Well, this week was pretty lean compared to the plethora of Security topics written last week during RSA. Still, I was able to find a few nuggets that are interesting or noteworthy. I am continuing to see the trends that have emerged recently with respect to Cyber threat and stronger government involvement in driving the future security of the Internet.
Trending Security News
- Cyber threat. As we’ve been promoting for the past year via the Rethinking the Cyber Threat paper, not everything is cybercrime. It is good to see some of the threat coverage starting to break threats out into different categories as well.
- Cybercrooks target vulnerable small businesses, MSNBC
- Cyber Espionage in Georgian Businesses, Finchannel
- Exxon, Shell, BP Said to Have Been Hacked Through Chinese Internet Servers, Bloomberg
- Chinese telecom firm Huawei invites government probe, Hillicon Valley
- Seoul Hotel Break-In Has Makings of a Spy Novel, NYTime
- Collective Defense. To address some of the complex security issues faced by Internet citizens, we need collective action in the defense of the global, shared resource that is the Internet – and it is happening.
- Australia’s voluntary internet filter set for mid-year start ZDNet
- U.S., China Team To Fight Spam Darkreading
- Cyber cops and domain name registrars meet to tackle net crooks Register
- Government is making a comeback. For years, there has been a hands-off policy by governments with respect to the Internet, but that all seems to be changing over the past several months.
- US internet ‘kill switch’ bill gets revision , ZDNet
- Sergei Magnitsky and the Rule of Law in Russia, WSJ
- Russian Official Blames Google Exec For Unrest In Egypt, Huffington Post
- Bill Proposes Chief Security Officers At Federal Agencies, Informationweek
Microsoft Security Blog Picks
- Updated SAFEcode Development Practices Paper, SDL Blog, @michael_howard
- New Backgrounder on Location Based Services and Privacy, Privacy & Safety Blog
- Prevent Tampering of Encrypting Data Using add_authenticator Argument of EncryptByKey, SQL Server Security Blog
Industry Security Blog Picks
- HIPAA fines prove the value of data protection, Naked Security Blog (Sophos)
- Top Ten Web Hacking Techniques of 2011 , Jeremiah Grossman
- How Code Rot Can Lead to Vulnerabilities, ZeroDay Labs Blog
Research, Papers and Media
- Battling the ZBot Threat (paper)
- Collective Defense: Applying Public Health Models to the Internet (paper)
- Rethinking the Cyber Threat (paper)
- Imagine Video: Microsoft Trustworthy Computing (video)
- Video: Collective Defense: Enabling Healthy Devices (video)
Security News Round-up for Microsoft Security
- Microsoft fixes security flaw in malware protection engine
- Microsoft Web Privacy Clears W3C Hurdle
- Microsoft ‘Do Not Track’ Plan Accepted by Web Standards Group W3C
I’d love your views on what else happened in the industry this week that I didn’t mention here – drop me a note with your feedback and suggestions.
Best regards, Jeff