The continued twists and turns regarding WikiLeaks joined Microsoft's Patch Tuesday and IE9 privacy plans as some of the top news stories of the past week.
Cyber-attacks and other twists and turns tied to the WikiLeaks
controversy continued to dominate the news this past week.
The story of the whistle-blower site has taken a number of twists and turns.
The week started with the arrest of WikiLeaks
founder Julian Assange
in the U.K.
on sexual assault accusations first levied in Sweden
in August. With Assange's legal problems growing, key figures with WikiLeaks
announced they were launching a rival whistle-blower site called
Openleaks Dec. 13.
WikiLeaks supporters meanwhile continued their cyber-assaults on Websites
belonging to businesses or institutions taking a stand against WikiLeaks,
targeting everything from MasterCard to the Swedish prosecutor's office with
denial-of-service attacks. The situation highlighted the use of opt-in
botnets as vehicles of online protest
In response to the leak of classified information, the U.S.
military has reinstituted
a ban on removable media
. The armed forces have taken this step before; in
2008, a malware compromise sparked military officials to temporarily
ban USB devices
Away from the WikiLeaks controversy, Microsoft made its share of news during
the week as well. The company is ending the year with a massive Patch
Tuesday security update
that is slated to have 17 security bulletins. Among
the 40 vulnerabilities expected to be fixed is a privilege escalation bug
exploited by the infamous Stuxnet worm, as well as an Internet Explorer
zero-day the company warned users about last month.
The company also announced that it is adding a "Do Not Track"
feature to Internet Explorer 9. Known as a "Tracking Protection List"
(TPL), it will contain Web addresses the
browser will only visit if the consumer visits them directly by clicking on a
link or typing in the address. By limiting the calls to these Websites and
resources from other Web pages, the TPL
limits the information these other sites can collect on users, according to
Protection in IE9
puts people in control of what data is being shared as
they move around the Web," explained Dean Hachamovitch, corporate vice
president and head of IE development. "It does this by enabling consumers
to indicate what Websites they'd prefer to not exchange information with.
Consumers do this by adding Tracking Protection Lists to Internet Explorer.
Anyone, and any organization, on the Web can author and publish Tracking
Protection Lists. Consumers can install more than one."
While companies prepare for Microsoft's Patch Tuesday Dec. 14, a
security researcher revealed that hundreds
of banking sites were still
vulnerable to a 2-year-old security issue
affecting certain versions of RSA's
Adaptive Authentication product. According to RSA,
EMC's security division, versions 2.x and
5.7.x of the on-premises edition of the product are vulnerable, and a patch has
been available since 2008.
The past week also saw Juniper
Networks acquire virtualization
security vendor Altor Networks for $95
million. With the purchase, Juniper seeks to deliver integrated, scalable
security architecture protecting physical and virtual systems.
"Juniper is excited to acquire one of the industry's leading
virtualization security vendors and the extremely talented team that built
it," said Mark Bauhaus, executive vice president and general manager of
Service Layer Technologies at Juniper Networks, in a statement. "This
acquisition will extend our leadership in data center and cloud security
and will enable customers to deploy a consistent set of security services
across their physical and virtual infrastructure, while delivering lowest total
cost of ownership."