as well as credit card numbers and other information. Read the full article. [eWEEK]

Computer systems with proper security and network controls should be able to withstand about 80 percent of known cyberattacks, according to a senior National Security Agency official. Richard Schaeffer Jr., the NSA’s information assurance director, told the Senate Judiciary Committee’s Terrorism and Homeland Security Subcommittee that three measures in particular are especially effective: “Best practices, proper configurations [and] good network monitoring.” Read the full article. [Government Computer News]

Technologists already are worried about the security implications of linking nearly all elements of the U.S. power grid to the public Internet. Now, privacy experts are warning that the so-called “smart grid” efforts could usher in a new class of concerns, as utilities begin collecting more granular data about consumers’ daily power consumption. Read the full article. [Washington Post]

Subscribe to our newsletter, Threatpost Today!

Get the latest breaking news delivered daily to your inbox.