Think Information. Think Security.
 
Picture
Hackers infected computers, derailed websites, and plundered networks in a memorably miserable quarter, according to a report released Wednesday by Internet security firm PandaLabs.

Hacking groups Lulz Security and Anonymous caused "widespread mayhem" during the three months ending June 30, and malicious software "spread substantially," according to the research unit of Spain-based Panda Security.

"This quarter has been one of the worst on record," PandaLabs said in a quarterly security report.

"The number of attacks suffered by businesses and large organizations has set alarm bells ringing as systems and companies that until now were considered 'hack-proof' have fallen victim to cyber-crime," the report continued.


 
Picture
Now that the Lulzboat has run aground during its three hour tour, and the rats have gone overboard in search of the relative safety of a pineapple under the sea, the computer media continues with the personal soap operas of "Anonymous" and "AntiSec" with the kids engaged in their infighting, whereas the attention of security people returns once again to the larger, more serious issues that involve the client side of the world.

When we last left our heroes, Microsoft had announced the takedown of a major botnet known as "Rustock." Well... not a complete takedown of course, but it's dwindled a bit aseWeek reports. Rustock had a good run before it was wrestled to the ground (almost) given that it first appeared in 2006.

A mere five year half life for malware is considered perfectly acceptable these days in the computer security realm.


 
Picture
British tabloid News of the World said today it is closing down over a phone hacking scandal in which workers for the Rupert Murdoch-owned newspaper allegedly snooped on voice mail messages left on the mobile phones of murder victims, as well as celebrities, politicians, and the British royal family.

If unethical journalists can do it chances are anyone can, right?

To test my theory I called up Kevin Mitnick, who wrote about the hacking and social engineering that landed him in jail in a fascinating book coming out this summer, "Ghost in the Wires," and who serves as a security consultant, helping clients prevent against privacy breaches such as this.


 
Picture
A new report of security company Symantec says that global spam is at its lowest levels since 2008. The geographic center of spammed accounts has also shifted from Russia to Saudi Arabia. Worldwide spam is now down to one in every 1.37 emails. In the United States, spam accounts for 73.7% of all emails.

Spam levels are now the lowest they have been since McColo, a California-based ISP spam control center, was taken down in 2008. That is, in part, due to the shutdown of the spam-sending botnet Rustock in March 2011. Spam, phishing, viruses and other types of malware are all still major problems in the Internet ecosystem but it looks like progress is being made against the botnets and those that control them.


 
Picture
The Department of Homeland Security will release a new guidance document today intended to make the software that runs the Web less susceptible to malicious hacks.

DHS has teamed with security and technology experts at the SANS Institute and Mitre to create a list of the top 25 programming errors that lead to the most serious hacks, according to The New York Times. The idea is to educate companies and organizations about the channels that criminal hackers use to gain access to confidential information and servers. These are often common software errors that can lead to "zero day" exploits.


 
Picture
I came across these ten potential security holes and thought I would share them with you as they are more relevant now than ever in light of what has transpired on the SONY Play Station Network in the last month.

If CIOs are not making corporate security a top priority then they are not properly serving their organizations.

It is difficult to remain 100% confident in your organizations security policies and procedures, but we must remain 100% committed to diligence in constant upgrades and feedback from attempted breaches to our networks and systems.