Security Architecture, Application security, Endpoint/Device Security, Endpoint/Device Security, Security Strategy, Plan, Budget, Vulnerability Management, Patch/Configuration Management, Governance, Risk and Compliance, Compliance Management, Privacy, Critical Infrastructure Security, Endpoint/Device Security, Endpoint/Device Security, Endpoint/Device Security

News briefs

IT pros braced for the release of Apple's long-awaited iPhone, unsure what kind of security impact the device would have. A number of security experts said the iPhone would be a major data-security problem, while others indicated that IT professionals have more pressing matters to be concerned with.

 

Scott Charbo, chief information officer of the U.S. Department of Homeland Security (DHS), was grilled by a Congressional subcommittee on how well the department could fight off a cyberattack.

The interrogation came weeks after a critical Government Accountability Office audit stated that the DHS suffered 844 cybersecurity incidents in the past two years.

Charbo defended his department, saying it had taken a number of steps to improve its security posture, including collapsing multiple wide-area networks into a single WAN and fully encrypting traffic.

 

A massive trojan attack affected Italian PC users, possibly leading to a future trend of localized major attacks, according to experts.

The "Italian Job" trojan — aided by the MPACK malware creation kit — infected nearly 10,000 websites within a few days of its release. The malware exploited a number of patched Microsoft Windows flaws.

 

Apple released its Safari beta 3 web browser for Windows operating systems. The application was immediately besieged by researchers, who found a number of flaws in the beta browser within hours of its release. Apple updated the Safari beta twice in the week following its initial distribution.

 

HP announced its intentions to buy SPI Dynamics for an undisclosed amount. Last year, HP acquired Mercury Interactive, a leading automated software quality assurance company, for $4.5 billion.

Analysts said the acquisition further validates the application security space.

 

PatchLink agreed to acquire long-time partner SecureWave, makers of endpoint security solutions, in an all-stock merger.

SecureWave's device and application monitoring solutions and policy enforcement capabilities will be intergrated with PatchLink's patch and vulnerability management software.

 

Jeffrey Brett Goodin, 47, of Azusa, Calif., was sentenced to 70 months in prison for operating a phishing scheme, the first to be convicted under the CAN-SPAM Act.

Goodin was ordered to pay more than $1 million to victims, the lion's share going to EarthLink.

 

A website claiming to have exclusive X-rated video footage of heiress Paris Hilton, exposed the credit card numbers and personal information of 750 subscribers.

The website, parisexposed.com, was tipped off by a reader that a subscriber list could easily be accessed by changing a few numbers on the site's URL.

 

The FBI launched Operation Bot Roast, a national investigation that uncovered more than one million IP addresses co-opted into botnets. The bureau said it is working with the CERT Coordination Center at Carnegie Mellon University in Pittsburgh to notify owners of the bot computers.

 

Fresh off an in-court victory, supporters of Julie Amero, a Connecticut substitute teacher accused of exposing her students to internet porn when a classroom computer was hit with pop-ups, formed The Julie Group, an organization created to help people facing similar legal predicaments.

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms and Conditions and Privacy Policy.