Ceptera Security Newswire

Orphaned Bots Facing Internet Blackout

Gray Grantham — Wed, 22 Feb 2012 23:05:51 +0000

DNSChanger botnet takedown poses unique challenges and risks that other botnet overthrows do not

Can You Delete A Database?

Gray Grantham — Wed, 22 Feb 2012 23:05:51 +0000

Data and databases keep growing, but there’s a security tradeoff

Gatekeeper and the Choice of Security for Mac Users

Gray Grantham — Wed, 22 Feb 2012 20:36:26 +0000

Context is a funny thing. In most segments of society, Apple is seen as an exemplary company, with an unrivaled record of innovation, much-admired ad campaigns and a stock price that is the envy of every company not named Google. But in the security community, Apple is regarded with some combination of disbelief, confusion and the disdain that once was reserved for Microsoft.

Consumer group files FTC complaint against Google

Gray Grantham — Wed, 22 Feb 2012 20:04:33 +0000

From Google’s privacy policy change to Google overriding browser default settings, the FTC is getting an earful from privacy groups and lawmakers.

Originally posted at InSecurity Complex

Tech firms agree to privacy protections for mobile apps

Gray Grantham — Wed, 22 Feb 2012 20:01:00 +0000

In an effort led by California’s attorney general, Apple, Google, Microsoft, and others have agreed to require developers to inform users about data usage policies before they download apps.

Originally posted at InSecurity Complex

NIST, Maryland Plan New Cybersecurity Center

Gray Grantham — Wed, 22 Feb 2012 18:49:33 +0000

The US National Institute of Standards and Technology (NIST) announced plans Tuesday to break ground on a new center that will be committed to cybersecurity research. The National Cybersecurity Center of Excellence will be built near NIST’s Gaithersburg, Md., campus in hopes of strengthening the country’s cybersecurity products and services.

Groupon Piggyback Site Offers $500 Voucher, Charges Users for Allegedly ‘Free’ Trial Offers

Gray Grantham — Wed, 22 Feb 2012 18:45:08 +0000

A domain registered two days ago as groupon500.com, which claims to offer a $500 voucher toward Groupon or its primary competitor, LivingSocial, is actually registering users for ‘free’ trial offers that aren’t free at all. The best part, however, is that everything about this scam is perfectly legal according to Zscaler’s Julien Sobrier.

Five Schemes For Redeeming Trust In SSL

Gray Grantham — Wed, 22 Feb 2012 17:03:14 +0000

Creativity loves constraint and for security thinkers trying to shore up Web authentication today, that constraint is SSL/TLS

Disclosure Clouded By Obscurity

Gray Grantham — Wed, 22 Feb 2012 17:03:14 +0000

Shockingly the responsible disclosure debate rears its head once again, and amazingly enough some vendors still don’t get it. Guess we’ll never learn

Waves of Attacks Target Adobe Reader Bug From 2010

Gray Grantham — Wed, 22 Feb 2012 15:45:46 +0000

Thanks to the wonderful tendency of users not to update their applications, old vulnerabilities never die, they just get overtaken by newer and shinier ones. The attackers know this well, and every once in a while they serve up a nice reminder to the rest of us. The most recent one of these is a string of attacks against an Adobe Reader vulnerability from 2010.