A weekly feature highlighting news stories, reports and editorials of interest to IT and security managers. Also see stories including SecureWorks news, press releases, and research.

Gartner: Insert Tab A into Slot B Security?

Digital Bond: Revised NERC CIP Standards out for 45 day comment period

Wired.com: Proof: Porn Pop-Up Teacher is Innocent, Despite Misdemeanor Plea

Washington Post: Pharmacy Extortionists Take on CIA, DoD, FBI, NSA

CSO Online: AUDIO: Despite Recession, Online Shoppers Threaten IT Security

A weekly feature highlighting news stories, reports and editorials of interest to IT and security managers. Also see stories including SecureWorks news, press releases, and research.

Securosis.com: Building a Web Application Security Program: Part 1, Introduction

Tao Security: Intellectual Property: Develop or Steal

SANS: SANS Reading Room: EVTX and Windows Event Logging

Wired.com: Kidnapped Hacker Found in Turkey, Arrested

PCI Security Standards: PCI Security Standards Council Introduces Quality Assurance Program for Assessment Community (PDF)

A weekly feature highlighting news stories, reports and editorials of interest to IT and security managers. Also see stories including SecureWorks news, press releases, and research.

The Washington Post: A Closer Look at McColo

Computer World: Laid-off sysadmin arrested for threatening company’s servers

SecurityFocus: Firm offers $1 million bounty for blackmailers

Dark Reading: Schools Suffer One-Third of Total U.S. Data Breaches

SC Magazine: Visa sets PCI compliance deadlines for rest of world

A weekly feature highlighting news stories, reports and editorials of interest to IT and security managers. Also see stories including SecureWorks news, press releases, and research.

CNN: Obama, McCain campaigns’ computers hacked for policy data

SC Magazine: Hackers begin malware barrage soon after Obama elected

CSO Online: PCI’s Post-Audit Pain Points

Credit Union Information Security: Vendor Management: 10 Tips for Hiring a Managed Security Services Provider (Free Registration Required)

Wired.com: Extortion Plot Threatens to Divulge Millions of Patients’ Prescriptions

Search Security: Security spending driven by mergers, Web 2.0 and compliance

A weekly feature highlighting news stories, reports and editorials of interest to IT and security managers. Also see stories including SecureWorks news, press releases, and research.

Search Security: Security survey finds increase in security standards adoption

SC Magazine: Malicious spam sees eight-fold jump in six months

SC Magazine: Cybercrooks use Google name to spread Facebook worm

eWeek: Stealthy Trojan Swipes Bank Log-ins, Financial Data From Thousands

Information Week: New Malware Technique Bypasses Traditional Defenses

A weekly feature highlighting news stories, reports and editorials of interest to IT and security managers. Also see stories including SecureWorks news, press releases, and research.

SC Magazine: FBI sting busts 56 for buying, selling stolen credit card data

Search Security: Malicious program poses as Windows Security Center 

Dark Reading: Inspector General Report: Two IRS Applications Leave Taxpayer Data at Risk

CNet: Fake Microsoft e-mail contains Trojan virus

Computer World: Woman is first to plead guilty in notorious spam case

Information Week: Merchants Lack Technical Skill To Spot Online Ad Fraud

SC Magazine: Academics predict growing cybercrime sophistication

To follow up on a question that was asked during our recent webcast “PCI DSS v1.2: What You Need to Know“, here are links to the various card brands’ compliance programs where you can find detailed information on their requirements for protecting cardholder data:

• American Express: www.americanexpress.com/datasecurity
• Discover: www.discovernetwork.com/fraudsecurity/disc.html
• JCB International: www.jcb-global.com/english/pci/index.html
• MasterCard: www.mastercard.com/sdp
• Visa: www.visa.com/cisp

These, in addition to the PCI Security Standards Council’s website, are good resources for learning more about what it takes for your organization to be compliant.

A weekly feature highlighting news stories, reports and editorials of interest to IT and security managers. Also see stories including SecureWorks news, press releases, and research.

SC Magazine: Iowa ISP owner wins $236 million spam judgment

Dark Reading: Financial Crisis Leaves Bank Branches Open to Social Engineering, Targeted Attacks

Computer World: Colorado state Web site dishes out SSNs of CEOs, other top execs

Search Security: Clickjacking details released after attack proof-of-concept emerges

CNet: High-tech bank robbers phone it in

Information Week: Merchants Lack Technical Skill To Spot Online Ad Fraud

A weekly feature highlighting news stories, reports and editorials of interest to IT and security managers. Also see stories including SecureWorks news, press releases, and research.

Ars Technica: Right back at ya, CAPTCHA: bad guys crack Gmail, Hotmail

SC Magazine: Cybergang moles steal company data

Dark Reading: Attackers Mix Online, Offline Exploits to Mask Financial Fraud

CNet: New phishing attempt targets bank customers

The Register: Hackers penetrate South Korean missile manufacturer

Information Week: ‘Clickjacking’ Attack Prompts Warning To Disable Browser Plug-Ins

A weekly feature highlighting news stories, reports and editorials of interest to IT and security managers. Also see stories including SecureWorks news, press releases, and research.

SC Magazine: Bogus Facebook emails pass trojans

CNet: Behind the scenes of online fraud

Dark Reading: Tiger Team Member Attacks Developers, Not Apps

Computer World: Hackers resurrect notorious attack tool kit

ZDNet: Clickjacking: Researchers raise alert for scary new cross-browser exploit