If a user has personal information stored on one Web site, OAuth provides a mechanism for him or her to authorize that Web site to share the data with another Web site or widget. It also makes it possible to do this without the first site having to reveal the user's identity to the second site.
President-elect Barack Obama's cell phone billing records were improperly accessed by employees of Verizon Wireless, CNN reported late on Thursday.
Obama's transition team was informed of the breach by Verizon Wireless representatives on Wednesday, team spokesman Robert Gibbs told the news agency. The Secret Service has been informed, Gibbs said.
The phone, a voice flip-phone with no e-mail access, is no longer active or being used by Obama, the report said. Lists of phone numbers and calls made by Obama could have been accessed, but "nobody was monitoring voicemail," Gibbs is quoted as saying.
Verizon Wireless … Read more
USB thumb drives are convenient, popular and often free--and they're spreading viruses like sailors on shore leave.*
The US-CERT (Computer Emergency Response Team) issued a warning on Thursday that malicious code is increasingly propagating via USB flash drive devices.
Meanwhile, the U.S. Department of Defense has temporarily banned the use of thumb drives, CDs, and other removable storage devices because of the spread of the Agent.bzt virus, a variant of the SillyFDC worm, according to Wired.
We've seen this before with portable external storage devices. Floppy disks were the culprit in the early 1990s, followed by CDs. The fact that USB thumb drives are being used by so many people makes them an attractive target for virus writers.
"The bad guys are intentionally developing new flavors of malware designed to propagate through USB devices," said Gunter Ollmann, chief security strategist for IBM's ISS security division. "They are today's floppy drives."
But USB drives are even handier. Their small size makes them easy to slip into a pocket or carry on a lanyard around your neck. A common swag item in the tech industry, they also are mainstream consumer storage devices. They literally litter my desk drawers.
There are a couple of ways USB thumb drives can be used to spread viruses and other malicious software.
Since its introduction in 2006, Microsoft's Windows Live OneCare has altered the antivirus landscape. With Tuesday's announcement that Microsoft will no longer be selling the product in retail outlets but offering a new free version, code-named Morro, starting in the second half of 2009, it's sure to change the field once again.
Since Microsoft bought Romania-based antivirus firm GeCad five years ago, there has been fear among the commercial antivirus vendors that the software giant would simply bundle its malware protection within the next version of Windows. While that didn't happen--and it's unlikely to happen… Read more
Updated at 6:15 p.m. PST with Microsoft and McAfee comment, at 5:30 p.m. with Sophos comment, and at 4:40 p.m. with customer comment.
Microsoft on Tuesday said it is changing its strategy for offering PC antivirus software, with plans to discontinue its subscription-based consumer security suite and instead offer individuals free software to protect their PCs.
Code-named Morro, the new offering will be available in the second half of 2009 and will protect against viruses, spyware, rootkits, and Trojans, the company said in a statement.
With the arrival of Morro, Microsoft plans to stop … Read more
A U.S. District Court has temporarily halted the sale of RemoteSpy keylogger spyware at the request of the Federal Trade Commission, which claims the software violates the FTC Act.
The FTC filed a complaint (PDF) against Florida-based CyberSpy Software on November 5, alleging the company has violated the FTC Act by selling software that can be deployed remotely by someone other than the owner or authorized user of a computer, can be installed without the owner's knowledge, and can used to surreptitiously collect and disclose personal information. The FTC also claims CyberSpy unfairly collected and stored personal information … Read more
Breaking with the recent stream of bad news, disk drive manufacturers Fujitsu, Hitachi, and Seagate Technologies all announced encrypting hard drives over the past few weeks.
The three disk drive amigos announced a number of new models featuring things like 256-bit encryption, 500GB of capacity, and up to 16MB of disk-based cache memory. As far as availability goes, all three vendors will offer multiple encrypting hard drive models in 2009.
Users should anticipate a whole bunch of new PCs featuring encrypting hard drives in 2009. As this happens, security professionals should:
Embrace the technology. Attention IT, you are looking … Read more
Equifax on Thursday introduced it's first information card or I-card, Equifax Over 18 card. I-cards are envisioned to be the online equivalent of a driver's license, passport, or similar ID. The basic idea is that customers would have an electronic wallet with various information cards that would allow customers to bypass typing in user names and passwords.
In this case, the Equifax card proves--via a trusted third party--that you are over 18 when accessing specially marked Web sites. "With fraud and identity theft on the rise, companies need better, more secure ways to conduct transactions online and … Read more
CA announced Thursday plans to acquire Israel-based Eurekify, in a move to expand its identity and access management software portfolio.
IT management software company aims to use Eurekify's analytics engine to reduce the time and effort it takes for customers to shift through employee's duties and responsibilities and to monitor their access management settings.
The combined CA Identity Manager and Eurekify Enterprise Role Manager will aim to help customers clean up existing identity data and build a model that "serves as the foundation to automate the user provisioning process and enhances identity lifecycle management," according to … Read more
IT professionals surveyed worldwide said they think their own employees pose a more serious security threat than outsiders, and often it's because of personal use of corporate assets, according to the third and final report based on a 2008 survey (PDF) commissioned by Cisco Systems and released Wednesday.
Other findings include: One in five Brazilian IT professionals said they think their employees are less diligent around protecting corporate data. And in China and in India, IT professionals are most concerned with data thefts through the use of USB devices including thumb drives and iPods in the workplace.
According to … Read more