Best Of The Web

TECHNOLOGY REVIEW
A New Web Of Trust
After slow start, DNSSEC promises to make the Internet more secure

CURIOUS READ
Blurred Out: 51 Things You Aren't Allowed To See On Google Maps
The list includes the White House -- and some neighborhoods with staunchly-private residents

COMPUTER
The Top 10 Most Notorious Hackers Of All Time
An updated look at the hackers' hall of fame

USA TODAY
Homeland Security Rules On Data Collection Rile Businesses
DHS will collect electronic records on private planes, imported cargo, foreign visitors, and federal contractors as part of last-minute security policies imposed by the Bush administration yesterday, but businesses say it's too costly as well as risky for data loss

ASSOCIATED PRESS
'Cybergeddon' Fear Stalks US: FBI
FBI official says cyberattacks are just behind nuclear war and weapons of mass destruction, in the biggest risks to the U.S.

WIRED
Weak Password Brings 'Happiness' To Twitter Hacker
A teen hacker who has pulled other celebrity hacks admitted to hijacking the Twitter accounts of President-elect Obama and others this week

COMPUTERWORLD
Checkfree Warns 5 Million Customers After Hack
Cybercriminals took control of several of the company's Internet domains and redirected customers to a malicious site hosted in Ukraine

COLUMBIA DISPATCH
OSU Students Told That Private Information Was On Internet
Names and social security numbers of 18,000 current and former students of Ohio State University were accidentally stored on an Internet-facing server

EWEEK
Researchers Aim to Fortify CAPTCHA Against Spammers
Researchers are working on ways to make CAPTCHA's tougher to abuse

NEW YORK TIMES
So You Want To Be A Cyber sleuth?
Profile of a computer forensics pro who got into the biz at age 30

SMART BRIEF
Los Angeles Hospital Struggles With Identity Theft, Possible Fraud
A former employee of Cedars-Sinai Medical Center in Los Angeles has stolen personal information on over 1,000 patients in a case of possible insurance fraud

GOVERNMENT COMPUTER NEWS
Microsoft Releases IE8 Blocking Tool
Lets enterprises prevent unauthorized installations of the new browser

SOFTPEDIA
Ministries In Bulgaria And New Zealand Fight Virus Outbreaks
The Bulgarian Interior Ministry and Health Ministry in New Zealand have been hit by malware attacks that have hurt their operations

THE DARK VISITOR
Commonly Used Tools of the Chinese Hacker
The password decoder, analyzer, firewall, Trojan, sniffer, and port scanner, typically deployed by Chinese attackers

TIMES OF INDIA
Mumbai Police To Look Out For Unsecured Wi-Fi Connections
In the wake of the terror attack on Mumbai where terror emails were sent, police there are searching for unsecured WiFi to prevent future such WiFi abuse

SOPHOS
Facebook Data Loss Fiasco
Facebook has managed to lose some users?? settings controlling when they should be emailed

INFORMATIONWEEK
U.S. Army Goes Bot Hunting
New software funded by a grant from the U.S. Army Research Office and developed by SRI International promises to provide users with more insight into what their computers are up to -- namely spotting any bot activity

DAILY TECH
Spam Increasing Again After Shutdown of Hosting Company
Since Sunday, spam volume rose around 37 percent of the original amount before McColo was pulled offline on November 11 and Srizbi, Asprox, Mega-D, Rustock, and other spam botnets are back in business

NEOWIN
Chinese Internet Giant Hit With Scandal
China's largest search giant has been accused by the state-run media of allowing unlicensed medical providers to buy high search rankings

REUTERS
U.S. Not Ready for Cyberattack
Cyberwar simulation with government defense and security agencies, and private and civil groups shows that the U.S. is unprepared for a major attack on its vital computer systems.

SC MAGAZINE
FTC: Reduce Data Theft By Regulating Social Security Numbers
A new Federal Trade Commission report says cutting down on SSNs will reduce ID theft

THE CHARLESTON GAZETTE
Kentucky Woman Accused in Network Hacking
Former network administrator allegedly deleted directory accounts and shut down former employer's network for over 15 hours

FORBES
Seeking Obama's Cyber Czar
Paul Kurtz, a security consultant, is the new administration's top choice for the post, according to sources, although he has privately told colleagues that he is reluctant to take the job

PC WORLD
IRS Doesn't Check Cyberaudit Logs
IRS has effectively deployed intrusion detection systems at its Internet gateways, and it has used access controls for firewalls and routers, said the report, completed in July but released Monday. But the agency's IT staff weren't always saving or reviewing system audit logs, and clock settings on some firewalls and routers did not comply with IRS rules, the report said.

INTERNET EVOLUTION
Penetration Testing Gone Terribly Right
Security consultant hired to break into a company network finds it doesn't take heroic measures or extraordinary expense to keep the bad guys out ?? just some forethought and common sense

SANS INTERNET STORM CENTER
IE Bug Being Exploited by Word Documents
Word exploit method simple and likely only the first of many others

GOVERNMENT COMPUTER NEWS
Collaboration, Security Top List Of Federal CIO Concerns
Survey says agencies who feel their infrastructure are secure has decreased over the past five years to less than 50 percent

THE REGISTER
American Express Web Bug Exposes Card Holders
A cross-site scripting vulnerability on the American Express Website put visitors at risk for more than two weeks and violates industry regulations governing credit card companies, security researcher says

CGI SECURITY
Opera Releases ??Update For 'Extremely Severe' ??Vulns
Browser update fixes seven security bugs, some of which were previously known

ZDNET BLOG
Thousands Of Legitimate Sites SQL Injected To Serve IE Exploit
Chinese hackers have hit over 100,000 Websites with attacks serving up the next Internet Explorer XML parsing exploit

IT SECURITY PORTAL
There Has Been As Much Malware In The First Months Of 2008 As In The Previous 17 Years Combined
Panda Labs says there were as many malware strains between January and August of this year as there were in the past 17 years overall

AZ CENTRAL
Lifelock's ID-Theft Products Questioned
LifeLock and TransUnion have teamed up but other credit bureaus claim LifeLock misleads consumers

GRAND FORK HERALD
Winnipeg Businessman On Hook For $52,000 Phone Bill After Voice Mail Hacked
Businessman discovers hundreds of calls made to Bulgaria on his account after his voicemail system was hacked

INFOWORLD
Oops! Mozilla Forgets Firefox 2 Patch, Must Re-Issue Update
Mozilla inadvertently omitted a security patch that was supposed to be included in the Windows version of Tuesday's Firefox 2.0 .0.19 release

NETWORK WORLD
Security Vendors Leaving 'Old School' Malware Detection Methods Behind
Signature-based virus scanning losing prominence as behavior-based detection and reputation analysis grows

MICROSOFT
Microsoft Releases Emergency Patch for IE
Microsoft released security update MS08-078??today to address a new vulnerability in multiple versions of Internet Explorer and urged users to install it ASAP

CNET
New Privacy Guidelines for E-Health Records Announced
New HHS guidelines augment HIPAA Privacy and Security Rules for electronic health records

MCAFEE AVERT LABS BLOG
IE 7 Exploit Reloaded: The new face of Drive-by Attacks using Doc files
McAfee researchers discover customized versions of the new IE 7 exploit

THE KOREA TIMES
Korea Plans Hacking Competition
Korea plans to invest about $168 million through 2013 to support local security companies, and will host an international hacking competition

ASSOCIATED PRESS
Yahoo To Shorten Logs of User Activity to 3 Months
New privacy policy reduces storage of user online behavior records from 13 months to three