SecurityWeek

Prolexic Technologies, a Hollywood, Florida-based provider of DDoS protection services, this week released its Quarterly Global DDoS Attack Report, which revealed an almost threefold increase in the number of DDoS attacks against its clients in the financial services sector during Q1 2012 compared to Q4 2011.

HP Warns That Compact Flash Cards Shipped With HP ProCurve 5400 zl Switches Could Be Infected With MalwareHP has warned of a security vulnerability associated with its ProCurve 5400 zl switches that contain compact flash cards that the company says may be infected with malware. The company warned that using one of the infected compact flash cards in question on computer could result in the system being compromised.

Brothers Used Business Logic Attack to Trigger $1.4 Million in Fraudulent Payments, Plead Guilty to Wire FraudTwo brothers who used a combination of fraudulent actions and business logic attacks against Nordstrom’s e-commerce system and defrauded the retail giant out of $1.4 million via commissions and rebates are now facing jail time.

CloudPassage, a cloud server security firm that emerged from stealth mode back in January 2011, today announced that it has raised $14 million in a series B round of financing. The latest round brings the company’s total funding to $21 million.

Visa today announced a solution designed to help financial institutions create and implement strategies for identifying and stopping fraudulent transactions in real-time at the checkout.Called Visa Strategy Manager, the company claims financial institutions using the service will benefit from Visa's pattern-based fraud detection algorithms which helps identify the riskiest transactions. As a result, the system can help determine whether a transaction should be approved, declined or flagged for review.

With little fanfare, and no attention brought to the announcement itself, Apple has said it is working on software that will detect and remove the Flashback malware from infected systems. Unfortunately, the company did not say when this software would be released.

Implanting Easter Eggs is not Just a Developer’s Take at Humor. They Have the Potential to Double-act as Backdoors with a Devastating Effect.

AlgoSec, a company that provides firewall management solutions, recently released the results of a poll that examined the attitudes and opinions of 180 working IT and security professionals during the RSA Conference earlier this year. The results of the poll show that poor internal processes, practices, and threats pose the largest risk to a network. These problems, the respondents believe, are more of a concern than threats from malicious external sources.

Two technology trade associations, TechAmerica and USTelecom, and one of the world’s largest defense contractors, Boeing, had their web sites knocked offline by Anonymous for their support and connections to the controversial CISPA bill. They are the latest in a string of targets selected by those supporting Anonymous’ Operation Defense (OpDefense).

Researchers at Trusteer have spotted a new attack vector from Zeus that aligns perfectly with previous financially motivated targets. Based on the information collected and previous attacks, it appears as if the newer Zeus configurations will remain focused on the bigger fish.

On Tuesday, Adobe released a security bulletin to address multiple vulnerabilities in Adobe Reader X (10.1.2) and earlier versions for Windows and Macintosh, Adobe Reader 9.4.6 and earlier versions for Linux, and Adobe Acrobat X (10.1.2) and earlier versions for Windows and Macintosh. According to Adobe, exploitation of the vulnerabilities may allow an attacker to execute arbitrary code or cause a denial-of-service condition.

When it comes to letting someone go, very rare will you find a business leader who enjoys that part of the job. When you have to fire a network security administrator, not only is it a downer, it’s a risky proposition – unless you follow basic steps.