Lost+Found: Envy, underground, data loss and Java
Too short for news, too good to lose; lost+found is a round up of useful security information. Today, Envy, underground, data loss and Java
Apparently some attackers, known only as the anti-sec group, seem to have targeted and hacked the Astalavista.com security site and have published the details on Full Disclosure: Astalavista.com Exposed.
Microsoft doubts that money can be earned quickly in the digital underground: Nobody Sells Gold for the Price of Silver: Dishonesty, Uncertainty and the Underground Economy
Different industrial sectors and industries handle their data in different ways: Study Shows Finance, Education, Healthcare, and Government Lose Sensitive Personal Data Differently
When Java 6 Update 14 was released in early June, it didn't close any vulnerabilities, but it did add a new feature: blacklists. With it, the Java Plug-in and Web Start check a blacklist for signed jar files and refuse to load any class or resource that's on the list: Blacklist Jar Feature
(crve)