Let's face it, encryption is a new thing, and you have to keep things simple so people can understand it.
But it frustrates me that most of the talk about encryption technology, law, policy, compliance, etc is always in terms of "encrypted" vs "unencrypted". Yeah, all your data should be encrypted. But that's the beginning of the discussion, not the end. Encryption is easy. Protecting data is hard.
Posted by Niels Provos, Security Team
Every now and then people ask us for an update on the malware statistics we published in the All Your iFrames Point To Us blog post. We're glad to share this sort of data because we believe that collaboration and information sharing are crucial in driving anti-malware efforts forward. Here is a small update containing some interesting trends we've observed over the last 12 months.
The arrest of Rio Tinto executive Stern Hu in China on spying charges has brought home the need for CIOs to examine data security according to the CEO of security company PGP, Phil Dunkelberger.
It was announced on the 31st July 2009 that Mcafee intends to purchase Mx Logic. According to the Mcafee website, Mx Logic is a leading global provider of cloud-based email and web security, archiving, and business continuity services. The deal is expected to close at the end of the third quarter 2009 subject to legal approval. The purchase price is reported at $140 million.
And it only takes one "dirty" program to compromise your PC - but the bad guys got a dozen shots on average!
Recently, Pedro Bueno wrote about “dumb” malware authors hardcoding their login credentials into their password stealing trojan. The malware he referenced, PWS-Banker.gen.i, ostensibly came from Brazil.
So, Iran had elections this weekend. Some people don’t agree with the results. As consequence, some people are organizing DDoS attacks against Iranian websites, more precisely:
http://www.leader.ir/
http://president.ir/
http://www.irib.ir/
http://www.iribnews.ir/
and some specific URLs on those domains.
The U.S. Department of Homeland Security announced the launch of a blog it calls The Blog @ Homeland Security.
It’s described as a new way for DHS to offer an inside-out view of what they’re doing each day to secure the nation.
The blog features a video message from Secretary Napolitano outlining the Department’s five overarching responsibilities, an invitation for visitors to comment and the latest “tweets” from @dhsjournal.
This is tragic news, indeed. We have heard of software flaws costing customers hefty amounts of money, man-hours, bandwidth, disk-space, etc. But now the cost has reached an unprecedented level causing HyperVM’s creator to apparently commit suicide.
Now they are getting personal! Being a T-Mobile customer has brought this scary world of breaches and identity theft home to me - with the news that T-Mobile confidential and customer data had been breached.
