Security analysts have been predicting that kernel rootkits, which cloak their activity by replacing a portion of a program’s software kernel with modified code, are expected to continue to grow in frequency in 2007.

While rootkit-fighting technologies such as the PatchGuard kernel protection system built into 64-bit versions of Microsoft’s new Windows Vista operating system are arriving, most PC users will still be left open to the attacks over the next twelve months. F-Secure Security Labs has been tracking and dissecting kernel malware for years. F-Secure researcher Kimmo Kasslin has made the findings available in a paper titled Kernel Malware: The Attack from Within (a PDF) as well as in a slide show (also a PDF).

State lawmakers in Massachusetts are considering a bill that would shift the financial burden associated with data breaches from banks to retailers.

If passed the law would be the first of its kind to make retailers and other companies pay for the costs related to customer notification and credit card reissuing.

The proposed legislation is broad, forcing retailers to cover all losses associated with a data breach notification, including the canceling of credit cards, and the cost of freezing accounts and credit information in cases of identity theft. Currently banks share a large portion of the financial burden.

Being courteous is a fundamental rule of interviewing. But what do you do when the interviewer’s behavior is offensive? You want to ace the interview and leave with your self-respect intact. Here are some strategies for responding tactfully to a discourteous interviewer.

IBM has patched some serious flaws affecting users of DB2 Universal Database version 9.1 that could be exploited locally by attackers. A vulnerability in several set-uid DB2 binaries allows a user to write to any file on the system through the use of symbolic links. In addition, local exploitation of another flaw could allow an attacker to elevate privileges to root.

Mozilla has released an update to its Firefox browser, fixing a number of security flaws in the product.

The Firefox 2.0.0.2 release includes a fix for a bug disclosed by security researcher Michal Zalewsky last week. That flaw can be exploited by attackers to manipulate cookie information in the Firefox browser, making it probably the most important fix in the update, according to Window Snyder, Mozilla’s head of security strategy.

While offshore outsourcing is expected to affect wages and employment in developing countries, it won’t have any sudden negative impact on developed countries’ economies, according to a report released Feb. 22 by the McKinsey Quarterly, the business journal of the global management-consulting firm McKinsey & Company.

The most problematic database security breaches often don’t come from hackers, but from the inside. With that in mind, the software company CoSoSys has released Secure it Easy for Windows Vista, software that blocks the unauthorized transfer of data to portable storage devices.

Recent research done by Forrester Consulting found that 72 percent of respondents thought data loss of USB drives and removable media was the No. 1 concern for endpoint security. Removable storage devices could be used by a disgruntled employee to smuggle data out of the office, or could accidentally upload virus-ridden files into a network when plugged into a PC, CoSoSys officials said.

In a call with analysts, Intel officials said the company would deliver a 3.0GHz version of its quad-core Clovertown processor for servers, as well as deliver dual-core Xeon chips using the company’s 45-nanometer manufacturing process.

Executives with Intel added that the company would also introduce a low-watt, quad-core server chip in the coming weeks. A specific date for this chip, which will have a 50-watt thermal design, has not been announced.

IBM announced it is combining its industry leading expertise in Service Oriented Architecture and information management to help clients more easily share data and deliver better service by freeing information from individual applications and reusing it throughout their enterprise.

The new software and services announced today help accelerate the process of defining and deploying information services. These include a new version of IBM Service Oriented Modeling and Architecture, developed by IBM Global Business Services to help clients rapidly develop and implement a long-term plan for moving to a service oriented architecture.

IBM also unveiled WebSphere Information Analyzer, a new module for IBM Information Server that helps customers eliminate the risk of reusing bad data. In addition, IBM Information Server provides new capabilities that complement IBM WebSphere Process Server to enable tighter integration between information and business processes, and a new extension to Rational Data Architect helps provide additional value from IBM’s industry-specific data models.

Japanese police pledged Thursday to improve their technology to battle cyber crime, which shot up 40 percent last year as fraudsters become increasingly sly.

Police investigated 4,425 cases of online crime last year, an increase from 3,161 a year earlier and about 3.3 times more than five years ago, the National Police Agency said in a report.

Nearly half of the crimes involved fraud, mostly through online auctions, it said.