This month the PCI-SSC released an Information Supplement providing guidance for compliance with the DSS in virtualized and cloud environments. Great news for anyone with virtualization within their cardholder data environment (CHDE), or who has been considering it.

Google Docs allows users to create documents, spreadsheets, et cetera at google.com (hosted in Google's cloud):

Spreadsheets can even contain functionality, such as forms, and these can be published to the whole world.

Unfortunately, that means we regularly see phishing sites via Google Docs spreadsheets and hosted on spreadsheets.google.com.

Here are some examples:

In 1990s, we used to have a Mac product. It eventually got discontinued due to lack of threats.

Then, in October 2007, we saw something unusual: a DNS Changer Trojan for OS X.

We estimated the risk level of new Mac malware and as a result, we started developing F-Secure Anti-Virus for Mac.

While we have seen new Mac malware every now and then, many experts have been downplaying the malware risk on Mac OS X systems. But the fact is that we are seeing more and more activity.

Dear Jeff Bezos,

As a longtime Amazon customer, I just tried the new Amazon Cloud Player powered by Amazon Cloud Drive with great expectations.

And I have to say — pretty neat.

Google unveiled the Cr-48 notebook last week in a soft launch of their ChromeOS operating system.

And this week, naysayers are calling it a waste of time.

Mikko was one of the participants in the special keynote panel discussion on "The Future of Mobile Malware & Cloud Computing" at last week's Hack In The Box 2010 Malaysia conference:

Like it or not, Twitter is important. It is not only used for chit-chat, but it has turned out to be the fastest way to get eye-witness reports from people who are on location whenever something happens.

Our Internet Security 2011 Beta is now available for download.

Beta testers receive a six month subscription and the opportunity to influence the final release.

You might remember the Ghostnet white paper that was released a year ago? We blogged about it extensively.

The same researchers, with the help of Shadowserver Foundation, has now published a new whitepaper, called Shadows In The Cloud: Investigating Cyber Espionage 2.0 (link to a PDF).

Why is it that banking trojans are a problem when all online banks are HTTPS secured and many of them employ multi-factor authentication?

The answer: Humans are not digital.