SC Magazine

Cloud computing creates security problems that most organizations have not yet had to face on a large scale: protecting data when the location of the data is generally unknown. Encryption is a useful tool for solving this problem, but using it in the cloud is hard because of the key management problems that this causes. Fully federated key management can provide the basis for protecting sensitive data in the cloud, and it's probably the basis for how we'll eventually protect such data. Let's look at exactly what this means and how it will probably work.Key managementA cryptographic key is much like the combination to ... Read Full Story

Two draft bills intended to improve the security of cyberspace were combined into one piece of legislation that was passed Wednesday by the House Committee on Science and Technology.The Cybersecurity Enhancement Act of 2009, would support cybersecurity research and development and advance the creation of international cybersecurity standards. “[This legislation] is based on the concept that in order to improve the security of our networked systems, which are fundamentally both public and private in nature, the federal government must work in concert with the private sector,” Bart Gordon, D-Ill., chairman of the House Committee on Science and Technology, said in his opening statement on ... Read Full Story

Authorities in the U.K. have charged two 20-year-olds for their roles in the distribution of the destructive Zeus data-stealing trojan.The arrests mark the first time anyone in Europe has been charged in connection with the notorious malware, which spreads through socially engineering phishing messages and is blamed for tens of millions in global banking losses over recent months.On Nov. 3, authorities from London's Metropolitan Police's Central e-Crime Unit, in conjunction with the Greater Manchester Police, charged a man and a woman with violating the 1990 Computer Misuse Act and 2006 Fraud Act, according to a news release issued Wednesday. Police did not list the ... Read Full Story

Cyberattackers will target Windows 7 and spam volumes will spike next year, according to a recently released Symantec report covering internet security trends. The report, entitled Security and Storage Trends to Watch, looked back to examine the top internet security trends of 2009 and offered up some likely areas of concern for the coming year. According to Zulfikar Ramzan, technical director, Symantec Security Response, and Paul Wood, senior analyst, MessageLabs Intelligence, discussing the findings on a conference call on Tuesday, it's difficult to pinpoint one particular key trend that has been most pervasive in 2009, but drive-by downloads and rogue security software rose to ... Read Full Story

A malicious spam campaign masquerading this weekend as a message from Verizon Wireless was propagating the Zeus trojan, according to researchers at internet security vendor SonicWALL.The messages, which seemed to be coming from Verizon Wireless Customer Service, falsely informed recipients that their credit balance was over the limit and asked them to check their account details by using a tool attached to the message. The message was not really from Verizon Wireless and the attachment contained the notorious data-stealing trojan Zeus, also known as Zbot, researchers at SonicWALL said.Deepen Desai, senior software engineer at SonicWALL, told SCMagazineUS.com on Monday that the malicious messages started ... Read Full Story