SecurityWeek

On the heels of news earlier this week that Microsoft led an operation that resulted in the takedown of several Zeus botnets, on Wednesday more news came from the security industry on the successful takedown of yet another large botnet

Shawn Henry, the executive assistant director of the FBI’s Criminal, Cyber, Response, and Services Branch, told the Wall Street Journal that the government and private sector is outgunned, when it comes to the defending data and networks from cyber criminals.Henry told the Journal that he didn’t see anyway to come out of the current situation ahead, unless companies were willing to make major changes to their consistently vulnerable networks. 

Starting in May, eCommerce merchants will have a new tool at their disposal to help fight fraud in online transactions in real time, thanks to a new offering from MasterCard. The company today introduced “Expert Monitoring Fraud Scoring for Merchants,” a new that tool enhances merchants’ insight into card behavior beyond a website or a cardholder’s shopping cart.

In 2008, the Taidoor Trojan made its first appearance on the Web. It started by attacking government agencies, but the group behind it expanded their reach by targeting a wide range of victims. Now, based on research from Symantec, it appears that the group running Taidoor is interested in think tanks, especially those that are focused on Taiwan.

Web Application Firewalls: What Approach Should You Take To Evaluate WAF Solutions? In my previous column, I focused on various features you should check out when choosing a Web application firewall. Together, these features help improve the accuracy of a WAF.

 Now Available on Demand Here

Not long ago, researchers from AlienVault Labs had discovered a spear phishing attack targeting several organizations in Central Tibet. The attacks have since continued, and are now shifting to targeting a wider set of activists, including those using Mac OS.

While the Chinese-owned network vendor Huawei moves to soften its image in Australia, reports say that concerns over the company’s government ties led it to being banned from bidding on a contract to work on Australia’s National Broadband Network (NBN). As word of Australia’s block spread, lawmakers in New Zealand questioned the safety of their own network, and called for an investigation.

The Department of Energy (DOE), Department of Justice (DOJ), and the Department of Homeland Security (DHS) need to tighten procedures and controls when it comes to mitigating IT supply chain issues, a recently published GAO report says. The Department of Defense was the only agency to make any progress on the issue.

CloudLock, a Waltham, Massachusetts-based firm that helps companies secure data stored in the cloud, today announced that it has secured $8.7 million in a Series B funding round.

Wave Systems Gets U.S. Army Contract for Encryption Management for Vehicle-Based Mobile Computers Wave Systems, a Massachusetts-based provider of security, data protection, and encryption solutions, today announced that it has received a contract from the United States Army to provide labor, equipment and management to implement solutions for the Army's self-encrypting drives (SEDs).

Privacy advocates are largely giving the thumbs up to a report from the Federal Trade Commission (FTC) calling for Congress to enact privacy, data security and breach notification laws.The report, entitled “Protecting Consumer Privacy in an Era of Rapid Change: Recommendations For Businesses and Policymakers,” also lays out best practices for businesses for protecting the privacy of American consumers. Building upon a report from December 2010, the updated report calls on corporations to enact the following recommendations:

Good Technology, a provider of mobile device security and management solutions for enterprises, today launched a secure browser for Android devices designed to provide secure access to enterprise resources via mobile devices.Dubbed Good Mobile Access (GMA) for Android, the Web browser is a feature of the company’s flagship Good for Enterprise offering, and enables secure mobile access to “behind-the-firewall applications”, company databases, resources and collaboration tools such as SharePoint data without needing a VPN connection.

A group claiming to have risen from the ashes of LulzSec is taking responsibility for hacking a military dating site and a technology company.

They say history repeats itself, or perhaps this is the story of a community recovering from a catastrophe. Either way, the underground is returning to its former glory, and not just in how much business is being conducted – but how it is conducted. In 2006, the English-speaking part of the underground economy was a prosperous community, with several mega-bulletin boards competing for the business and the heart of fraudsters from all over the world.