New York became the 19th state to put a mandatory information breach notification law into place.
Based on California's SB1386, which was approved in 2003, New York's new law requires companies doing business in the Empire State to directly notify affected customers after a breach. The law also fines non-compliant companies $10 for every victim they fail to notify.
State Assemblyman James Brennan, D-Brooklyn, the bill's sponsor, said, "It's only natural to think a breach notification law should be compulsory in New York."
Sony-BMG Entertainment was found to still be using SunnComm's MediaMax software after it had offered customers exchanges for use of First4Internet's XCP rootkit technology on CDs.
Sony offered customers an update download for MediaMax and an uninstall on its website. Advocacy groups claimed the technology, which downloads itself onto PCs before users approve a end-user license agreement, is available on 20 million CD-ROMs.
Sony apologized for its use of Extended Copyright Protection applications on CDs, removed the discs from stores and offered customers an exchange.
Most PC systems are vulnerable to attack despite improvements to their safety infrastructure, according to a study by Gerhard Eschelbeck, chief technology officer and vice president of engineering for Qualys.
Nearly 70 percent of systems are open to malicious attack, despite efforts by organizations to improve patching processes by 23 percent, Eschelbeck said as part of his Laws of Vulnerabilities study.
The study, taken from 21 million critical vulnerabilities collected from 32 million live network scans, also pointed out that 85 percent of the damage from automated attacks takes place in the first 15 days of a vulnerability's release.
Microsoft opened the beta test version of its forthcoming antivirus and anti-spyware device, now called One Care Live, to the public, offering customers a free trial of the service prior to next year's full launch.
The beta offers real-time antivirus and managed firewall security, backup and restore capabilities, and PC maintenance tools.
Some experts, including Graham Titterington, an analyst at Ovum, predicted the move would have a major effect on the security market because it will eventually become the default security platform on the Windows operating systems.
One in four American online shoppers see a phishing scam once a month, yet 83 percent believe they are safe online, a study from America Online and the National Cyber Security Alliance revealed.
Twenty-three percent of online Americans were solicited by a fraudulent phishing email at least once a month, and 70 percent of respondents thought the emails were from legitimate companies. The poll showed few people are familiar with online security terms.
Online security watchdogs warned that the number of attacks using instant messaging was skyrocketing. Researchers from Akonix Systems tracked 62 IM-based attacks in November -- a month-by-month increase of 226 from October.
Errata: In December's issue, there were some SC Magazine Reader Trust Award finalists listed erroneously. These finalists included BigFix, Cenzic, Clearswift, ForeScout, PatchLink, Sentillion, Tumbleweed and UPEK. We regret the error.