Week in review: Facebook’s remote logout, malware protection tips and a new issue of (IN)SECURE Magazine

Here’s an overview of some of last week’s most interesting news, articles and videos:

Building secure web mashups
In this video from OWASP AppSec Research 2010, you can learn more about building secure web mashups.

Ethical malcoders get their own conference
You have heard of Black Hat, Defcon, RSA Conference and Info Security, but does the name MalCon ring a bell?

Misconfigured networks main cause of breaches
Responses to a survey from attendees of the DEFCON 18 conference revealed that 73% came across a misconfigured network more than three quarters of the time.

Malware protection tips for social media users
There are ways to increase your web security and protect yourself from a wide range of threats without making drastic changes to the way you use social media.

A closer look at GFI Backup 2010 Business Edition
Through GFI Backup’s central web-based administration console, administrators can configure and implement company-wide backup policies in a single task.

Top scams on the web
PandaLabs has drawn up a ranking of the most widely used scams over the last few years.

30 days of 0-days, binary analysis and PoCs
An independent group of security researchers that goes by the name of Abysssec Security Team has announced its intention of making September a month of disclosure.

(IN)SECURE Magazine issue 27 released
(IN)SECURE Magazine is a free digital security publication discussing some of the hottest information security topics.

Slovenian Mariposa suspects’ identities revealed
A month has passed since the Mariposa malware author was arrested in Slovenia, and more details about the case have surfaced in the meantime.

Malware detection with Neptune
In this video recorded at Black Hat USA 2010, Rami Kawach, a software architect at Qualys, talks about Neptune – a project to build an automatic malware analysis engine and deliver it as a free tool.

Phishing campaign targets McDonald’s fans
A widespread spam campaign that is promising cash in return for completing a McDonald’s customer satisfaction survey has been uncovered.

Rescue of Chilean miners used as lure by banker Trojan
PandaLabs uncovered a new malicious code, Banbra.GUC, which lures users with a video about the rescue of the trapped Chilean miners. This is a new variant of the infamous Banbra family of banker Trojans, which first emerged in 2003.

Spammers attack Apple’s Ping social network
Scammers and spammers have deluged the new Ping musical social network, created by Apple and built into the new version of iTunes.

Facebook boosts security by adding remote logout feature
Following the May rollout of the security feature that made it possible for Facebook users to be notified of unapproved account access, the social network announced another one that will allow them to remotely logout from their account.

Automated vs. manual security
In this video from OWASP AppSec Research 2010, David Byrne and Charles Henderson from Trustwave talk about automated vs. manual security.

Google Code hosting malware-spreading project
Google Code’s project hosting feature has occasionally been used by malicious individuals for storing and spreading malware.




Share this