Week in review: ATMs hacked, malware attacks

Here’s an overview of some of last week’s most interesting news, interviews, articles and reviews:

U.K. seeks cyber experts, offers challenge and educational and job opportunities
The BBC dubbed it a “Britain’s Got Talent style competition to find UK’s finest IT workers”, but it’s official name is The Cyber Security Challenge.

OMG! Profile Spy targeting Facebook users
Facebook users are a curious lot, and one of the things that seemingly regularly piques their interest is the opportunity to see who views their profile.

Q&A: Strong authentication
Mike Moir is a Product Manager for the Entrust IdentityGuard solution. In this interview he talks about strong authentication.

P2P increasingly favored by malware attackers
Cisco released its 2Q10 Global Threat Report, which is an aggregation of data and insights on threats from Cisco Security Intelligence Operations.

Author of cloud-based phishing kit harvests collected credentials from phishers using it
People who embark on a life of crime are usually attracted by the promise of little effort and big money, and the hacker whose phishing kit was discovered to be collecting credentials from the phishers using it is clearly not an exception.

A closer look at Panda Cloud Antivirus Free Edition
Panda Cloud Antivirus (v.1.1.2) consists of a lightweight antivirus agent that is connected in real-time to PandaLabs’ online Collective Intelligence servers for a faster protection against the newest malware variants and an almost unnoticeable impact on PC performance.

ZeuS, Sality, Chymine and Vobfus jump on the LNK vulnerability bandwagon
Stuxnet was only the beginning. The successful exploitation of the (still unpatched) Windows LNK flaw has prompted other malware attackers to try to achieve the same results.

Mariposa malware author arrested in Slovenia
A 23-year old Slovenian hacker that goes by the handle “Iserdo” has been arrested for developing the code that allowed the three alleged Spanish Mariposa botnet herders to infect some 13 million computers in more than 190 countries.

100 million Facebook pages published on torrent site
A compilation of Facebook pages (and personal information) of 100 million users of the popular social network is available for download on a torrent site, courtesy of hacker Ron Bowes of Skull Security.

Designing Network Security, 2nd Edition
Designing Network Security is a book that will teach you how to define a security policy for your enterprise and how to implement it, and offers examples of practical implementation concerning physical and network infrastructure.

Fake AV masquerading as Firefox/Flash update
The well known “fake scanning page” that pops up a warning about your computer being infected has been switched with a fake Firefox “Just Updated” page that is usually displayed after you run Firefox the first time after an update.

Google has two times more malware than Bing, Yahoo! and Twitter combined
Barracuda released its Barracuda Labs 2010 Midyear Security Report, revealing data from two key areas: search engine malware and Twitter use and crime rate.

ATMs hacked and spitting up money at Black Hat
Delivering on his promise, security researcher Barnaby Jack has managed to make two unpatched ATMs from two major vendors spit out cash during his demonstration at the Black Hat conference in Las Vegas.

Black Hat USA 2010: A recession proof conference?(with photos)
It’s been said time and time before that the security industry is recession proof so it’s no wonder that unofficial data shows that attendance up 35% from last year.

Trojan masquerades as iPhone jailbreaking software
Only a couple of days after U.S. federal regulators decided and announced that the practice wasn’t illegal, cybercriminals have seized the opportunity to infect more systems.

Android wallpaper app stealing user data and sending it to China
The revelation that an application for Android that is being sold on Google’s Android Market is sending out information regarding your phone shouldn’t come as a surprise to anyone.

How to clean up a firewall rulebase
Over time, firewall rule bases tend to become large and complicated. They often include rules that are either partially or completely unused, expired or shadowed. So, here is a list of best practices for cleaning up a firewall (or router) rule base.

Share this
You are reading

Week in review: ATMs hacked, malware attacks