Life`s a breach

Jon Lech Johansen, or DVD Jon, as he is called, became famous for hacking encrypted DVDs so they would play on Linux when he was 15. He has a new target in his sights.

He has reverse-engineered Apple`s Fairplay and is starting to license it to companies who want their media to play on Apple`s devices.

Johansen doesn`t think what he`s doing is illegal; he`s adding DRM rather than breaking it.

Each month, PandaLabs sees approximately 200 new banker Trojans.

The goal is to raise IT security awareness and educate Internet users of all ages about safe online practices.

Ilva Pieterse, ITWeb journalist

The biggest increase took place between February and March 2005, when the number rose from 66 to 378 examples monthly.

From then, and with only the odd exception, there have been over 200 new examples every month.

October is US National Cyber Security Awareness Month (NCSAM), a collaborative effort championed by the Department of Homeland Security, National Cyber Security Alliance, the Federal Trade Commission, state governments, major universities, and the Internet industry.

The goal is to raise IT security awareness and educate Internet users of all ages about safe online practices. 2006 marks the third year that the public and private sectors have joined forces to organise NCSAM.

More than 40% of US Medicare contractors and state Medicaid agencies have experienced a privacy breach involving personal health information - although the frequency or severity of the breaches remains unclear, according to report released yesterday by the US Government Accountability Office (GAO).

The GAO reviewed the role of private contractors in administering three of the nation`s major public health insurance programmes - Medicare, Medicaid and the US Department of Defense`s Tricare programme.

According to the study, 47% of Medicare Advantage contractors reported privacy breaches within the past two years, as did 44% of Medicaid agencies, 42% of Medicare Fee For Service contractors and 38% of the contractors for the Tricare programme.

Eric McCarty, a 24-year-old San Diego resident, hacked into a University of Southern California (USC) student application system in June 2005 after being denied admission to the school, Associated Press (AP) reports via SFGate.com.

Government sources say McCarty accessed the names, Social Security numbers, birth dates and USC site passwords of a handful of student applicants, according to AP. After seizing his personal computer, federal law enforcement representatives found data pertaining to seven people who had applied to USC, AP reports.

McCarty entered a guilty plea in court on charges of accessing a protected computer without approval, and he is to be sentenced. He is likely to receive six months of home detention and roughly $37 000 in damages as part of a plea bargain with prosecutors, the AP reports.

A recent study by the Computer Science Teachers` Association (CSTA) reveals a host of problems plaguing technology education at the K-12 level, which could lead to a critical shortage of IT professionals starting in 2012 and to limited career opportunities for today`s students.

Only a quarter of US high schools have a computer science requirement, the CSTA reports. Computer science teachers lack time for training and struggle for resources. Female and minority students are underrepresented in these courses. And students struggle to add computer science to their packed schedules.

Microsoft confirmed online attackers have seeded a group of Web sites with an exploit that uses a previously unknown flaw in Internet Explorer to compromise visitors` fully patched systems.

Researchers at security firms Sunbelt Software and Websense reported the attack to the software giant, which released an advisory the same day.

The attack uses the same group of sites previously used by the WebAttacker Toolkit, making it appear that the attacks are related, said Websense in a posting to its research blog.

Sources used: Giga OM, Computer World, Symantec, PandaLabs, CSO online, CIO, Security Focus