Global Breach Date Now Jan. 2011 Visa, MasterCard Offer Revised Timeline "Visa and MasterCard issued new alerts on May 15 that suggest the breach at payments processor Global Payments Inc. dates back to January 2011 - an exposure window significantly longer than what was originally reported when news of the breach surfaced in late March...." (more) | Utah Breach: Governor Takes Action "Utah Gov. Gary Herbert has taken several steps, including replacing the state's chief technology officer, in the wake of a hacker attack against an unencrypted server that exposed state health department information on 780,000 individuals...." (more) | NwHIN Comments Due June 14 Announcement About HIE Standards Posted "Comments are due June 14 on preliminary plans for voluntary national standards, including privacy and security guidelines, for health information exchanges...." (more) | Man Hacks Facebook Account, Posts Sexually Explicit Photos Of Woman "The article below took place Monday May 14, 2012...." (more) | Taking An Adversarial Approach in Cybersecurity "It is no secret that nation states like China and Russia are attacking U.S.-based businesses in an attempt to steal valuable trade secrets...." (more) | GAtOmAlO2 Is @_th3j35t3r "I as soon as a friend heard the news of the th3j35t3r and @cubespherical were at each other I went on to twitter and pick up the name...." (more) | Microsoft Funds a Russian BitTorrent Killer "A Russian startup developer is claiming to have a new method for tracking and shutting down any trading of copyrighted works on BitTorrent, and they are getting help from Microsoft to keep the development going...." (more) | Privacy advocates fear CISPA "Privacy advocates are riled up after the recent passing of the controversial Cyber Intelligence Sharing and Protection Act by the House, which occurred despite opposition from privacy advocates, lawmakers and the White House...." (more) | Understanding 'Big Data' Preserving the Meaning is Industry's Greatest Challenge "Banks have a lot of data, but how well is it integrated?..." (more) | Key Phish Phry Player Sentenced "A U.S. District Court in Los Angeles has sentenced Nichole Michelle Merzi, a key figure in an international cybercrime ring that between 2008 and 2009 drained thousands of dollars from U.S. bank accounts...." (more) | Hijacked Web Sites Among The Most Visited On Google's Black List "Legitimate Web sites that have been hijacked and used to serve malicious content greately outnumber malicious sites on a list of the most-trafficked sites on Google's blacklist, according to analysis by security firm Zscaler...." (more) | Microsoft's SDL Expands Beyond Redmond "It's been more than 10 years now since Microsoft began the initiative that would eventually become Trustworthy Computing, and while the effects it's had inside the company have been well documented, the utility and adoption of the Security Development Lifecycle by outside organizations and customers is less well-known...." (more) | Seminal fraud, AML case on bank liability to victim hits grave juncture with US judge "Facing an unprecedentedly grave hearing on Thursday, May 17, before federal district Judge Marcia G Cooke at which she will consider punishment of TD Bank and its former lawyers at Greenberg Traurig for doctoring and withholding damaging evidence, employees of the two huge organizations have begun lawyering up...." (more) | .Pirate Domains Now Available Through OpenNic "The internet is built of services...." (more) | IP-Address Cant Even Identify a State, BitTorrent Judge Rules "The mass-BitTorrent lawsuits that are sweeping the United States are in a heap of trouble...." (more) | Beyond CISPA: The cybersecurity bills you need to worry about right now "With CISA pushed to the back burner, the Senate is set to consider two alternative cybersecurity bills, both of which are far more expansive than CISPA and each with many of the same problems, according to privacy advocates...." (more) | DHS Warns About Threat Of Mobile Devices In Healthcare "In a bulletin, the Department of Homeland Security (DHS) is warning healthcare organizations about the threat posed by insecure, network attached medical devices and the proliferation of smart phones, tablet PCs and other mobile devices in medical settings...." (more) | Online travel most vulnerable to email attacks "Agari released its first TrustIndex, a quarterly measurement that applies Agaris big data insights to score email attack vulnerability and email trust by industry...." (more) | Banking Trojan masquerading as Chrome installer "Brazilian and Peruvian users looking to install Google's Chrome browser are in grave danger of downloading information-stealing malware instead."We recently found some suspicious looking URLs which suggest that a malicious file named ChromeSetup...." (more) | Zeus variant tricks Facebook users into exposing card data "A new variant of the Zeus trojan tricks users into exposing their debit card details by displaying rogue offers when they visit Facebook, Gmail, Yahoo and Hotmail, according to researchers from security firm Trusteer."We've recently discovered a series of attacks being carried out by a P2P [peer-to-peer] variant of the Zeus platform against some of the Internet's leading online services and websites," Trusteer CTO Amit Klein said in a blog post Tuesday...." (more) | 700,000 Affected in Home Care Breach "Personal information for more than 700,000 home care providers and recipients was lost in the mail, according to the California Department of Social Services...." (more) | VA Seeks Comments on Records Privacy - Policies for Virtual Lifetime Electronic Record Outlined "The Department of Veterans Affairs is seeking comments on proposed privacy practices for the Virtual Lifetime Electronic Record project now in development...." (more) | 10 Practices to Secure the Supply Chain - NIST Drafting New Guidance to Mitigate Supply Chain Risk "Guidance that identifies 10 overarching practices to mitigate supply chain risks is being developed by the National Institute of Standards and Technology...." (more) | I Hope Edo is Worth the Privacy Risk "About a week ago, I read on Techcrunch about this new daily deal service called edo that ties to your bank account, and the first thing that came to my mind is uh oh, another attack vector into my bank info...." (more) | Dutch MoD Innovation Competition 2012: CYBER Operations 2.0 "The Dutch Ministry of Defense's (MoD) annually issues a "Defense Innovation Competition" is a competition that is intended to get input from and foster relations with Dutch industry and SME...." (more) |

writing #malware reports 101: what goes in? http://t.co/dLmWkPvx | The Adventures of Packet Tracy, PI http://t.co/9Qqm8V3T | Manual unpacking of UPX using OllyDbg http://t.co/kkIAlUGq | A Look at object confusion vulnerability (CVE-2012-0779) in Adobe Flash http://t.co/zJ1lSbLh | our take of preparing for insider threats: keep notes and keep digital bit level photocopies http://t.co/13wPAuBd | Building the network you need with OpenBSD's PF http://t.co/3eDPB0FB | IPv6 first-hop security concerns http://t.co/tAR6dRAK | Debian Administrator's Handbook http://t.co/3XmHgHg8 | Property, privacy and the Twitter subpoena http://t.co/du01lOTQ | "IAmA" malware coder and botnet operator discussing lot's of details of my trade on reddit http://t.co/dV2se1Ee | pathod - a pathological HTTP daemon for testing and torturing client software http://t.co/jeLqqr8R | Confusing the padlock and the favicon in the web browser http://t.co/q39SL6fE | IPv6 Buddy http://t.co/iGmV7wBP | Be your own big brother http://t.co/6TKG8hH9 | ExitProcess shell code http://t.co/llJH2lhV |