MI-80 De Oppresso Liber

An Internet service provider associated with online crime and child pornography briefly came back online over the weekend before being cut off again, according to security vendors.

http://www.networkworld.com/news/2008/111708-dodgy-isp-briefly-comes-onl...

Just how rampant is piracy in PC casual gaming? In a startling instalment of his regular Gamasutra column, Reflexive's director of marketing Russell Carroll (Wik, Ricochet) reveals the 92% piracy rate for one of his company's games, and what worked (and didn't work) when they tried to fix it.

http://www.gamasutra.com/php-bin/news_index.php?story=17350

Apple on Friday added anti-phishing protection to Safari, the last major browser to receive the feature that blocks known identity-stealing sites. The company also patched 11 security bugs in the program, the bulk of them specific to the Microsoft Windows version.

http://computerworld.co.nz/news.nsf/scrt/4317956CC0072B3CCC257503007E66AF

French record labels have received the green light to sue four US-based companies that develop P2P applications, including the BitTorrent client Vuze, Limewire and Morpheus. Shareaza is the fourth application, for which the labels are going after the open source development platform SourceForge.

http://torrentfreak.com/record-labels-to-sue-vuze-limewire-and-sourcefor...

A Homeland Security report cites poorly guarded computers and a lack of measures to keep equipment from being disabled by heat, fires or quakes. Remedial steps are supposed to be taken.

http://www.latimes.com/news/printedition/california/la-me-security15-200...

Academic researchers have found an exploitable hole in a popular form of wireless networking encryption. The hole is in a part of 802.11i that forms the basis of WiFi Protected Access (WPA), so it could affect routers worldwide. German graduate student Erik Tews will present a paper at next week's PacSec in Tokyo coauthored with fellow student and aircrack-ng team member Martin Beck that reveals how remnants of WPA's predecessor allow them to slip a knife into a crack in the encryption scheme and send bogus data to an unsuspecting WiFi client.

http://arstechnica.com/articles/paedia/wpa-cracked.ars/1

Survey highlights vulnerability of web servers to Kaminsky cache poisoning flaw

http://www.vnunet.com/vnunet/news/2230170/four-public-dns-servers

For the first time in the United States, a law specifies that encryption be used for the transmission of any electronic data. Nevada's NRS 597.970, which went into effect on Oct. 1, states: “A business in this State shall not transfer any personal information of a customer through an electronic transmission other than a facsimile to a person outside of the secure system of the business unless the business uses encryption to ensure the security of electronic transmission.”

http://www.scmagazineus.com/Nations-first-encryption-law/article/120402/

Google has pulled the plug on a search-ad partnership with Yahoo that would have given Yahoo major new revenue but that raised antitrust concerns.

http://news.cnet.com/8301-1023_3-10082800-93.html?tag=newsLeadStoriesArea.0

Corporate bloggers need to pay as much attention to the security of their blogs as they do in writing them, to avoid being hacked. The two main threats bloggers face are comment spam and SQL injection attacks. Both Blogger and Wordpress have been vulnerable to SQL injection attacks, and don’t provide enough care when validating SQL queries. This is particularly bad news for corporate bloggers because any form of external interference with your blog can have a detrimental effect on your organisation’s reputation and credibility.

http://community.zdnet.co.uk/blog/0,1000000567,10009709o-2000537720b,00.htm

First Internet attack spawned panic, public awareness and security research

http://www.networkworld.com/cgi-bin/mailto/x.cgi?pagetosend=/export/home...

Last week, Chinese hackers were posting fake links promising to fix Microsoft's "black screen of death" -- the links lead to malware that attempts to attack visitors' computers.

http://www.informationweek.com/blog/main/archives/2008/10/microsofts_bla...

Well-known PS3 hacker opens potential floodgates to homebrew and pirates.

http://www.1up.com/do/newsStory?cId=3170931

Russian software company is behind a security scam to diddle millions out of foreigners.

http://www.itexaminer.com/russian-scareware-named-and-shamed-by-hacker.aspx

Internet research firm Netcraft's toolbar has detected a cross-site scripting bug in Yahoo that could be exploited to steal authentication cookies.

http://www.scmagazineus.com/Yahoos-HotJobs-site-vulnerable-to-cross-site...

Flaw rated critical for users of Windows 2000, XP and Server 2003

http://www.computerworld.com/action/article.do?command=viewArticleBasic&...

Airport security in America is a sham—“security theater” designed to make travelers feel better and catch stupid terrorists. Smart ones can get through security with fake boarding passes and all manner of prohibited items—as our correspondent did with ease.

http://www.theatlantic.com/doc/200811/airport-security

Imagine if electronic devices in the U.S. were disabled. Your car would not run. You couldn't make a phone call. Television, radio, GPS, computers and their related financial and military systems could be down. Power could be out for as long as two years.

http://www.marketwatch.com/news/story/providing-power-there-none-instant...

Adobe Systems Inc. patched five vulnerabilities in Flash today, including one that could be used in "clickjacking" attacks to secretly spy on users through their webcams.

http://www.computerworld.com/action/article.do?command=viewArticleBasic&...

Eight years after knocking Yahoo offline, a former teenage hacker is now a legitimate security consultant.

http://pcworld.idg.com.au/index.php/id;233386890