RSS Alerts

Related Links

Related Stories

  • Weekly Brief - July 6 2009
    Techniques, Tools, Concerns, Crimes, and Crashes
  • Information Security: Read All About It
    Ill news travels quick and far, or so the saying goes. But how well is security-related news covered in the press, and what are people writing about? Danny Bradbury investigates
    Members' Content
  • Battle of the Internet Browsers
    Browsers are the hacker’s window into your PC – but how are they compromised, and what are vendors doing to harden them? Danny Bradbury examines the techniques vendors are employing, and looks at why user education is one of the primary solutions for increased security
  • Infosecurity weekly brief - September 15, 2009
    Breaches, threats, protections and security directions - we summarise what's been happening in the world of information security over the past week.
  • US standards drive Canadian information security
    An absence of legislation and the presence of the laissez-faire attitude has resulted in Canada being rather lax when it comes to information security compliance. Robin Arnfield looks at how US standards are driving the Canadian information security marketplace

News

Weekly Brief - June 8 2009

08 June 2009

Information security: Privacy, enforcement, attacks, and defenses

Privacy

The Electronic Frontier Foundation has launched TOSBack, a site designed to track terms of service conditions for major websites.

The Electronic Privacy Information Center has submitted comments to a Department of Homeland Security review on the US Government's use of social media.

Sears has settled charges that it sneaked software onto customers' machines from web research firm ComScore. The software would monitor their online activities and feed the information back to the retail giant.

Enforcement

The Federal Trade Commission (FTC) has shut down internet service provider Pricewert, which it says has been hosting botnets, phishing sites, and child porn, among other online nasties. Pricewert is gearing up for a fight.

Attacks

Penetration testing tool company Immunity has commercialized an attack that enables software in a virtual machine to punch out of the virtual sandbox and attack its host.

Investigators from Trustwave say that Eastern European gangs have been infecting ATM machines with malware that allowed them to steal cash. The breaches are probably inside jobs because physical access to the ATM is needed.

According to a report from Microsoft, the size of the underground economy that trades stolen personal information via IRC channels has been grossly over-estimated.

That wasn't the only report that Microsoft announced. It also reported a new vulnerability in its DirectX graphics system. Accessing specially crafted Quicktime files could allow arbitrary code to be executed on a victim's system, says the company.

Defenses

US firm Pramana is to launch a service that it says can tell when bots as opposed to humans are conducting online activities such as filling out web forms.

The Department of Homeland Security is to create an online review of homeland security in conjunction with security and policy experts across the US.

The Election Assistance Commission has issued a set of proposed draft revisions to US Voluntary Voting Guidelines, which are federal guidelines designed to test voting systems for security.

 

This article is featured in:
Internet and Network Security Malware and Hardware Security Public Sector Security Training and Education

 

Comment on this article

You must be registered and logged in to leave a comment about this article.

Copyright © 2010
Elsevier Ltd. All rights reserved.
Terms & Conditions | Privacy | Website Design Working with water