LifeLock, an Arizona company promising customers protection from identity theft, has agreed to pay $12 million to settle charges that the company overstated its benefits and used "scare tactics" to gain subscribers. Read the full article. [Computerworld]

Organized cyber criminals stole more than $25 million from small to mid-sized businesses in brazen e-banking heists in the 3rd quarter of 2009 alone, federal regulators said last week. Read the full article. [KrebsonSecurity]

Howard Schmidt, the new cybersecurity czar for the Obama administration, has a short answer for the drumbeat of rhetoric claiming the United States is caught up in a cyberwar that it is losing.

“There is no cyberwar,” Schmidt said. “I think that is a terrible metaphor and I think that is a terrible concept,” Schmidt said. “There are no winners in that environment.” Read the full article. [Wired]

Microsoft's idea that the fight against malware could be funded by an Internet tax is "horrible," an analyst said as other experts weighed in on a recent comment by the company's security chief. Read the full article. [Computerworld]

Economic pressures are driving more businesses and governments to nervously eye cloud computing, despite myriad unanswered questions that swirl around a single central concern: security. This was backdrop for a panel discussion between CISOs at this week's RSA Conference. Read the full article. [Network World]

Computer scientists say they've discovered a "severe vulnerability" in the world's most widely used software encryption package that allows them to retrieve a machine's secret cryptographic key. The bug in the OpenSSL cryptographic library is significant because the open-source package is used to protect sensitive data in countless applications and operating systems throughout the world. Read the full article. [The Register]

The new class of threat represented by today's banking malware like ZeuS can defeat much of the technology out there to combat it, admitted RSA bank-security panelists. Read the full article. [Tech Target]

More details follow the news of the Spanish botnet Mariposa and its owners being caught. The Mariposa Working Group infiltrated the command-and-control structure of Mariposa to monitor the communication channels that relayed information from compromised systems back to the hackers who run the botnet. Read the full article. [The Register]

Forget iris and fingerprint scans — scanning noses could be a quicker and easier way to verify a person’s identity, according to scientists at the University of Bath. With worries about illegal immigration and identity theft, authorities are increasingly looking to using an individual’s physical characteristics, known as biometrics, to confirm their identity. Read the full article. [Homeland Security Newswire]

The nation's new cybersecurity czar in a Town Hall meeting session here today mapped out his top priorities in the post and provided a glimpse at how the Obama administration may handle security issues with other countries. National cybersecurity coordinator Howard Schmidt also announced that the White House was releasing an unclassified version of its plan for securing government and private industry networks. Read the full article. [Dark Reading]