Ie6, Tsunami Scams, Pwn2own Results, Rsa Hacked, Epsilon Breached - 90 sec news - March 2011

Hello, everybody. Paul Ducklin here from Sophos in Sydney. Last month, someone complained that the introduction was too long, so this month I'll be quick. Paul Ducklin. Sophos. March 2011. 90 Second News. Internet Explorer 6 is still supported by Microsoft, and 11% of the world is still using it. But it's old, and insecure, and even Microsoft is begging you to stop using it. Please do so! As if the devastating tsunami in Japan wasn't enough, cybercrooks rushed in to exploit the world's concern. Bogus news articles, bogus videos and fraudulent requests for donations should remind us all just how low these guys will stoop. Be doubly careful when you're looking for news about globally-significant events. Pwn2Own has become an annual fixture at the CanSecWest conference in Vancouver. There were interesting results this year. Safari and IE got pwned. Firefox and Chrome did not. iPhone and BlackBerry got pwned. Android and Windows Phone 7 did not. And you can make of that what you will. Surprise of the month was that criminals broke into the servers at RSA, no less, and stole trade secrets relating to the company's SecurID two-factor authentication products. RSA still hasn't told users what risks they face as a result. And botch-up of the month is that direct email outsourcing company Epsilon lost an absolute boatload of email addresses. Up to 2500 companies trusted Epsilon with their email marketing lists, so all those companies - and all their customers - are affected. The spammers must be licking their lips. Rather a murky day for the cloud, I'd say. And that's 90 seconds of news. Please join us online at nakedsecurity dot sophos dot com. And don't forget: you can leave comments on our site, and email us about anything which is bugging you in the field of computer security. Tips at sophos dot com. Thanks for listening. Until next time, stay secure.