Carrier IQ, Inc. has received more public attention in the past 60 days than it has in the previous five years that the company has existed. The software, Carrier IQ (CIQ), is analytics software designed to improve the end user experience by providing information such as dropped calls, service coverage and software crashes to wireless providers. Recent legal action by Carrier IQ, Inc. met with reactive action by the Electronic Frontier Foundation (EFF) and has caused a recent media frenzy around privacy and disclosure issues surrounding the software.

The Dell SecureWorks Counter Threat Unit team has written a great question and answer threat analysis on the Duqu Trojan. This Trojan has received a great deal of attention because it is similar to the infamous Stuxnet worm of 2010.

On April 11, 2011, the Dell SecureWorks Counter Threat Unit (CTU) posted a blog entry titled 'Certificate Authorities for SSL/TLS: Crypto's weak link', which discussed some of the strains of the current Certificate Authority (CA) system for validating web site identity. The backdrop to this blog entry was the breach of Comodo and their resulting issuance of untrustworthy, but valid, certificates. In recent weeks, another CA breach has hit the news and drawn much attention...

Recently, the PCI-SSC released an Information Supplement providing guidance for compliance with the DSS in virtualized and cloud environments. Great news for anyone with virtualization within their cardholder data environment (CHDE), or who has been considering it.

On March 18, 2011, we blogged about a breach at RSA regarding the disclosure of unspecified sensitive materials related to SecurID. At the time, little information was made available as to the extent of the breach, the exact information that was compromised, or how it would affect RSA's customers.

Earlier today, Imperva publicly announced a vulnerability in their flagship SecureSphere WAF (Web Application Firewall). This issue was discovered by Sean Talbot of Dell SecureWorks and disclosed in a coordinated fashion with Imperva. We thank Imperva for their timely confirmation of our findings and the rapid deployment of patches to address the issue. Affected users are advised to patch their systems as soon as feasible. Details of the vulnerability and information regarding patches are available in our SWRX-2011-001 advisory and also in Imperva's announcement.

Between April 17 and April 19, 2011, Sony became aware that the PlayStation Network (PSN) and Qriocity user account information was compromised in conjunction with a breach into Sony’s network. These services allow users to play games with others on the Internet, make in-game purchases and stream music and movies to Sony devices. On Wednesday, April 20, PlayStation Network and Qriocity services were disabled to investigate the incident. Most alarming is the database of customer information exposed to the unknown attacker.

This month’s Microsoft Patch Tuesday release set a new record. Microsoft released a total of 17 bulletins covering 64 CVEs, the largest number of patches in one month to date. While some users may have configured Windows to automatically apply updates in the background, many organizations must stage and test all patch deployments, which may seem daunting this month.

In the wake of Comodo’s announcement of a compromised [1] affiliate Registration Authority (RA) and their subsequent issuance of fraudulent certificates [2], the information security community has given more scrutiny to the process of signing, revoking, and verifying SSL/TLS (Secure Sockets Layer/Transport Layer Security) certificates.

The safety and security of nuclear facilities, power plants and oil/gas production seems a little shakier in recent days. No, this isn't about instability in the Middle East or a nuclear incident in Japan. Two recent announcements have shaken up the industrial controls security community.