Monday 10/26/09

Swine flu national emergency should spur businesses to action President Obama's declaration of a national swine flu emergency should send up a red flag to businesses that are still unprepared for a pandemic. Read more...

President Barack Obama declared the H1N1 flu outbreak a national emergency this past weekend, giving health-care systems the ability to bypass some federal regulatory requirements in order to quickly implement disaster plans should they become overwhelmed.

Similar to declaring a hurricane emergency as a storm approaches landfall, the national emergency declaration gives authority to health-care facilities to submit waivers to establish alternate care sites, and modified patient triage protocols, patient transfer procedures and other actions that occur when they fully implement disaster operations plans.

----------

Bugs and Fixes: Stymie Malicious Media, Attacks
Essential OS fixes are big this month. And fans of free software need to update their Firefox and OpenOffice copies.

----------

U.S. gov't cybersecurity spending to grow significantly, study says
U.S. government spending on cybersecurity will grow at a compound rate of 8.1 percent a year between 2009 and 2014, outpacing general IT spending, according to the government analyst firm Input.

Spending on vendor-supplied information security products and services will increase from $7.9 billion in 2009 to $11.7 billion in 2014, Input predicted. General IT spending by the U.S. government will increase by 3.5% a year during the same time frame, said Kevin Plexico, Input's senior vice president of research and analysis.

----------

Virginia man to serve prison term for selling counterfeit software
Gregory William Fair, of Falls Church, was sentenced Thursday in U.S. District Court for the District of Columbia. In addition to the prison term, Judge R.W. Roberts ordered Fair to pay $743,098 in restitution.

Fair also forfeited $144,000 seized from a safety deposit box and residence, a BMW 525i, a Hummer H2, a Mercedes CL600 and a 1969 Pontiac GTO. All the cars were purchased using funds from his counterfeit software operation, the DOJ said.

----------

China ready for cyberwar, espionage, report says
Looking to gain the upper hand in any future cyber conflicts, China is probably spying on U.S. companies and government, according to a report commissioned by a Congressional advisory panel monitoring the security implications of trade with China.

The report outlines the state of China's hacking and cyber warfare capabilities, concluding that "China is likely using its maturing computer network exploitation capability to support intelligence collection against the U.S. government and industry by conducting a long term, sophisticated computer network exploitation campaign."

Published Thursday, the report was written by Northrop Grumman analysts commissioned by the U.S.-China Economic and Security Review Commission.

----------

Botnets contributing more than ever to click fraud
For the third quarter of the year, 42.6% of fraudulent clicks came from botnet-infected computers, according to Click Forensics, a company that produces tools to detect and filter out fraudulent clicks. The figure is the highest in four years, when Click Forensics began producing reports. For the same quarter a year ago, botnets accounted for 27.5% of bad clicks.

----------

DHS to get big boost in cybersecurity spending in 2010
The U.S. Senate yesterday passed legislation approving a budget of nearly $43 billion for the DHS for fiscal 2010. Of that, about $397 million is supposed to go toward improving cybersecurity within the agency. That's $84 million, or about 27%, more than the $313 million that was allocated for information security in fiscal 2009.

----------

Swiss foreign ministry hit by computer attack
AFP – 2 hrs 35 mins ago
GENEVA (AFP) - Unidentified hackers have penetrated the Swiss foreign ministry's computer system to seize data, forcing parts of it to be shut down for several days, the ministry revealed Monday.

----------

Nigeria's anti graft police shuts 800 scam websites
AFP – Thu Oct 22, 1:02 pm ET
LAGOS (AFP) - Nigeria's anti-corruption police said Friday they had shut down some 800 scam websites and busted 18 syndicates of email fraudsters in a drive to curb cyber-crime the country is notorious for.

----------

How Victims Encourage Cybercrime
Security firm Kaspersky notes that anonymity of users can mask cyber threats and make them tougher to prevent.

----------

Cybersecurity Quiz: Know Your Threats
Separate cybersecurity fact from fiction in this survey of the threats posed by cyberattacks.

----------

ERIC TOTALLY DISAGREES:
From Security Perspective, Windows 7 Off To A Rocky Start
Oct 22,2009
Experts express consternation over early vulnerabilities, UAC configuration issues

----------

Major Secure Email Products And Services Miss Spear-Phishing Attack
Oct 22,2009
Experiment successfully slips fake LinkedIn invite from 'Bill Gates' into inboxes

----------

Metasploit Project Sold To Rapid7
Oct 21,2009
Open-source Metasploit penetration testing tool creator HD Moore joins Rapid7, commercial Metasploit products to come

----------

The Internet is set to undergo one of the biggest changes in its four-decade history with the expected approval this week of international domain names — or addresses — that can be written in languages other than English, an official said Monday.

----------

Microsoft to open up Outlook .PST data format

----------

Google Oops! User Voice Mails Disclosed in Search Engine
Reported flaw in Google's voice mail service said to expose users' messages to search engine users. The messages are reported to include the audio file and transcript of the call, but also included the callers name and phone number.
Random users Google Voice mail is searchable by anyone?, Michael Bettiol, Boygeniusreport.com, October 19, 2009

----------

Answers to Windows 7 upgrade questions
Ed Bott: My compatriots in the Windows blogosphere aren't always discriminating in giving out advice. I read a staggering number of rumors, many of them promulgated by people who should have known better.

----------

OFF TOPIC:

Groups Challenge SoCal Desalination Project
By SONYA ANGELICA DIEHN
VISTA, Calif. (CN) - Environmentalists are challenging the City of Carlsbad over a $300 million desalination plant planned for drought-stricken Southern California. Two groups say Carlsbad and Poseidon Resources' enormous project has undergone too many changes for a 2006 environmental impact report to still apply.

----------

BAD NEWS:
LifeLock settles with Experian to not set fraud alerts
Dan Kaplan October 23, 2009
A lawsuit settlement affirms that third parties are not permitted to set fraud alerts with the major credit bureaus.

----------

Blogger: Time Warner Routers Still Hackable Despite Company Assurance
A blogger who stumbled across a vulnerability in more than 65,000 Time Warner Cable customer routers says the routers are still vulnerable to remote attack, despite claims by the company last week that it patched the routers.

Last Tuesday, David Chen, an internet startup-founder, published information about the vulnerability in Time Warner’s SMC8014 series cable modem/Wi-Fi router combo, made by SMC. The problem would allow a hacker to remotely access the device’s administrative menu over the internet and potentially change the settings to intercept traffic, making possible all sorts of nefarious activity.

----------