In the past couple of months, bothents have become smaller and more versatile in order to escape the ever increasing corporate security controls.

Security firms Finjan and F-Secure pointed out that criminal organizations are splitting their botnets into smaller groups in an attempt to create multi-swarm attacks that can escape detection.

Message Labs has released the September edition of the MessageLabs Intelligence monthly report.It provides the latest threat trends for September 2007, as well as a quarterly retrospective, to keep you informed regarding the ongoing fight against viruses, spam and other unwelcome content.

GAP, the famous clothing retailer, shares the cruel faith of TJX and Monster. The theft of an unencrypted laptop on Sunday caused the loss of more than 800,000 SSN belonging to former job applicants at GAP.

Gap learned of the theft on Sept. 19, and later said the laptop was stolen from the offices of a third-party vendor managing job applicant data for it.Cynthia Lin, spokeswoman of the California-based clothier, would not disclose the name of the vendor, nor would she provide any other details of the theft.

"If you're going to do cybersecurity, you have to spy on Americans to secure Americans"

In a major shift, the National Security Agency is drawing up plans for a new domestic assignment: helping protect government and private communications networks from cyberattacks and infiltration by terrorists and hackers, according to current and former intelligence officials.

From electricity grids to subways to nuclear power plants, the United States depends more than ever on Internet-based control systems that could be manipulated remotely in a terrorist attack, security specialists say.

TD AMERITRADE Holding Corporation has discovered and eliminated unauthorized code from its systems that allowed access to an internal database. The discovery was made as the result of an internal investigation of stock-related SPAM.

The Company commissioned forensic data experts to assist in its investigation of this issue. Results of their combined efforts reveal the following:

The Symantec Internet Security Threat Report provides a six-month update of worldwide Internet threat activity. It includes  analysis of network-based attacks, a review of known vulnerabilities, and highlights of malicious code. It will also assess trends in phishing and spam activity. This volume covers the six-month period from January 1 to June 30, 2007.

Over the past several reporting periods, Symantec has observed a fundamental change in the threat landscape. Attackers have moved away from nuisance and destructive attacks towards activity that is motivated by financial gain. Today’s attackers are increasingly sophisticated and organized, and have begun to adopt methods that are similar to traditional software development and business practices.

In the wake of the recent security breach, Monster.com has confirmed that it's databases have been targeted before. The company admits that the data leakage has been going for longer and the number of affected customers could be higher than original 1.3 milion estimates.

As this wouldn't have been enough, it appears that the Monster.com security incident has allready made collateral damage. Among other tasks, Monster is the technology provider for USAJobs.gov website which belongs to the U.S. Office of Personnel Management. USAJobs.gov has over 2 milion registered users and it's a very popular place to post resume or federal job openings.

Wells Fargo &Co. customers encountered difficulties in getting a balance statement yesterday. This is an echo of the computer failure problems that the fifth US bank has experienced on last Sunday.

Employing over 160,000 people, Wells Fargo serves almost 7,000 ATMs and nearly 6,000 branches nationwide.

The Zhelatin/Storm Worm gang have run  their "eCard for you" – themed malware spam fo weeks now and apparenty they are moving towads other measn of deception and worm infection.
The tactics are changing again.

The malicious websites haven't changed; they still spread malicious msdataaccess.exe files. However, the e-mails no longer talk about ecards. Instead, they ask you to install a missing component called Microsoft Data Access.

A woman, trying to get out of an abusive relationship, goes online to buy plane tickets for herself and her two small children, and then she sends an e-mail to a friend about her plan to leave. As she works to clandestinely put things in order, she doesn't recognize her husband has installed spyware onto the computer and will soon know everything she's planning to do.