News
News: Submitted by dschur on Tue, 06/24/2008 - 13:12.
New blackmailing Trojan encrypts files using high-grade 1024-bit RSA key.
A security company on Friday asked for help cracking an encryption key central to an extortion scheme that demands money from users whose PCs have been infected by malware.
Kaspersky Lab, a Moscow-based antivirus firm, put out the call for assistance after it discovered a new variant of Gpcode, a Trojan horse that has been used in isolated "ransomware" attacks for the past two years.
Read more...
Read more
News: Submitted by dschur on Tue, 06/24/2008 - 13:02. Last updated on Tue, 06/24/2008 - 13:39.
A computer intrusion into a Citibank server that processes ATM
withdrawals led to two Brooklyn men making hundreds of fraudulent
withdrawals from New York City cash machines in February, pocketing at
least $750,000 in cash, according to federal prosecutors.
The ATM crime spree is apparently the first to be publicly linked to the breach of a major U.S. bank's systems, experts say.
Read more...
Read more
News: Submitted by dschur on Tue, 06/24/2008 - 12:48.
A draft version of the "SAML V2.0 Information Card Token Profile" has been submitted to the OASIS Security Services (SAML) TC. "Microsoft has defined a set of profiles for acquring and delivering security tokens, collectively referred to as 'Information Card' technology. These profiles are agnostic with respect to the format and semantics of a security token, but interoperability between issuing and relying parties cannot be achieved without additional rules governing the creation and use of the tokens exchanged.
Read more...
Read more
News: Submitted by dschur on Tue, 06/24/2008 - 12:41.
Consortium Releases CARML (Client Attribute Requirements Markup
Language) and Privacy Constraints Draft Specifications to Protect
Personally Identifiable Information Across Applications and Networks.
Read more...
Read more
News: Submitted by dschur on Tue, 06/03/2008 - 13:49.
A European Union-wide advisory body this week called for security breach disclosure regulations tougher than those in the U.S. as a step toward raising awareness of the seriousness of security threats.
The European Network and Information Security Agency (ENISA), the E.U.'s top security body, said governments, businesses and consumers are still underestimating the scope of the IT security problem, in part because of the lack of transparency when breaches occur.
Read more