LifeLock, an Arizona company promising customers protection from identity theft, has agreed to pay $12 million to settle charges that the company overstated its benefits and used "scare tactics" to gain subscribers. Read the full article. [Computerworld]

North Carolina state researchers have modified existing speech authentication computer models and have streamlined the process so that it operates more efficiently. Read the full article. [ScienceDaily]

Organized cyber criminals stole more than $25 million from small to mid-sized businesses in brazen e-banking heists in the 3rd quarter of 2009 alone, federal regulators said last week. Read the full article. [KrebsonSecurity]

The Anti-Phishing Working Group (APWG) released its Q4, 2009 Phishing Activity Trends Report, which reveals that eCrime syndicates are expanding the base of brands they exploit for online fraud far beyond major financial institutions and online merchants, with the number of hijacked brands reaching a record 356 in October, up nearly 4.4 percent from the previous record of 341 in August 2009. Read the full article. [Help Net Security]

A Thai court has approved the extradition to the U.S. of a Malaysian man allegedly involved in hacking credit card information, causing massive losses for victims in the U.S. Read the full article. [Computerworld]

Cisco has released a number of reports on vulnerabilities in its products. It is possible to disrupt the transfer of voice data in the Unified Communications Manager using crafted SIP, SCCP and CTI packets. Read the full article. [The H Security]

Economic pressures are driving more businesses and governments to nervously eye cloud computing, despite myriad unanswered questions that swirl around a single central concern: security. This was backdrop for a panel discussion between CISOs at this week's RSA Conference. Read the full article. [Network World]

The new class of threat represented by today's banking malware like ZeuS can defeat much of the technology out there to combat it, admitted RSA bank-security panelists. Read the full article. [Tech Target]

Security B-Sides: Security penetration testers Mike Bailey and Mike Murray rely plenty on attacks that exploit weaknesses in websites and servers, but their approach is better summed up by the famous phrase "There's a sucker born every minute." Read the full article. [The Register]

More details follow the news of the Spanish botnet Mariposa and its owners being caught. The Mariposa Working Group infiltrated the command-and-control structure of Mariposa to monitor the communication channels that relayed information from compromised systems back to the hackers who run the botnet. Read the full article. [The Register]