Attack of the open source zombies

A cluster of web servers serving both legitimate content and malware:
http://www.theregister.co.uk/2009/09/12/linux_zombies_push_malware/

RSA whitepaper on security implications of virtualised environments

Although fairly VMWare/EMC centric in the solutions section, this paper raises some important considerations with regards to security in a virtualised environment related to:

1. Platform hardening,
2. Configuration and change management,
3. Administrative access control,
4. Network security and segmentation,
5. Audit logging.

Registration required:
https://rsa-email.rsa.com/servlet/campaignrespondent?_ID_=rsa.4696&WPID=10393

Clampi Trojan: bigger and better

Another professionally written piece of malware:
http://www.darkreading.com/database_security/security/attacks/showArticle.jhtml?articleID=218800077
http://news.cnet.com/8301-27080_3-10298233-245.html?part=rss&subj=news&tag=2547-1009_3-0-20

Your mobile number available to anyone?

This looks like a genuine worry:
http://news.bbc.co.uk/1/hi/programmes/working_lunch/8091621.stm

This potentially opens the door to more SMS spam to find its way to your inbox.

This should be an opt in service rather than opt out.

You can either send a text to 118800 or do it on their website, which must be hammered as it is down:
http://www.118800.co.uk/

The Guardian seems to confirm this:
http://www.guardian.co.uk/money/2009/jul/13/mobile-phone-directory-suspended

Kon Boot illustrates why physical security still matters most

http://www.piotrbania.com/all/kon-boot/

This little utility allows modification of the Windows and LINUX kernel whilst booting to allow log on without knowing the password.

Crypto attack puts digital sig hash on collision course

At the register:
http://www.theregister.co.uk/2009/06/10/digital_signature_weakness/

NHS had 140 security breaches for the first four months of 2009

http://www.independent.co.uk/news/uk/politics/nhs-loses-thousands-of-medical-records-1690398.html