Two big, bad botnets gone, but replacements step up, says researcher
'Amazing' worm attack infects 9 million PCs
1 in 3 Windows PCs vulnerable to worm attack
Conficker Worm using Metasploit payload to spread
Downadup Worm Races Onto Millions of PCsNewsFactor - 1 hour, 53 minutes ago
The Win32.Worm.Downadup is raging across the Internet, using new tricks to spread undetected. The worm spreads by exploiting a vulnerability in the Windows RPC Server Service and has infected millions of Windows PCs in the last two weeks.
UK Ministry of Defence Stung by Rapidly Spreading Virus PC World - Fri Jan 16, 7:30 AM ET
The U.K. Ministry of Defence is in the midst of an electronic fight with a computer virus that rapidly spread through its computer networks starting Jan. 6.
New York kills contract for public safety wireless network
Judge allows streaming of courtroom video in music piracy case
Internet security task force downplays online threats to children; critics blast report
AVG to acquire ID theft prevention specialist Sana CNET - Tue Jan 13, 2:17 PM ET
Antivirus provider AVG Technologies on Tuesday announced that it is acquiring Sana Security, which sells identity fraud prevention software.
Jan 16, 2:55 pm
Russian Firm Offers Wi-Fi Encryption Cracker
The technique behind the software, which can decipher WPA/WPA2-PSK passwords, is just a few months old. And now it has a price -- nearly $1,000.
$6 billion broadband infusion in House appropriations bill
Broadband development will get up to $6 billion of loot in a new $550 billion package being considered by Congress. But public interest groups want some accountability strings attached.
January 16, 2009 - 09:17AM CT - by Matthew Lasar
Misconceptions About Laptop Encryption May Put Data At Risk Overconfidence in encryption's capabilities may cause workers to ignore best practices, Ponemon study says
Jan 15, 2009 02:27 PM
http://www.darkreading.com/security/client/showArticle.jhtml;jsessionid=H2GM5MLNRFD2MQSNDLPCKHSCJUNN2JVN?articleID=212900803
By Tim Wilson DarkReading
-->Now that they have encryption capabilities on their laptops, many end users may be overconfident about the safety of the data that resides on them, according to a study published this week.
The laptop encryption study, conducted by Ponemon Institute and sponsored by security vendor Absolute Software, found that many workers think the data on their encrypted PCs is safe, but that their behavior on the road may continue to put that data at risk.
The survey of more than 1,500 individuals -- including approximately 700 IT security professionals and more than 800 non-IT workers -- indicates that users with laptop encryption are now in the majority, about 58 percent of the study sample. However, Ponemon says that non-IT workers may have developed misconceptions about the power of those encryption capabilities to protect their data.
For example, 61 percent of non-IT workers believe that encryption "prevents the theft of my information by cybercriminals," the study says. Sixty-six percent say they no longer worry about losing their laptops because the data is encrypted. Sixty percent agree that encryption "makes it unnecessary to use other security measures."
These misconceptions may cause employees to disregard other important security practices, Ponemon suggests. For example, 30 percent of non-IT workers say they frequently leave their laptops with strangers while traveling, while 28 percent say they frequently leave their computers alone in insecure locations. Sixty-nine percent say they never physically lock their computers to their desks, and 73 percent say they never use a privacy shield to protect their computer screens from prying eyes.
In addition, Ponemon says, many users are lax in their use of encryption technology. In the survey, some 56 percent of non-IT workers admitted to turning off the encryption capabilities on their laptops for some period of time. Twenty-eight percent admit to sharing their encryption passwords with others, and 36 percent say they remember their passwords with a paper document, such as a post-it note. Sixty-eight percent say they rarely, if ever, use complex passwords.
"We believe that the primary conclusion that can be drawn from this study is that business managers are either negligent in the protection of sensitive and confidential information on their laptops, or they may be overly dependent on encryption to keep this information secure," the study says.
"Encryption is an excellent security tool," the study observes. "However, if encryption is turned off, if passwords are shared, or if other risks are taken, organizations that utilize encryption technologies alone to ensure the security of confidential information may not be well-protected from the possibility of a data breach."
Supreme Court Says Law Enforcement Database Errors Okay
The Supreme Court decision allows police to use false information contained in a police database as the evidence for an arrest. Chief Justice Roberts held that, "when police mistakes are the result of negligence such as that described here, rather than systemic error or reckless disregard of constitutional requirements, any marginal deterrence does not 'pay its way.'" Justice Ginsburg, writing for four of the Justices in dissent, said that "negligent record-keeping errors by law enforcement threaten individual liberty, are susceptible to deterrence by the exclusionary rule, and cannot be remedied effectively through other means." The dissent in the case sited a friend of the court brief that outlined privacy and civil liberty consequences of errors in databases.
Tapped, The American Prospect, January 2009
16 January 2009
Alert! Symantec closes critical hole in AppStream
The problem is caused by unsafe methods in an ActiveX control that is marked "safe for scripting". Attackers can use a forged server to inject and execute arbitrary code on a Windows client more…
14 January 2009
Banking details can be stolen through a new JavaScript exploit
A web site can exploit the vulnerability to identify the bank page a user is logged into, then activate a pop-up window, requesting the login be repeated more…
Download Free Tool to Resolve All Vista Apps Incompatibility Issues
Even with Windows 7 beta Build 7000 fresh out the door, Microsoft's focus on Windows Vista remains strong. In thi...[ more >> ]
Xarvester, the new Srizbi?January 12, 2009
Xarvester has become a top spamming botnet since the shutdown of McColo, and has some surprising similarities to Srizbi.
Malware purposely not infecting machines in certain countries
Angela Moscaritolo January 16, 2009
Researchers have spotted a jump in malware that is designed to avoid infecting users in certain countries -- an attempt to stay out of the purview of law enforcement.
Subscribe to:
Post Comments (Atom)
No comments:
Post a Comment