Summary: Governments need to know what problems the cybersecurity legislation is meant to address, or they will face public backlash over the possible intrusions to their personal rights.

Governments need to determine the purpose of any proposed cybersecurity law and what problems it is supposed to address before approving the legislation. Those that fail to do so will experience backlash from their citizens, which is something countries such as the Philippines and India are going through.

Mac trojan Dockster served on Dalai Lama site

Malware that exploits a patched Java vulnerability on computers running Mac OS X has been detected on an unofficial Dalai Lama website. It is the same flaw exploited by the Flashback Trojan horse program last spring. The flaw was patched in April. The new malware is called Dockster. It has keystroke logging capabilities and lets hackers download and run other malware on infected machines. The site is also serving a Trojan that targets Windows computers; it exploits a Java flaw that was patched in August. This is not the first time that Tibetan activists have been targeted by malware attacks.

Samsung to issue firmware fix for printer security flaw on Friday

Samsung said disabling older versions of SNMP on the printers would protect them, contradicting an earlier security warning from US-CERT

The US Computer Emergency Response Team (US-CERT) is warning consumers that firmware in some Samsung printers contains a hardcoded backdoor account that could be exploited to allow remote access to affected networks. The administrative account does not require access verification and cannot be disabled by users. The issue affects Samsung products released prior to October 31, 2012. The company plans to issue “updated firmware for all current models by November 30, with all other models receiving an update by the end of the year.” The flaw could allow attackers to read print jobs. The problem can be resolved by disabling SNMP (simple network management protocol). Some Dell printers that are manufactured by Samsung are also affected.

A plan for US Internet service providers (ISPs) to monitor users’activity for illegal filesharing has been pushed back to at least early next year. The plan was scheduled to start this month, but the Center for Copyright Information, the group overseeing the program, has announced the Copyright Alert System’s second delay this year. The first delay was due to ISPs’ concerns that consumers would balk at the plan because it had been scheduled to be implemented shortly after SOPA and PIPA failed in the legislature. The organization’s executive director said the new delay was due to the effects of Hurricane Sandy, which “seriously affected our final testing schedules.”

The nation’s major internet service providers are delaying an initiative backed by the Obama administration and pushed by Hollywood and record labels to disrupt and possibly terminate internet access for online copyright scofflaws.

Ransomware Pays: FBI Updates Reveton Malware Warning

Latest malware, trying to trick users into paying a fine, claims the FBI is using audio, video, and other devices to record computer’s “illegal” activity.

Malware known as Reveton is using what appears to be a warning from the Internet Crime Complaint Center (IC3) as a means to extort money from users. The warning that pops up on the screens of infected machines tells users that their computers have been locked because the FBI has detected that the computer has been used to access illegal content and warns that all activity on the computer is being recorded. They are offered the opportunity to pay a fine to unlock their machines. Most Reveton infections occur as drive-by downloads.

The European Network and Information Security Agency (ENISA) is recommending that companies use honeypots as a means to detect cyberthreats. ENISA has tested a variety of systems and recommends several that are easy to use. The agency also noted that honeypots could do a better job with data collection; many of the tested systems offered up the data in formats that make analysis difficult. ENISA’s recommendations also include open source honeypots

The Australian Federal Police, working with authorities in 13 other countries, have helped to shut down a Romanian cybercrime operation that had compromised the security of half a million Australian credit card accounts. About 30,000 of those accounts were used to conduct fraudulent transactions. The Australian credit card data were stolen by breaking into point-of-sale systems at small businesses across the country.

Cisco takes on rogue suppliers with device to ID counterfeit parts

Cisco plans to release a tool that can detect counterfeit versions of the company’s own products. The tool will be available for federal customers’ systems. US government agencies have purchased counterfeit Cisco products for years without knowing they were doing so; the imitation products pose a security threat. The number of suppliers of questionable parts has increased by more than two thirds over the last 10 years.

Antivirus software a waste of money for businesses, report suggests Poor detection means that free programs offer better value.

Reports are showing that antivirus software may be waste of money; some studies have found that free antivirus products outperform their paid counterparts. Organizations often purchase antivirus software because security practices dictate that they must to be in compliance with established requirements. Imperva, one of the companies that have conducted studies on antivirus products, recommends that organizations be permitted to use free products and spend their budgets on more effective types of security.

Unknown company’s four-year campaign involving SSL is only gathering steam.

An unknown company’s four-year campaign to sue hundreds of companies for offering encryption on their websites shows no signs of abating, with Intel, Yelp, and MovieTickets.com being targeted in the past month, court records show.

The patent infringement complaints, which have also named Google, Apple, eBay, and Expedia, claim that Marshall, Texas-based TQP Development is entitled to royalties for the companies’ use of the secure sockets layer and transport layer security protocols. Together, SSL and TLS form the basis for virtually all encryption used to authenticate websites and to encrypt data traveling between them and end users. The lawsuits assert US Patent No. 5,412,730, which is titled “Encrypted data transmission system employing means for randomly altering the encryption keys.”

Court records indicate that TQP has sued hundreds of companies since 2008.