Former IT employee sues Lehman Brothers over job losses
A software developer is suing his former employer Lehman Brothers Holdings Inc. in a $5 million lawsuit over the mass layoffs of IT staffers without the required notice.
The lawsuit was filed on behalf of over 100 former employees by computer programmer Miron Berenshteyen, who was laid off by the failed investment bank.
...
When Lehman Brothers filed for bankruptcy in September, it had 25,000 staffers in total, including more than 5,000 in the U.K. The bank spent $1.14 billion last year on IT.
Dell ships laptops with self-encrypting drives
Dell Inc. announced today that it is offering Seagate Technology LLC's self-encrypting hard drives in its Latitude laptops, Precision Mobile Workstations and OptiPlex desktops as a security precaution in case those machines are lost or stolen. Seagate also announced today that it has begun shipping its 320GB and 500GB self-encrypting disk drives to laptop manufacturers worldwide.
Seagate shipped its first 160GB, self-encrypting drive to a handful of resellers about a year and a half ago. But this announcement marks the first generally available release of Seagate's new, higher-capacity, self-encrypting Momentus drives.
Seagate said it has also partnered with McAfee Inc. to certify its ePolicy Orchestrator (ePO) management software for use with the drives.
...
ActiveX Poses Threat to Vista, Microsoft Says
Judge orders newly hired Apple VP to stop work
Thousands hit in broad Web hack
Hackers have launched a massive Web hacking campaign, putting malicious links on as many as 10,000 servers, security vendor Kaspersky Lab warned on Friday.
"We’re estimating that in the last two days alone, between 2,000 and 10,000 servers, mainly Western European and American ones, have been hacked," Kaspersky wrote on its Web site Friday, "It’s not yet clear who’s doing this."
The attackers are most likely using compromised accounts on the Web sites or launching what's known as a SQL injection attack, in which hackers trick Web sites' software into inadvertently running malicious commands.
The criminals add a line of JavaScript code onto the hacked sites that redirects victims to one of six servers. These sites, in turn, redirect the visitor to a server in China. That server can launch a variety of attacks, targeting known flaws in Firefox, Internet Explorer, Adobe Systems Inc.'s Flash Player and ActiveX, Kaspersky said.
Arizona state agency loses data on 40,000 children in disk theft
... the disks were stored in a leased storage unit at a local Extra Space Storage facility that was broken into on Oct. 14, and were part of a much broader array of items — including furniture and electronics — that were taken from multiple units at the facility.
Romanian NASA hacker gets suspended sentence
Survey: One DNS Server in 10 Is 'trivially Vulnerable'
Over a million of the Internet's DNS servers are still vulnerable to a cache-poisoning attack patched in July.
http://www.pcworld.com/businesscenter/article/153553/states_ramp_up_data_security_laws.html
Beginning on January 1, 2009, all businesses that collect personal data from or about Massachusetts residents will need to adopt a comprehensive written security program, conduct internal and external security reviews and complete employee training regarding their programs.
WPA Cracked - additional details
UPDATE: The WPA whitepaper is out: "Practical attacks against WEP and WPA" (from aircrack-ng website).
Yesterday, fellow handler Joel provided an early warning about the recently announced WPA Crack. Although we won't know all the technical details until next week (at least in whitepaper or presentation format), I tried to provide some light about this issue on my personal blog, RaDaJo. It is important to highlight that PoC exploit code is available.
The recomendation is simple: Migrate to WPA2! If for any reason you cannot do it before finishing reading this post, check some of the quick mitigation recommendations (like reducing the renew key interval; please, test it before making the change on your production environment), and increase your wireless detection stance and check for multiple MIC failure messages.
7 Requirements of Data Loss Prevention
Incorporate best practices from many companies using DLP solutions.
CSO — SEATTLE (11/06/2008) - Antivirus developer SMobile released software this week to protect users of the G1 Android phone, although one security analyst wondered if people really need it.
Even though Android, the software developed by Google and running on just one phone sold by T-Mobile, is open source, it is unlikely to be more susceptible to malware than other, proprietary mobile operating systems, said Charlie Miller, principal analyst at Independent Security Evaluators and the researcher who found the first Android vulnerability.
Spam gets 1 response per 12,500,000 emails
techradar.com — A new study details how spammers – the bane of our email inboxes – still make pots of money, despite only receiving a response to one in every 12,500,000 emails they spam out.More…
Secret Service code names for new First Family
President-elect Barack Obama: Renegade
Michelle Obama: Renaissance
Malia Obama: Radiance
Sasha Obama: Rosebud
Vice President-elect Joe Biden: Celtic
Jill Biden: Capri
Anti-Terror Law Mission Creep in the U.K.
First terrorists, then trash cans:
More than half of town halls admit using anti-terror laws to spy on families suspected of putting their rubbish out on the wrong day.
Their tactics include putting secret cameras in tin cans, on lamp posts and even in the homes of 'friendly' residents.
The local authorities admitted that one of their main aims was to catch householders who put their bins out early.
Posted on November 7, 2008 at 8:18 AM
Critical Windows, Office fixes coming
Ryan Naraine: Microsoft is planning a small Patch Tuesday this month - just two bulletins affecting Windows and Office users.
Mephistopheles encouters the E.U.L.A.:
http://imgs.xkcd.com/comics/faust_20.png
Did the Chinese government sponsor White House cyberattacks?
Security CEOs say it's possible the Chinese government sponsored a White House cyberattack, and this isn't the first time state-sponsored hacking has occurred.
Google revises its OpenID implementation to accept all Relying Parties
Google got to its position in the pantheon of technology companies by not being always right. It...
Subscribe to:
Post Comments (Atom)
No comments:
Post a Comment