Source Code can’t be stolen under federal law, court rules

The government’s effort to prosecute corporate espionage was dealt a setback today when a federal appeals court ruled that downloaded code did not qualify as stolen under a federal theft statute

via Code can’t be stolen under federal law, court rules | Security & Privacy – CNET News.

Web attacks use smart redirection to evade URL security scanners

Security researchers from antivirus vendor ESET have come across new Web-based malware attacks that try to evade URL security scanners by checking for the presence of mouse cursor movement

via Web attacks use smart redirection to evade URL security scanners.

pcitube.com – PCI DSS Videos

pcitube – PCI DSS Videos

PCI Tube attempts to collect quality videos for PCI DSS at one location

via pcitube – PCI DSS Videos.

Fast-growing Flashback Botnet Includes Over 600,000 Macs

More than 600,000 Macs have been infected with a new version of the Flashback Trojan horse that’s being installed on people’s computers with the help of Java exploits

via Fast-growing Flashback Botnet Includes Over 600,000 Macs, Malware Experts Say | PCWorld Business Center.

Mastercard, Visa Warn of Possible Security Breach: CNBC

MasterCard and Visa are warning banks about a possible security breach at a U.S.-based processor that could affect millions of credit-card holders

via Mastercard, Visa Warn of Possible Security Breach: Report   – US  Business News – CNBC.

Researchers find new type of ‘fileless’ malware

Researchers have discovered an extremely rare and possibly unique form of “fileless” malware that executes entirely in memory without the need to save any files to the hard drive of a victim’s PC.

The latest discovery was made by Kaspersky Lab, which received reports of a malware attack hitting a common Java vulnerability (CVE-2011-3544) on Russian websites, but without appearing to drop any files in order to instigate a conventional Trojan attack

via Researchers find new type of ‘fileless’ malware.

Most fraud against businesses from bad checks, not electronic payments

When it comes to financial fraud against businesses, it’s old-fashioned paper checks that wreak more monetary damage than fraud committed through electronic payments, such as debit/credit, corporate cards, or Automated Clearinghouse (ACH) payments

via Most fraud against businesses from bad checks, not electronic payments.

Cloud security registry slow to catch on

Last August the Cloud Security Alliance (CSA) announced at the Black Hat security conference in Las Vegas a registry that it hoped would serve as a place for prospective cloud users to go to easily inspect and compare cloud vendors’ security controls. But to date, only three companies have submitted their cloud security data, making the registry of limited use

via Cloud security registry slow to catch on.

40% of U.S. government Web sites fail security test

Approximately 40% of federal government agencies are out of compliance with a regulation that requires them to deploy an extra layer of authentication on their Web sites to prevent hackers from hijacking Web traffic and redirecting it to bogus sites

via 40% of U.S. government Web sites fail security test.

FISMA compliance eludes agencies — Federal Computer Week

Only seven out of 24 agencies are more than 90 percent compliant with the Federal Information Security Management requirements, and more than half saw their compliance score decline compared to last fiscal year’s numbers, according to an Office of Management and Budget review.

via FISMA compliance eludes agencies — Federal Computer Week.