IT managers should start familiarising themselves with a new security tool, the paint brush, as Japanese researchers have come up with a paint that they say will block high-speed wireless signals, giving businesses a cheap option to protect their wireless networks.

The problem of securing wireless networks has been an issue for a while now. Wi-Fi LANs with no encryption or running the obsolete WEP system, run the risk of having hackers outside the building eavesdrop on wireless LAN traffic, or simply stealing bandwidth. However, there are a number of solutions, besides encryption, for companies wishing to secure their networks.

Malware masquerading as part of Apple's iWork 09 productivity suite is targeting unsuspecting Mac users foolish enough to install pirated software downloaded on warez sites.

Once installed, iServices.A has unfettered root access, which it promptly uses to connect to a remote server over the internet, according to Intego, which sells anti-virus software for Macs. A secondary download installs malware that makes victims part of a botnet that's attacking undisclosed websites.

A student who researches malware and intrusion detection systems at the University Politecnico di Milano in Italy will be making a presentation next month at the upcoming Black Hat conference in Washington D.C. The briefing, as Black Hat refers to it as, will deal with a memory injection technique specific to Apple hardware, which subsequently allows a piece of code to be run from memory.

While it may sound like the RAM Disk feature from the days of OS 9 and before, the technique is nowhere near as benign. What makes the memory injection technique particularly attractive to would-be hackers is that no traces are left on the hard drive and a new process is not created, making it what the experts call an "anti-forensic technique." What is run in memory is up to the attacker; it can range from code snippets to complete applications.

Downadup, the superworm that attacks a patched vulnerability in Microsoft Windows, is making exponential gains if estimates from researchers at F-Secure are accurate. They show 6.5 million new infections in the past four days, bringing the total number of machines it has compromised to almost 9 million.

The astronomical growth stunned some researchers, although others cautioned the numbers could be inflated since the counting of infected computers is by no means an exact science. Most agreed F-Secure's estimate was certainly plausible and if it proved to be correct, represented a major development in the world of cyberthreats.

Record companies cannot collect restitution for every time a song has been illegally downloaded, a US District judge has decided. Judge James P. Jones gave his opinion on United States of America v. Dove, a criminal copyright case, ruling that each illegal download does not necessarily equate to a lost sale, and that the companies affected by P2P piracy cannot make their restitution claims based on this assumption.

Daniel Dove was originally found guilty of criminal copyright infringement for running a torrent group called "Elite Torrents" between 2004 and 2005. The jury in the case had found Dove guilty of reproduction and distribution of copyrighted works, as well as conspiracy to commit criminal copyright infringement. At the time, Judge Jones sentenced Dove to 18 months in prison for each count, plus a special assessment of $200 and a $20,000 fine ($10,000 per count).

Microsoft has contributed source code to Apache's Stonehenge project, an open source effort that collects sample implementations of applications that are built with Service Oriented Architecture (SOA). The aim of the project is to test and demonstrate interoperability between application implementations that are built on different underlying technology.

The project was launched in November under the aegis of the Apache Incubator, a pool of nascent community-driven projects that are working their way into the Apache ecosystem. According to Stonehenge participant Paul Fremantle, this is the first Incubator podling that has received direct involvement from Microsoft.

When Google's lawyers entered the smooth marble hallways of the Department of Justice on the morning of October 17, they had reason to feel confident. Sure, they were about to face the antitrust division—an experience most companies dread—to defend a proposed deal with Yahoo. But they had to like their chances. In the previous seven years, only one of the mergers that had been brought here had been opposed. And Google wasn't even requesting a full merger. It just wanted the go-ahead to pursue a small deal that it was convinced would benefit consumers, the two companies, and the search-advertising market as a whole. Settling around a large oval table in the conference room, the attorneys from Google and Yahoo prepared to make their arguments. Google wanted to serve its ads for certain search terms on Yahoo's pages in exchange for a share of the revenue those ads generated. It already had similar arrangements with AOL, Ask.com, and countless other Web sites. And the deal wasn't exclusive or permanent.

Tom Barnett, assistant attorney general for antitrust, took his seat at the table and called the meeting to order. The Yahoo lawyers kicked things off by describing their negotiations with DOJ staff; they had already suggested limiting the length of the deal and capping the amount of money in play. Barnett seemed unimpressed. "Staff," he proclaimed, "is irrelevant." He made the decisions around there.

A worm that spreads through low security networks, memory sticks, and PCs without the latest security updates is posing a growing threat to users.

The malicious program, known as Conficker, Downadup, or Kido was first discovered in October 2008.

Although Microsoft released a patch, it has gone on to infect 3.5m machines.

The latest Windows release will be available to everyone after a surge in demand crashed the Microsoft website on 9 January, the original release date.

In response, the company has lifted a planned limit on the number of copies of the Windows 7 Beta available for download.

Microsoft delayed the launch by one day to add "more infrastructure and servers" to cope with demand.

The U.K. Ministry of Defence is in the midst of an electronic fight with a computer virus that rapidly spread through its computer networks starting Jan. 6.

The virus infected computers throughout the military, including those used by the Royal Air Force and Royal Navy, and is one of the most severe attacks the organization has ever faced, according to a Ministry of Defence spokeswoman.

A team of security researchers have developed a technique for automatically purging the remnants of the Storm worm infection from the internet. But the approach - which involves turning the botnet's command and control system against itself - could run foul of computer hacking laws in Germany and elsewhere, which ban the modification of computer systems without consent.

Nonetheless, the work of the team from Bonn University and RWTH Aachen University have advanced knowledge about how botnets (networks of compromised zombie PCs) are established and maintained that could advance the development of more acceptable tracking and take-down techniques.

Research in Motion (RIM) has published a patch that fixes a pair of critical flaws in the way BlackBerry servers handle malformed PDF files.

The two related security updates address vulnerabilities in the PDF Distiller of the BlackBerry Attachment Service for BlackBerry Unite and BlackBerry Enterprise Server, respectively. As a result of the bugs, hackers might be able to inject hostile code onto computer systems running the BlackBerry Attachment Service, providing they can trick the user of a BlackBerry smartphone into opening a maliciously crafted PDF attachment, contained in an email message sent to them.

Microsoft started 2009 by fixing just one security flaw in its software; this month's Patch Tuesday only had a single security bulletin, MS09-001.

The security update kills three birds with one stone: two privately reported vulnerabilities and one publicly disclosed vulnerability. This is possible since all three problems, which could allow remote code execution and give an attacker full user rights, are found in the Microsoft Server Message Block (SMB) Protocol.

The Electronic Frontier Foundation has begun a new campaign to get the public to complain to lawmakers about the limitations of locked mobile phones. The new site, FreeYourPhone.org, encourages citizens to sign a petition going to the US Copyright Office in support of the EFF's recent push for an exemption to the Digital Millennium Copyright Act (DMCA), which it hopes will offer legal protection to phone users who have jailbroken or unlocked their devices.

The EFF submitted the exemption request back in December as part of the Copyright Office's triennial DMCA exemption reconsideration. In addition to phone jailbreaks and unlocks, the EFF asked for exemptions from the DMCA for YouTube's "remix culture," and university libraries across the country asked for more rights for using DVDs in classroom settings.

For millions of Apple fans, Steve Jobs is irreplaceable. But if there's one man Jobs himself trusts to stand in his shoes, it is his second in command, Apple Chief Operating Officer Tim Cook.

With Jobs on medical leave until June, Cook will be leading the team at Apple. And it is likely that when Jobs leaves Apple, it will be Cook he will anoint as the new CEO of the company.

"Tim runs Apple," says Michael Janes, the first general manager of Apple's online store and now co-founder of ticketing search engine FanSnap, "and he has been running Apple for a long time now."

The incoming Obama administration will vigorously defend congressional legislation immunizing U.S. telecommunication companies from lawsuits about their participation in the Bush administration's domestic spy program.

That was the assessment Thursday by Eric Holder, President-elect Barack Obama's choice for attorney general, who made the statement during his confirmation hearings before the Senate Judiciary Committee. A court challenge questioning the legality of the legislation is pending in U.S. District Court in San Francisco -- where the judge in the case wanted to know what the Obama administration's position was.

A federal judge has agreed to a novel request: streaming parts of an upcoming file-sharing trial over the Internet. Judge Nancy Gertner has granted the request of Harvard Law professor Charles Nesson and students to put the gavel-to-gavel footage on the Internet for any non-commercial use, over the RIAA's objections. But only on a one-time basis.

Joel Tenenbaum's first strategy for dealing with an RIAA settlement letter wasn't real helpful: he called them up and offered $500 instead of $3,500. His offer was rejected. When the case actually went to court, Tenenbaum tried to settle again, this time for $5,000, but by then the RIAA wanted $10,500.