A British security researcher has figured out a way to manipulate legitimate features in Adobe PDF files to open back doors for computer attacks. David Kierznowski, a penetration testing expert specializing in Web application testing, has released proof-of-concept code and rigged PDF files to demonstrate how the Adobe Reader program could be used to launch attacks without any user action.

A U.S. district court judge has awarded Internet service provider EarthLink $11.6 million in a lawsuit accusing Nevada Internet marketer KSTM of sending millions of unwanted mortgage-related emails. Judge Timothy Batten of the U.S. District Court of the Northern District of Georgia awarded EarthLink the money on Aug. 31 after KSTM failed to respond to the ISP’s lawsuit. EarthLink accused the company and other defendants of violating the U.S. CAN-SPAM Act, as well as the U.S. Computer Fraud and Abuse Act, the Georgia Computer Systems Protection Act, and state and federal racketeering laws.

Company networks are now more likely to pick up malicious software via employee Web surfing than from email attachments, according to a new study. Nearly 40 percent of the 200 Danish companies surveyed said their systems had been infected by a virus or worm, despite the fact that 75 percent had implemented a security policy, IDC Denmark said in its report. But the malicious software in question is no longer primarily making its way through email, as in the past.

After news reports early this year revealed how remarkably easy it was to unearth someone else’s phone records, politicians vowed quick action on new legislation. The burgeoning scandal involving Hewlett-Packard’s use of pretexting against board members, employees and journalists, including three reporters from CNET News.com, is breathing new life into some all-but-forgotten legislation. It’s also given Democrats new cause to complain that Republicans have squandered their leadership position.

Cyber scams are increasingly being committed by organized crime syndicates out to profit from sophisticated ruses rather than hackers keen to make an online name for themselves, according to a top U.S. official. Christopher Painter, deputy chief of the computer crimes and intellectual property section at the Department of Justice, said there had been a distinct shift in recent years in the type of cyber criminals that online detectives now encounter.

Knowing a handful of programming languages is seen by many as a harbor in a job market storm, solid skills that will be marketable as long as the languages are. Yet, there is beauty in numbers. While there may be developers who have had riches heaped on them by knowing the right programming language at the right time in the right place, most longtime coders will tell you that periodically learning a new language is an essential part of being a good and successful Web developer.

VIA Technologies, developer of silicon chip technologies and PC platform solutions, announced the VIA C7-D processor, the world’s first Carbon Free computing solution, for a new breed of PC desktop solutions. The VIA C7-D processor with a maximum power consumption of just 20W at 1.8GHz not only sets the benchmark for performance-per-watt operation, but enables further power savings through the use of smaller power supplies and cooling fans, with a side benefit of a quieter computing experience. All remaining power consumed by the processor over its lifetime is then offset through regional projects in energy conservation, reforestation, and alternative energy.

The Office of the Inspector General of the Department of Veterans Affairs is reporting that an office computer reported stolen from a Unisys Corp. office in Virginia has been recovered, and a Washington, D.C., resident has been arrested in the case. According to a VA spokesperson, the arrest took place Sept. 13. Arrested in the case was Khalil Abdullah-Raheem, an employee of a contractor that provides temporary labor to Unisys.

IBM and Georgetown University announced two new curricula to address the growing demand for information technology skills that can empower an organization to more rapidly respond to changing marketplace conditions. Both of the new programs–one for IT professionals and one for undergraduates and graduates–are designed to teach all students about service oriented architectures. SOA is a way of reusing a company’s existing technology to more closely align with business goals helping to result in greater efficiencies, cost savings and productivity. Experience and knowledge of the SOA approach is a valuable asset for professionals and students that want to enhance their marketable IT industry skills while also honing business acumen.

The U.S. Department of Homeland Security issued the results of its Cyber Storm exercise, highlighting areas where the government and private organizations must improve their responsiveness to emerging IT-related threats. The agency release a 23-page report on the findings of the simulated IT attack, labeled by Homeland Security leaders as "the largest and most complex multinational, government-led cyber exercise to examine response, coordination and recovery mechanisms to a simulated cyber event."