Provided by CommunityDNS, the information in this post consists of news items in the security-based Internet community.

Webhost hack wipes out data for 100,000 sites

Hackers took advantage of the virtualized private server technology of HyperVM provided by LXLabs and brought down 100,000 websites housed by UK-based Vaserv.com.

Taking advantage of the software’s vulnerabilities hackers launched a zero-day exploit, after gaining access to the systems through an SQL injection attack, hackers were able to launch a recursive delete on all files. It is likely sensitive data stored on Vaserv’s servers were intercepted.

Being that close to 50% of Vaserv’s customers use the unmanaged service, which does not include data backup, data for those users appears lost and they will probably never be able to recover their data.

Click here for more information.

Poll: Companies Still Worried About Open-source Security

2,227 respondents from the US, Canada, Germany, France and the UK feel that, among large companies, 58% said they had concerns about security regarding open-source software while 45% of small businesses expresses similar concerns. Of the groups polled, small, medium and large organizations, 9% said they were very concerned.

Based upon a survey conducted in 2007 the same research firm found the security concerns over SaaS for small businesses had actually decreased from 57% in 2007 to today’s 27%. Regarding large organizations, 47% had security concerns over SaaS in 2007, but today the percentage is down to 31%.

Click here for more information.

Swedish Regulators Look at Handling of Mobile Location Data

When looking at security issues regarding stored data, two Swedish organizations, the Swedish Post and Telecom Agency (PTS) and the Swedish Data Inspection Board, have joined forces to ensure that personal privacy from location-based data service providers is respected. While it is felt regulation may not be necessary, it is felt, however, location information can be considered sensitive to subscribers.

Click here for more information.

China defends Web-filtering software requirement

China recently directed all PC manufactures to have the Chinese-developed blocking software, Green Dam-Youth Escort installed on any PC sold in China starting July 1, 2009. The purpose is to prevent the spread of pornography and other “unhealthy” content.

Comment: What is of interest here is while China is looking at providing a form of filtering, so are other countries, such as Australia and Germany. While other countries are looking to the ISPs to provide the filtering China is having filtering done at the PC.

Click here for more information.

Clarified Technical Name Server Checks Published

A revised procedure, titled “Technical requirements for authoritative name servers” has been published by ICANN and is up on the IANA website.

When a domain operator within an IANA-managed zone wishes to change their name server delegation details technical checks are performed against the proposed servers by ICANN. The checks are performed to ensure the domain will function correctly by meeting minimal conformance and technical standards.

Click here for more information.

How is Whois? Internet registry seeks your feedback on privacy

Wishing to make sure they balance the desire for privacy with the desire to have access to information where people have a legitimate need, Canada’s registry of the .CA ccTLD, CIRA, launched public consultations on the disclosure policy introduced in June 2008.

Click here for more information.