Security roundup for week ending Nov. 18: Facebook, Norway oil-industry cyberattacks, and why virtualization and mobile devices mean security stress

---

• Security roundup for week ending Nov. 18: Facebook, Norway oil-industry cyberattacks, and why virtualization and mobile devices mean security stress
• EU parliamentarians speak out over gag order on data deal
• Google Chrome update addresses high-severity flaw
• Feds back off on Jan.1 eHealth standards deadline
• Google, Microsoft, Intel, Verizon among new cloud-security registry members
• US business leaders complain about China's Web control
• Don't blame Anonymous for Facebook porn storm, says researcher

Security roundup for week ending Nov. 18: Facebook, Norway oil-industry cyberattacks, and why virtualization and mobile devices mean security stress Posted: 18 Nov 2011 08:27 AM PST Last week's flood of pornographic and violent images that hit Facebook was a coordinated spam attack that caught the attention of the world. But less remarked-upon and perhaps more sinister was what may have been a denial-of-service attack on many organizations' DNS servers, based on an exploit of the BIND 9 protocol, temporarily knocking their networks offline. The Internet Systems Consortium (ISC), which maintains several software products essential for Internet infrastructure, released a patch that's something of an interim fix for this and said it would conduct an investigation. This kind of attack -- which incapacitates entire networks, as it did in this case -- is truly worrisome.

EU parliamentarians speak out over gag order on data deal Posted: 18 Nov 2011 05:52 AM PST A leading Member of the European Parliament (MEP) has said that she will not be gagged on the shortcomings of a new deal to pass European airline travelers' information to the United States.

Google Chrome update addresses high-severity flaw Posted: 18 Nov 2011 02:36 AM PST Google has released an update for Chrome 15 which addresses a high-risk vulnerability. The security issue is the result of an out-of-bounds memory write in the browser's JavaScript engine.

Feds back off on Jan.1 eHealth standards deadline Posted: 17 Nov 2011 01:48 AM PST The Centers for Medicare & Medicaid Services is delaying by 90 days the enforcement deadline by which healthcare providers must roll out a new version of the standard governing how medical transactions are processed.

Google, Microsoft, Intel, Verizon among new cloud-security registry members Posted: 17 Nov 2011 12:12 AM PST Google, Verizon, Intel, McAfee and Microsoft are joining a voluntary program set up by the Cloud Security Alliance that provides public information about whether contributors comply with CSA-recommended cloud-security practices.

US business leaders complain about China's Web control Posted: 16 Nov 2011 11:25 PM PST The Chinese government is using Internet censorship as a trade weapon against U.S. tech companies trying to do business there, leaders of two business organizations have told a U.S. government commission focused on human rights in China.

Don't blame Anonymous for Facebook porn storm, says researcher Posted: 16 Nov 2011 09:58 PM PST The recent spam attack that planted pornographic images on Facebook was not the work of Anonymous, a security researcher said today.

You are subscribed to email updates from "Cisco" via Ehsan in Google Reader To stop receiving these emails, you may unsubscribe now.	Email delivery powered by Google
Google Inc., 20 West Kinzie, Chicago IL USA 60610