The Glider

Last week Sophos released it 2012 Security Threat Report which highlighted some key finding from 2011:
- Smartphones and tablets causing significant security challenges

- Major data breaches and targeted attacks on high-profile companies and agencies

- Hacktivism - A shift from hacking for money to hacking as a form of protest or to prove a point

- Conficker worm is still the most commonly encountered pieces of malicious software seen is Sophos customers

- Fake antivirus software is still the most common type of malware but in second half of the year appears to be on the decline

- Spearphishing attacks on the rise
Despite all this, some successes On March 16, 2011 a coordinated effort known as Operation b107 between Microsoft, FireEye, U.S. federal law enforcement agents and the University of Washington knocked Rustock offline. [1] The entire report available here.
Handler Mark published a diary on some of the things to take in consideration When your service provider has a breach. [3]
[1] http://www.sophos.com/en-us/security-news-trends/reports/security-threat-report/html-07.aspx

[2] http://www.sophos.com/en-us/security-news-trends/reports/security-threat-report/html-01.aspx

[3] https://isc.sans.edu/diary.html?storyid=10651

[4] http://www.sophos.com/medialibrary/PDFs/other/SophosSecurityThreatReport2012.pdf
Data breach diaries reported by ISC in 2011:
[1] Wordpress.com https://isc.sans.edu/diary.html?storyid=10729

[2] RSA Breach https://isc.sans.edu/diary.html?storyid=10609

[3] Lockheed Marting https://isc.sans.edu/diary.html?storyid=10939

[4] Sega Pass https://isc.sans.edu/diary.html?storyid=11065

[5] SonyPictures https://isc.sans.edu/diary.html?storyid=10996

[6] DigiNotar SSL Breach (result = bankruptcy) https://isc.sans.edu/diary.html?storyid=11479

[7] GlobalSign https://isc.sans.edu/diary.html?storyid=12205

[8] Stratfor Global Intelligence https://isc.sans.edu/diary.html?storyid=12271
-----------
Guy Bruneau IPSS Inc. gbruneau at isc dot sans dot edu (c) SANS Internet Storm Center. http://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.

Sweden's Supreme Court has refused to hear an appeal of the prison sentences for The Pirate Bay founders that were meted out by the Swedish Court of Appeals more than a year ago.......

The Federal Deposit Insurance Corporation (FDIC) has issued guidance for banks and other financial services institutions, warning that certain third-party payment processors could prove to be security liabilities.......

Symantec has released hotfixes for its pcAnywhere software.......

Mozilla has released a new version of its flagship browser, Firefox 10.......

Thirteen apps that have been identified as containing adware known as Counterclank will remain available in Google's Android Market.......

A recently detected, sophisticated spear phishing attack disguises itself as conference invitations.......

The Kelihos botnet, which Microsoft was instrumental in helping take down last year, appears to be regaining its foothold.......

Apple released its first security update of 2012 for Mac OS X, patching more than 50 vulnerabilities.......

David Kernell, the Tennessee college student who was found guilty on hacking into then-vice presidential candidate Sarah Palin's Yahoo email account has lost an appeal to have his conviction for obstruction of justice thrown out.......