Storm Trojan dupes users with dancing Halloween jig   31 Oct 2007 13:00 GMT
Just in time for Hallowen, the Storm Trojan is spamming e-mail inboxes with messages touting "dancing skeletons" -- a bid to entice users into clicking on a link from which their computers can be infected.

Source: Computerworld

Researchers give Leopard security low marks   31 Oct 2007 13:00 GMT
Although Apple built new security features into its latest OS, Leopard, some of them do little to protect users, according to security researchers. But, they note, attackers haven't targeted Macs anyway.

Source: Computerworld

The new urgency to fix online privacy   31 Oct 2007 11:00 GMT
Unlike Y2K, which was a nonevent, Internet attorney Eric Sinrod explains why the business world is mobilizing behind what it sees as a real threat. A decade ago, I started writing about online privacy issues. At the time, legal colleagues told me that while they found the topic...
Source: ZDNet

Pharma industry touts cure for data security ills   30 Oct 2007 13:00 GMT
Every security professional is intimately familiar with the Law of Unintended Consequences; sometimes it even works in their favor. Case in point? The data-protection advances that RxHub needed to build to protect their real-time data-transport operation.

Source: Computerworld

Audio-spam pitch rode eight-figure Storm wave   30 Oct 2007 13:00 GMT
The Storm season may be tapering off, but the botnet still managed to push out 15 million audio-spam messages flogging a pump-and-dump stock scheme this month.

Source: Computerworld

Whistleblower e-mail addresses exposed in Judiciary Committee snafu   30 Oct 2007 10:10 GMT
A confusing option in Microsoft Outlook may have led to the disclosure of the e-mail addresses of a number of would-be Department of Justice whistleblowers when a Congressional staffer attempted to send out -- ironically -- a memo concerning confidentiality. (And then it happened again.)

Source: Computerworld

Bogus FTC e-mail has virus   29 Oct 2007 23:16 GMT
Agency says fake e-mail is a "treasure trove for identity theft" and warns recipients not to open it. The Federal Trade Commission, which has declared war on Internet scams, warned consumers on Monday not to open a bogus e-mail that appears to come from its fraud department because...
Source: ZDNet

Why we still invite data breaches   29 Oct 2007 11:00 GMT
Sentrigo's Dan Sarel writes that enterprise security has been slow to realize the evolving nature of for-profit cyber hack attacks. If you followed the news this summer, you doubtless read about a spate of data breaches reaching across corporate America. After a massive security compromise at...
Source: ZDNet

FAQ: What Visa's payment application security mandates mean   29 Oct 2007 05:23 GMT
The companies that accept payment card transactions will eventually have to play by new rules being laid down by Visa to bolster data security.

Source: Computerworld

Update: TJX Victim Tally Rises to 94M   29 Oct 2007 05:23 GMT
Several banks looking to join forces in a class-action lawsuit say that the massive breach of retailer TJX's systems revealed data on some 94 million of its customers' payment cards.

Source: Computerworld