Today, leading technology companies announced the creation of the Cyber Security Research Alliance (CSRA). The CSRA is a private, non-profit research consortium formed in response to the growing need for increased public-private collaboration to address complex problems in cyber security. The founding members of the CSRI are Advanced Micro Devices (AMD), Honeywell, Intel Corporation, Lockheed Martin, and RSA/EMC.

President Obama has prioritized cyber threats as one of the most serious economic and national security challenges we face as a nation and a dependency to America's economic prosperity in the 21st century.

CSRA seeks to achieve coordinated industry participation to address national cyber security research and development (R&D) imperatives and bridge the gap between government funded R&D and commercially available products and solutions in cyber security. CSRA will focus on challenges that are bigger than any one company, consortium, sector or nation and ensure that government, industry and academia collaborate on in-depth problem understanding and definition.

Kaspersky Lab, a leading developer of security and threat management solutions, today announced a partnership with Facebook, with the goal of enhancing the security of social networking both online and offline. Kaspersky Lab is now supplying Facebook with up-to-the-minute data about the latest malicious software threats worldwide, which will be used to protect Facebook users from inadvertently visiting malicious web pages.

People are more likely to click on a link shared by a friend, and this inherent trust is something cyber-criminals prey upon. Malicious URLs can automatically share themselves with a victim's personal contacts without the user's knowledge, making the links appear legitimate. Now, when Facebook users share or click a link shared by their friends, the link will instantly be compared against Kaspersky Lab's database of malicious web pages. If the link matches Facebook's list of known 'bad' URLs - which are supplied to Facebook by Kaspersky Lab and other security vendors - the user will be immediately notified and blocked from visiting the web page. This not only prevents the user's personal information and computer from being put at risk, but stops the malicious links from spreading further.

Designed for professionals seeking a solid business notebook that delivers robust productivity, manageability, security and reliability features, Acer America today introduced the new TravelMate P243 notebook PC for U.S. customers.

"Today's mobile business executive needs a PC that is robust enough to run intensive business applications while still fitting into strict budget guidelines," said Gregg Prendergast, vice president of commercial sales for Acer America. "The TravelMate P243 notebook is an important addition to our professional notebook portfolio as it combines everything today's road warrior requires, including exceptional performance, enterprise-level security, durability and manageability for a best-in-class mobile experience."

Imation Corp., a global scalable storage and data security company, today announced the expansion of its secure USB hard drive line with capacities of up to 1 terabyte (TB), optional biometric fingerprint authentication, and a uniquely comprehensive set of options for secure USB hard drive management.

"Enterprise and government organizations increasingly need manageable USB devices in order to provide mobile workers with the tools necessary to work where and when they want, and access the data they need in the most secure way possible," said Lawrence Reusing, Imation's general manager for Mobile Security. "People are increasingly turning to USB hard drives to transport large data sets. Our expanding secure hard drive offerings are in response to our customers needing increased capacity without compromising control over the devices and data."

Today Logitech expanded its Logitech Alert lineup by introducing the Logitech Alert 750n Indoor Master System, a complete video security system in a box that enables you to be there - even when you're not. Easy installation, wide-angle night vision, powerful PC software and a free remote viewing account let you rest at ease whether at home or away, with peace of mind that your property and loved ones are safe.

For expanded security coverage, Logitech also introduced the Logitech Alert 700n Indoor Add-On Camera. This stand-alone night-vision camera is easy to add to your existing Logitech Alert Master system so you can see what's going on in other rooms or locations.

Symantec Corp. today announced the findings of its Internet Security Threat Report, Volume 17, which shows that while the number of vulnerabilities decreased by 20 percent, the number of malicious attacks continued to skyrocket by 81 percent. In addition, the report highlights that advanced targeted attacks are spreading to organizations of all sizes and variety of personnel, data breaches are increasing, and that attackers are focusing on mobile threats.

Malicious Attacks Continue to Grow Rapidly

Symantec blocked more than 5.5 billion malicious attacks in 2011, an increase of 81 percent over the previous year. In addition, the number of unique malware variants increased to 403 million and the number of Web attacks blocked per day increased by 36 percent.

Apricorn (www.apricorn.com), a leading designer and manufacturer of data security products for business, has announced a new and improved version of its popular Aegis Padlock drive, the Aegis Padlock 3.0. The reinvented Aegis Padlock 3.0 combines a super fast integrated USB 3.0 cable - increasing data transfer speeds by over 500% over the USB 2.0 version, enhanced AES-XTS hardware encryption, software free design, plus new security features to create a powerful data storage device perfect for taking your data on the road.

Available in capacities up to 1 TB with either a ruggedized, shock mounted hard drive (prices start at $169) or with a super tough SSD (prices start at $199), the Aegis Padlock 3.0 provides powerful data security that is tough enough for a wide variety of needs.

You wouldn't think there would be much to say about a USB flash drive, but in this case, what you say, and how you say it, is your key to data security. Advanced technical skills are definitely not required, because this is a plug-and-play device, requiring no software installation. All critical software is embedded in the flash drive itself, and it is fully functional the moment it is removed from the box.

After inserting the USB into a computer, red and green LEDs flash to signal to the user that the drive is ready to hear the password through its on-board microphone. Armed with a dedicated on-board microprocessor, the drive's voice-recognition software then sorts out the various nuances and frequencies of an authorized voice, and the only necessary password is a spoken one.

Japanese company Elecom launched the MF-MSU3 line of stylish USB 3.0 flash drives. Available in four color options: black (MF-MSU30xGBK), white (MF-MSU30xGWH), pink (MF-MSU30xGPN), and blue (MF-MSU30xGBU), where "x" is capacity in GB; the drives are available in four capacity options: 4 GB, 8 GB, 16 GB, and 32 GB. The drives offer transfer rates of 60 MB/s (read/write), and feature Elecom PASS (Password Authenticated Security System), an AES-based data encryption software. Measuring 59.0 x 17.5 x 7.8 (WxDxH), these drives weigh about 9 g. The feature the conventional capped form-factor. Elecom did not give out pricing information, but they will be released to market in October.

Kingston Digital, Inc., the Flash memory affiliate of Kingston Technology Company, Inc., the independent world leader in memory products, today announced a reduction in price for its line of enterprise and government secure USB Flash drives, as well as new capacities for its DataTraveler 4000 (DT4000) and DataTraveler Vault - Privacy (DTVP) Managed and Unmanaged secure mobile storage solutions. A leader in memory solutions since 1987, Kingston will exhibit at RSA Conference 2012 (booth 1059) to showcase the industry's only secure USB family ranging from general-purpose business use to flexible, managed enterprise offerings, and to platforms for the most secure and rigid government standards.

Corporate and customer data are the lifeline of any company - to be safeguarded at all times and handled cautiously. Data breach trends and recent studies, such as the Ponemon Institute's 2011 report, The State of USB Security, indicate that data breaches continue to occur far more frequently than they should and unsecured USB Flash drives remain a leading culprit. Additionally, failure to protect data can expose a company to a host of negative consequences including non-compliance, fines, financial loss and lack of customer confidence and trust.

The UK government has a bizarre idea of "communications capabilities development": mass-monitoring of IP traffic, and snooping into what British netizens are up to. Despite being defeated during the UK Labour Party rule, there seems to be a revival of the idea of greater monitoring of internet traffic under the Conservative government, under a legislation titled "Communications Capabilities Development Programme".

This legislation proposes that ISPs and other communications providers be required to maintain logs of individual users' communications, all of them, starting from web history, to IM, to in-game text/voice chat, e-mails, Skype calls, even Twitter messages. This monitoring should run for at least an year, so the establishment collects enough data to draw patterns around.

Security software maker Symantec confirmed to the press that the group of hackers that obtained source code of its pcAnywhere software were holding it to ransom. The group claims to be linked to Anonymous. The group allegedly demanded US $50,000 from Symantec in return for destroying the source code it stole, on failing to pay it, the group threatened it would leak the source code to the public, which would expose the software to malware writers and competitors.

Symantec has apparently been in negotiations with the hacker group over preventing the leak, it even agreed to pay the group its "ransom", provided it could do so in monthly installments. The group declined, and the negotiations fell through. A transcript of this email conversation was posted on Pastebin (can be accessed here). The hackers claimed to have posted the source code of pcAnywhere (in a 2.3 GB RAR archive), on a popular bit-torrent site. In our opinion, extorting money is very un-Anonymous. Anonymous, being the self-proclaimed hacktivist group that it is, would post the source code "just for the lulz", without even getting into negotiations with Symantec.

McAfee today unveiled its 2012 Threat Predictions report, outlining the top threats that McAfee foresees for the coming year. The list indicates that emerging threats from 2011 are on track to become the major players for cyberactivity in 2012, including mobile banking, "legal" spam and virtual currency. McAfee Labs also predicts that attacks involving political motivation or notoriety will also make headlines, including high-profile industrial attacks, cyberwarfare demonstrations and hacktivist attacks targeting public figures.

"Many of the threats that will become prominent in 2012 have already been looming under the radar in 2011," said Vincent Weafer, senior vice president of McAfee Labs. "Over the past year, the general public has become more aware of some of these risks, such as threats to critical infrastructure or the impact of hacktivism as they gain international media attention. In the meantime, we continue to see cybercriminals improving their toolkits and malware and are ready to make a significant impact in 2012."

Windows 8 implements a radical new user interface called Metro for desktop PC's, which has so far received a mixed reception. However, there's many other changes under the hood and one of those is how password security is handled, which we look at here. It's a fact of life, that in today's modern world, we have to remember a plethora of passwords and PIN's, which can be daunting. This leads to security issues as users end up writing down passwords and/or create very insecure ones which can be easily guessed. Windows 8 aims to uphold strong password security, while at the same time, easing the burden on the user. Also, passwords can be obtained in various ways by miscreants, such as phishing, keylogging, guessing, and cracking. Windows addresses each of these problems in three main ways:

Optical disc drives have been pretty cheap for years now, yet there is enough money in the business, that three executives managed to collude in price fixing of these devices, scamming HP, Dell and Microsoft in the process - and in the end the consumer, who foots the higher prices. The three are from Hitachi-LG Data Storage Inc. (HLDS) and have reached a plea agreement with the U.S. Department of Justice on price fixing charges for optical disc drives during the 2005-2009 timeframe. According to Security Week, the three executives, Sang Hun Kim, Young Keun Park, and Sik Hur, will each pay $25,000 USD in fines and serve little sentences of seven to eight months in prison at a "correctional facility" aka prison, that is yet to be decided.

Tomorrow, Tuesday aka December 13th Microsoft is set to let loose no less than 14 updates which are supposed to resolve 20 vulnerabilities affecting products like Windows, Office, Internet Explorer, Microsoft Publisher, and Windows Media Player.

Three out of the 14 patches are rated 'Critical' and target bugs that could lead to remote code execution, while the other 11 are rated 'Important' and are set to plug in holes that can result in remote code execution and (unwanted) privilege elevation. As always, Microsoft isn't giving out specifics on the vulnerabilities that will be patched so we'll have to wait for tomorrow to get the full scoop. And to update of course.

AMD (NYSE: AMD) today announced that AMD Fusion '12 will be held June 11-14, 2012 in Bellevue, Washington. The company's annual developer summit will return to the Meydenbauer Center and the Hyatt Regency in Bellevue.

This event will build on the success of AMD Fusion '11, where more than 700 leaders from industry, academia, and government converged on the forefront of heterogeneous computing. The summit offers an engaging opportunity to learn more about next-generation software development and AMD Fusion System Architecture (FSA), Accelerated Processing Unit (APU) technology, central processing unit (CPU) and graphics processing unit (GPU) processor technologies, and programming methods using industry-standard application programming interfaces (APIs) such as OpenCL, OpenGL, Microsoft DirectCompute and C++ AMP.

Yes, that's right the maker of notoriously vulnerable software is now blaming you, the user, should you get a virus, trojan or other malware infection on your Windows computer. However, it does look like they have some justification for saying this. For those with long attention spans, Microsoft have just released their 168 page Microsoft Security Intelligence Report 6MB PDF, with the stated aim of providing:

An in-depth perspective on software vulnerabilities and exploits, malicious code threats, and potentially unwanted software in the first half of 2011

The first thing to note about the report is that it is limited to its Malicious Software Removal Tool and Microsoft's other anti-malware products. Zero-day attacks that it can't detect are not included in the findings. So, surely it can't all be the user's fault then? It also means that the security angles from third party security vendors such as Kaspersky, Norton and McAfee aren't represented here.

Toshiba announces the first family of self-encrypting hard disk drives (HDDs) engineered to automatically invalidate protected data when connected to an unknown host. The new Toshiba Self-Encrypting Drive (SED) models enable OEMs to configure different data invalidation options that align with various end-user scenarios. Designed to address the increasing need for IT departments to comply with privacy laws and regulations governing data security, the drives are ideally suited for PC, copier and multi-function printer, and point-of-sale systems used in government, financial, medical, or similar environments with an acute need to protect sensitive information.

Building on the industry-standard Trusted Computing Group "Opal" Specification, the new Toshiba MKxx61GSYG models leverage advanced access security and on-board encryption alongside second generation data wipe technology. Whether to protect against data loss resulting from lost or stolen notebooks or to maintain the security of document image data stored within copier and printer systems, Toshiba SEDs can securely invalidate protected data. Data invalidation attributes can be set for multiple data ranges, enabling targeted data in the drive to be rendered indecipherable by command, on power cycle, or on host authentication error-an industry first. This flexibility provides systems designers with a powerful set of data security options that can be easily incorporated into existing system architecture.

Toshiba Storage Device Division (SDD), the pioneer in small form factor hard disk drives (HDDs), today announced a 7,200 RPM 2.5-inch (6.4cm) Self-Encrypting Drive (SED) that provides government-grade AES-256 hardware encryption incorporated in the disk drive's controller electronics. The MKxx61GSYD is the newest addition to the Toshiba family of drives designed for commercial notebooks and security-sensitive applications, including shared desktop PCs. The drive's built-in hardware encryption offers benefits that go beyond software encryption.

Based on the Opal Security Subsystem Class (Opal SSC) specification from the Trusted Computing Group (TCG), the new Toshiba SED enables secure and quick deployment of encryption on notebook and desktop PCs to protect confidential information. Many organisations are taking steps to comply with security policies and new laws governing data privacy. The SED technology from Toshiba helps IT departments to achieve strong, cost-effective security without interrupting business flow or impacting application performance.

Combining unprecedented security, performance and energy efficiency, Intel Corporation today launched the Intel Xeon Processor 5600 series. The new processors deliver two new security features -- Intel Advanced Encryption Standard New Instructions (Intel AES-NI), and Intel Trusted Execution Technology (Intel TXT) -- that enable faster encryption and decryption performance for more secure transactions and virtualized environments, providing data centers with a stronger foundation for cloud security.

These are also the first server and workstation chips based on the groundbreaking, new Intel 32nm logic technology, which uses Intel's second-generation high-k metal gate transistors to increase speed and decrease energy consumption. The Intel Xeon Processor 5600 series supports up to six cores per processor and delivers up to 60 percent greater performance than the 45nm Intel Xeon processor 5500 series. In addition, data centers can replace 15 single-core servers with a single new one, and achieve a return on their investment in as little as 5 months.

Seagate Technology today announced worldwide availability of the Seagate Secure Self-Encrypting Drive (SED) option across its portfolio of enterprise-class hard drives. Products with the Seagate Secure option include: Savvio 15K.2, Savvio 10K.3, Constellation and Cheetah 15K.7 drives. These enterprise-class products are an extension of Seagate's first-to-market leadership with Seagate Secure Self-Encrypting Drive (SED) technology, designed to deliver data-at-rest security for servers and storage systems.

"Self-Encrypting Drives are one of the easiest, most cost-effective security measures companies can implement," said Eric Ouellet, vice president at Gartner. "The use of SEDs provides businesses with complete data-at-rest protection against information breaches that can occur in drives and systems that have been repurposed, decommissioned, disposed of, sent for repair, misplaced or stolen. Because all disk media eventually leaves a company's control, the use of SEDs ensures that data is protected at these critical stages of a system's life cycle."

QNAP Security today unveils the high performance 8-bay chassis VioStor-8040U-RP NVR and 8-bay tower VioStor-8040 NVR network surveillance systems featuring Intel Core 2 Duo 2.8 GHz CPU, 2 GB DDRII memory, 8 hot-swappable hard drive bays for up to 16TB storage capacity, 40-channel recording from IP cameras, megapixel recording (up to 8 megapixels) and other advanced features such as RAID 0/1/5/6/5+spare/6+spare, Online RAID Capacity Expansion, and Online RAID Level Migration. The VioStor-8040U-RP NVR and VioStor-8040 NVR support M-JPEG, MPEG-4, and H.264 video compression and are compatible with the IP-based cameras and network video servers from AXIS, ACTi, Arecont, Canon, Cisco, D-Link, EDIMAX, ELMO, EtroVision, GANZ, iPUX, IQeye, LevelOne, Linksys, MOBOTIX, Panasonic BB/ BL/ i-Pro, SANYO, SONY, TOA, TOSHIBA, TRENDnet, VIVOTEK, and Y-CAM, etc.

VIA Technologies, Inc, a leading innovator of power efficient x86 processor platforms, today announced that it will be showing examples of its customized security solution service at Computex 2009, helping customers to employ a comprehensive and effective security infrastructure in all segments.

VIA Nano, VIA C7 and VIA Eden processor platforms are the only processors that currently offer a built-in Advanced Cryptographic Engine. In order to better help customers access this unique feature, VIA is now offering a comprehensive security solution service that can accurately meet the security needs of individual customers across a range of embedded segments.

Mozilla today released an important security update to Firefox. With sub-version 3.0.8, The browser has been patched for two critical security vulnerabilities, which are all that make it to this release.

The first vulnerability, titled "Arbitrary code execution via XUL tree element" could allow attackers to compromise a box by using a browser crash to run arbitrary code. The second one titled "XSL Transformation vulnerability" is where attackers get to use browser crashes caused by XSL stylesheets during XSL transformation, to run arbitrary code. For more information, refer to the Security Advisories page for Firefox. Existing Firefox versions will be updated to version 3.0.8 automatically by default. Firefox 3.0.8 can be downloaded from the Mozilla Website.