Week in review: Flaw-ridden smartphones, Facebook app verification and malware-writing researchers

Here’s an overview of some of last week’s most interesting news and articles:

Critical vulnerabilities in Photoshop CS4
Critical vulnerabilities have been identified in Photoshop CS4 11.01 and earlier for Windows and Macintosh that could allow an attacker who successfully exploits these vulnerabilities to take control of the affected system.

Critical iPhone security issue leaves your contents exposed
Bernd Marienfeld has discovered last week that the passcode protection can be bypassed by simply connecting the iPhone 3GS in question to a computer running Ubuntu 10.04.

SASFIS Trojan disguised by clever technique
A cleverly disguised variant of SASFIS – the infamous Trojan that makes it possible for your computer to be further infected with any number of different malware, has been spotted by a TrendLabs engineer in an email spam run.

The risks when networks collide
The increasing convergence of multiple networks for voice, data, video and other services onto a single infrastructure based on IP, has the potential to leave serious gaps in security.

IT pros are hacking their own enterprises to keep intruders out
A survey of IT security professionals has discovered that 83% consider commercial applications, the ones you buy off the shelf, to be riddled with code flaws and vulnerabilities.

To hack or not to hack MSN accounts
A mass mail invitation to a suspicious “do-it-yourself” account hacking session puts Windows Live Messenger users at risk.

Popular websites distribute spyware-infected Mac software
Intego has discovered a spyware application that is installed by a number of freely distributed Mac applications and screen savers found on a variety of websites.

Researchers develop malware to devise protection against it
Malware action – security reaction. In most cases, security researchers and professionals are bound to this vicious cycle, but there are some that have taken steps to break it.

What’s privacy got to do with it?
The news has been rife over the last few weeks with stories of privacy breaches by names we trust and use on daily basis. But is it fair to lay all the blame at the doors of Google and Facebook?

U.S. Senators keep trying to give “cyber emergency” powers to federal government
This latest bill is sponsored by Senators Lieberman and Collins, and aims at giving the DHS the authority to take over civilian networks in case of an “imminent cyber threat.”

Samsung smartphone shipped with malware-infected memory card
The latest mass-market product that has been found being shipped to customers while containing malware is the Samsung S8500 Wave phone with the Samsung bada mobile platform.

Facebook fights rogue apps with verification program
In view of all the rogue applications that have lately targeted Facebook users, the announcement that the social network will require developers to verify their Facebook account in order to create new applications is a welcome one.

Top 5 FIFA World Cup online risks
Lavasoft issued advice to follow to make sure people enjoy the month-long tournament without becoming the target or victim of an attack.

Rootkits on Android smartphones
Two security researchers from Trustwave have taken it upon themselves to investigate the possibility of creating a rootkit for Android smartphones that would allow an attacker to gain access to the device and the data inside it.

Instant messenger phishing made simple
An Internet application “comes to the rescue” of MSN & YIM users who want to find out if their friends, colleagues or acquaintances have blacklisted them.