Stories about: ACT

The U.S. government has taken several steps to combat identity theft during the past two years, including increased prosecutions of criminals and decreased use of Social Security numbers to identify constituents, according to a report released Tuesday.

David Kernell is facing five years in prison for allegedly hacking into Alaska Governor Sarah Palin's Yahoo e-mail account, but lawyers watching the case say that the felony charge against him is a bit of a stretch.

A former employee at the US Department of State has pleaded guilty to illegally accessing the confidential passport records of hundreds of celebrities, politicians and other public figures.

Last week Microsoft released MS08-055 [1], patching a remote code execution vulnerability affecting the handling of onenote:// URLs in different versions of Office. What was surprising about the patch is that the vulnerability being fixed only bore a passing resemblance to the one that was notified to Microsoft in March of this year.

The proliferation and popularity of collaborative Web 2.0 sites – there are around 250,000 new registrations to Facebook everyday – has changed the threat landscape and the way businesses need to think about security. Each year, newer technologies and weapons are being unleashed to leave Web users surprised, annoyed and at greater risk.‘Whaling’ or ‘spear phishing’, is one such threat and refers to phishing scams which specifically target high-worth individuals.

The Office of the Privacy Commissioner has issued a practical guide to businesses and government agencies showing them how best to respond in the event of a personal information security breach.

There has been a lot of speculation devoted to the impending release of information about a DNS vulnerability discovered and initially announced by Dan Kaminsky almost two weeks ago. A lot of the coverage has been back and forth arguing about whether what has been discovered is relevant or not but the best thing to have done in the intervening period is to have sat on your hands and waited.

Reformed hacker-turned-security-consultant Kevin Mitnick served five years in federal prison for breaking into phone and software company networks. He talks about his past hacking exploits, computer security, and how he turned an illegal hobby into a useful career.

Remember the old M&M analogy - security is like an M&M candy, hard shell on the outside, soft on the inside. In other words, put up firewalls, built a strong perimeter and you're good to go. Of course, nobody believes that M&M-type security is sufficient in today's world of insider threats, data leakage, mobile workers, thumb drives and sophisticated malware. So, what's the new metaphor? We asked around and came up with a number of interesting and useful ways to think about enterprise security.

The American Civil Liberties Union (ACLU) and the Electronic Frontier Foundation (EFF) are asking a federal court to order the US Department of Justice to turn over records about the agency's tracking of mobile phone users.

You know you're a computer security professional when: