New plan to relieve the US budget deficit
Microsoft's latest security lapse with its Passport information service could trigger a $2.2 trillion fine on the company courtesy of the US government. Microsoft on Thursday admitted that a flaw in the password reset tool of its Passport service could compromise the information stored on all 200 million users. It scampered to post a fix and is looking into potential exploits, but the damage to Microsoft may already have been done.
A long and interesting article detailing the Global Hell incidents from a few years ago and the leader of the group.
Yarbrough, the former prosecutor, agrees. "This guy overnight brought a gang mentality to the Internet." He calls Gregory the self-styled Al Capone of the Internet, deciding who could be in Global Hell and who they'd go after next. He says sometimes Gregory wouldn't let others join the gang until they pulled off their own crack.
I have a new piece, Starting Over: Formatting and Reinstalling After a Security Incident, online at SecurityFocus. Check it out.
There is a point you reach in the recovery process, after you have done a little digging, put a finger on what might have gone wrong, where you come to the proverbial "fork in the road". Every security professional or systems administrator has faced the decision at some point in his or her career: is it better to try to repair the damage, or just reinstall the system and start from scratch?
South Korea group sues Microsoft over SQL Slammer
From The Chosun ILbo:
The activist group accused Microsoft of introducing servers with security defects and failing to inform clients sufficiently of the risks.