September, 2008:

• Popular websites fall victim to CSRF exploits
• Washington state, Microsoft announce "scareware" suits
• Auctioned server becomes security nightmare
• "Clickjacking" poses major web browser threat
• Adobe vulnerability exploits are mounting
• Cisco patches 12 vulnerabilities
• Karen Evans, administrator of e-government and IT, OMB
• Paul Kurtz, executive director, SAFECode; partner, Good Harbor Consulting LLC
• New certification to stress software lifecycle safety
• Study: Few internet users exercise caution
• Group tells FTC more RFID security guidance is needed
• No charges in Palin hacker investigation
• Firefox fixes security holes with release of 3.0.2
• Palin email "hack" underscores need for stronger authentication
• Combining SIEM, log management and centralized security and compliance management
• Second TJX hacker pleads guilty
• Android is no iPhone, yet
• Bogus Facebook emails pass trojans
• October 2008: The better CSO
• The cybercrime arms race
• U.S.-based computers launch most cyberattacks
• Record number of active viruses measured
• McAfee to purchase Secure Computing for $465 million
• September 22, 2008: The Sarah Palin email hack
• What can we learn from the Palin email hack?
• Edward Lowery, assistant special agent in charge, Criminal Investigative Division, U.S. Secret Service
• Cybercrime bill passes House, awaits Bush signature
• Report: 60 percent of businesses hit by cybercrime
• Hacker answered personal questions to steal Palin password
• Joe Jarzombek, director for software assurance, National Cyber Security Division, U.S. Department of Homeland Security
• Felix Ramirez, IT risk advisor, Riebeeck Associates
• Louis Freeh, former director, FBI
• M. Eric Johnson, director, Tuck Glassmeyer/McNamee Center for Digital Strategies, and professor, Operations Management, Tuck School of Business, Dartmouth College
• Jeff Debrosse, North American research director, ESET
• Jonathan Gossels, president and CEO, SystemExperts
• Michele Edson, senior vice president, Financial Institution Shared Assessments
• Robert Parham Jr., director, Information Security Governance, Horizon Blue Cross Blue Shield NJ
• Troy Leach, technical director, PCI Security Standards Council
• QuickTime exploit disclosed for 1-week-old version
• Study: Companies increasingly wary of cybercrime
• Missing flash drive contains personal data on Tennessee State U students
• Forever 21 discloses breach ongoing for three years
• Lysa Myers, director of research, West Coast Labs
• Palin's personal email account hacked, contents leaked
• Microsoft to release secure development tools
• Hackers prevent research on malicious code
• Brad Pitt, Beyonce, most exploited stars in cyberspace
• Hot or not: What you need to know to keep Mac OS X secure
• Apple fixes another DNS vulnerability
• Google Docs flaw could allow others to see personal files
• BusinessWeek website compromised
• Spam, malware spread by Google Groups
• Protection program defeats keyloggers
• Firefox adds privacy mode
• CTO defends researcher's decision to reveal SCADA exploit
• Anti-spam law struck down as unconstitutional
• PCI 1.2 arrives - and the changes seem dealable
• U.S. intellectual property protection goes worldwide
• Computer security legal parallels
• Researchers uncover new tool for building fake YouTube pages
• Royal Hansen, vice president, Information Risk, Goldman Sachs
• Health information security standard issued
• Five ways to clean your firewall of clutter and stay secure
• It's time to think differently about protecting data
• Norman Levine, IT compliance manager, HBO
• Apple pushes out updates for QuickTime, iTunes
• Pump and dump hacker sentenced
• Marina Roesler, head of Global Technology Audit, Goldman Sachs
• Removing admin rights to secure desktops
• Robert West, founder and CEO, Echelon One
• Microsoft patches eight critical vulnerabilities in four patches
• Obama campaign target of “sex scandal” spam
• Security holes in nascent Google Chrome patched
• Clint Kreitner retires from CIS
• On-demand web security solutions Zscaler launches
• Newest edition of computer security book released
• Lane Bess named CEO of Palo Alto Networks
• Purewire security-as-a-service firm launches
• Merlin International and CA partner with Dept. of Veteran Affairs
• New educational website offers DLP-related information
• Richard Turner appointed CEO of Clearswift
• Frederick Ball named chief financial officer of Webroot
• W. Hord Tipton named executive director at (ISC)2
• September 8, 2008: Rock Phish group upgrades criminal infrastructure
• Trojans dominate top ten virus threats
• Adrian Seccombe, CISO and senior enterprise information architect, Eli Lilly and Company, and Jericho Forum board member
• CIS to release consensus IT security metrics
• Good web application security requires multiple approaches
• Attack code released for SCADA software vulnerability
• Authenticating Rx orders: Dublin Methodist Hospital and Imprivata
• Do the crime, do the time...in the U.S.
• Comply with Red Flag rules
• Companies look inward
• Collaborating against e-crime
• The end of anti-virus?
• SC World Congress 2008
• Slurping the USB port
• Promoting by open exploration
• Friendly fire
• Convergence factor
• Focus on the individual for best security
• A career survey worth responding to
• Unauthorized web servers connected to IRS network
• Phishing drops as Rock Phish invests in technology updgrade
• Yonesy Nuñez, global manager, IT governance, security & compliance, Pall Corp.
• Edward Jestin, chief information security officer, Lehman Brothers.
• Carlos Recalde, senior vice president, Lehman Brothers
• Mohd Noor Amin, chairman, International Multilateral Partnership Against Cyber-Terrorism
• Mark Lobel, principal, Pricewaterhouse Coopers
• Microsoft readies four patches in end-of-summer update
• Secure Computing buys Securify
• Botnet spread skyrockets in summer
• VMware delivers fixes for multiple flaws
• Google Chrome flaws come soon after browser release
• Network health
• Phishing awareness up, anti-spyware unused
• Google's inaugural browser comes with security focus, including sandboxed sessions
• Experts warn of hurricane-related website scams
• Study: Spammers employ alphabetic techniques
• September 2, 2008: DNSSEC mandated for federal agencies