Best Of The Web

THREAT POST
CabinCr3w Hacker Arrested By FBI
Federal authorities have arrested Higinio Ochoa, a resident of Texas, related to his work with the hacking group CabinCr3w that once targeted Goldman Sachs? CEO

COMPUTERWORLD
Microsoft Acquires 20 New Windows Security Ideas For $13,400 Each
Security expert says Microsoft's BlueHat Prize contest is a 'cheap way to get someone else to innovate' for Microsoft

THREAT POST
Google Patches 12 Flaws In Chrome
In the second update for the Chrome browser in the past few days, Google has patched 12 new vulnerabilities in Chrome and added an updated version of Adobe Flash

REUTERS
Hacker Claims Breach Of Chinese Defense Contractor
A hacker claiming to be a friend of former LulzSec leader Sabu, who turned FBI informant, says he hacked into a Chinese defense contractor and then posted documents online such as U.S. military transport information

PC WORLD
Is Apple To Blame For Size Of Mac Botnet?
Reports of as many as 600,000 Macs infected by the Flashback Trojan raise questions about the security of Macs and Apple's silence over the attacks that had been under way for some time

TECH DIRT
EU Cybercrime Bill Targets Anonymous: Makes It A Criminal Offense To Conduct 'Cyber Attack'
Even "possessing" hacking software and tools can result in arrest, according to newly European Union-approved legislation that appears to be aimed at hacktivism

NAKED SECURITY BLOG
Hacker Jailed For Stealing Millions Of Banking And PayPal Identities
Edward Pearson, 23, from the U.K. is facing prison time for gathering 8 million people's identities, using Zeus and SpyEye to grab PayPal account, bank cards, and other information

THREAT POST
Active Zeus C&Cs Remain Following Microsoft Takedown
Researchers at FireEye say despite Microsoft's recent Zeus takedown, some command-and-control domains remain active as there appeard to evade the sinkhole

INFOSEC ISLAND
Cyber Criminals Top Secret Service Most Wanted List
Among the U.S. Secret Service?s list of most wanted criminals are many alledged cybercriminals, including ones who traffic in stolen and counterfeit credit cards and engage in fraudulent transactions through a consumer credit card service for health consumer

THE REGISTER
Facebook Logins Easily Slurped From iOS, Android Kit
Facebook's iOS and Android clients don't encrypt user credentials but leave them sitting in a folder that other apps or USB connections can reach

ZDNET BLOG
Anonymous Hacks Hundreds Of Chinese Government Sites
The hacktivist group has hit hundreds of Chinese government websites -- some with defacements, others with the leak of administrator accounts, phone numbers, and e-mail addresses

HELP NET SECURITY
Cybercriminals Target Google, LinkedIn And Mass Effect 3 Users
Researchers in March spotted multiple spam attacks and malicious email attacks infecting users under the guise of Google, LinkedIn, Skype, and a video game

QUALYS BLOG
Apple Patches Critical Java Flaw
Apple has issued a critical update for the Java implementation on Mac OS X on both Lion and Snow Leopard -- two months after the release of the corresponding Java version by Oracle, and only a couple of days after attacks were spotted against Macs

DAILY MAIL
Computer Expert Who Stole 8 Million People?s Personal Details Jailed For 2.5 Years
Attack was launched primarily as an 'intellectual challenge,' defendant says

THE INQUIRER
Anonymous Plans An Attack On The UK Home Office
Attack could take place Tuesday night, officials say

COMPUTER BUSINESS REVIEW
Imperva Co-Founder Tells Anonymous To Go Hack Chinese Government
CTO says that if hacktivist group is really in favor of freedom of speech, it should go after China

IT PRO PORTAL
Hackers Compromise 50,000 Credit Cards
Visa and MasterCard confirm that more than 50,000 cards were breached in Global Payments hack

INFOSEC ISLAND
NIST: Technical Guidance For Evaluating Electronic Health Records
Federal standards group outlines formal procedures for evaluating the usability of HER systems

STUFF.CO.NZ
Anonymous Blamed For McCully Email Hack
New Zealand Foreign Minister's private Web mail account was compromised, though not by a self-described Russian hacker, who took credit

SACRAMENTO BEE
Virginia Firm Completes Purchase Of HBGary In Sacramento
ManTech International Corp. completes buyout of troubled security firm

CYBER WAR NEWS
Anonymous And LulzSec Hackers Evolving To Target Corporate Data To Cause Financial Pain
Hacktivists groups want to hurt companies in the pocketbook rather than just making them look bad online, experts say

KREBS ON SECURITY
Global Payments: Rumor And Innuendo
Selected news from the major breach affecting Visa and MasterCard users

PC WORLD
Malware, Phishing Gather In North America
Annual study by Websense indicates that more malware hosting and phishing are coming out of the U.S. and Canada

SOPHOS
UK Government Plans To Spy On Email, Web, And Internet Phone Use
Proposed legislation would allow authorities to monitor users' Internet activity

PC WORLD
IT Must Change Security Strategies To Keep Up With Cybercriminals
Organizations must adopt a more strategic approach to risk management, experts say

INFOSEC ISLAND
Cyber Criminals Top Secret Service Most Wanted List
Sophisticated cyberschemes have overtaken tradition check washing and counterfeiting operations, officials say

NDU PRESS
Sailing The Cyber Sea
Maritime law and Internet regulation offer some interesting parallels

BBC
Pastebin: Running The Site Where Hackers Publicize Their Attacks
A look at the place where Anonymous and other hackers often roll out their booty

INFO SECURITY
Blackhole: The One-Day Exploit Kit
Newest update includes a new Java vulnerability, ESET says

GOOGLE SECURITY BLOG
An Improved Google Authenticator App To Celebrate Millions Of 2-Step Verification Users
Millions of users now use Google's two-factor authentication now, and the search engine giant has now released Google Authenticator, a mobile app for Android users that supports two-factor authentication

TECH TARGET
Future Of SIEM Market Hinges On Lessons Learned From Past Mistakes
Interfaces and wizards are a lot easier to use, and automated threat responses have become more reliable and SMBs are finally able to use them more easily and affordably

ASSOCIATED PRESS
Lost Data May Have Exposed 800,000 People In Calif.
A disaster preparedness exercise for data in California's child support system went awry when four storage devices containing the Social Security numbers and other information of about 800,000 adults and children went missing between Boulder, Colo., and Sacramento, Calif., this month as IBM and Iron Mountain were in possession of the devices

THE NEW YORK TIMES
Case Based In China Puts A Face On Persistent Hacking
Cyberattacks on companies in Japan and India and to Tibetan activists has been linked to a former graduate student at a Chinese university that receives government financing for its research in computer network defense

VANITY FAIR
World War 3.0
A look at the struggle among who should control the Internet, including a look at repressive regimes, corporations, hackers, and law enforcement

CRICKET ON DNS
Could A DDoS Attack Against The Roots Succeed?
A look at why reported threats by Anonymous to "shut down the Internet" on March 31 would be difficult given Anycast and caching

TREND MICRO BLOG
More Than 90 Attacks Uncovered In APT Campaign
The so-called Luckycat advanced persistent threat-style cyberattack campaign not only targeted military research in India, but also organizations in Japan and India, including Tibetan activists. Among the other industries targeted are aerospace, energy, engineering, and shipping

HEALTHCARE INFO SECURITY
VA Ramps Up Security Training
Will deny network access to those lacking updated education

HELP NET SECURITY
Scammers Advertise Pinterest Bots On Facebook
Internet fraudsters launch paid advertising campaign on Facebook targeting Pinterest fans

HELP NET SECURITY
MasterCard Releases Tool That Predicts E-Commerce Fraud
New tool could help merchants mitigate the risk of fraud in online transactions

THE INQUIRER
European Hackers Will Face Two Years In Prison
Europe votes in favor of strict sentencing