Week in review: Stuxnet, WoW phishing and ZeuS gangs smackdown

Here’s an overview of some of last week’s most interesting news, videos, articles and interviews:

60% of organizations suffered $2 million losses for Web 2.0 security issues
While organizations see the potential value of Web 2.0 tools, decision makers continue to debate whether or how to allow employee usage of the technology in the workplace.

Google warns Gmail users on spying attempts from China
Recently, a number of users have been witnessing a glaring red banner popping up when they accessed their Gmail account, saying “Warning: We believe your account was recently accessed from: China (IP ADDRESS)”.

Vulnerability research and disclosure
Richard Brain is the Technical Director at ProCheckUp and in this interview he discusses vulnerability research, his favorite security tools, fuzzing as well as the vulnerability disclosure process.

Today’s security landscape: Threats, data breaches and privacy
In this video recorded at the IBM Innovate 2010 conference, Jack Danahy, the Worldwide Security Executive, IBM/Rational at IBM, talks about current threats, data breaches and privacy.

ZeuS tries to bypass two-factor authentication
Since more and more financial institutions and companies are beginning to use mobile text messages in order to provide two-factor authentication to its users, it was just a matter of time until criminals behind the ZeuS Trojan will try to think of a way to get hold of that crucial bit of information.

Q&A: RSA Conference Europe 2010
Linda Lynch is the RSA Conference Europe Manager and in this Q&A she provides an overview of this year’s event.

Stuxnet able to re-infect cleaned computers
Liam O Murchu, manager of Symantec’s North American Malware Response team, says that he has discovered how the worm manages to re-infect a computer that has been cleaned of it.

Sangria, tapas and hackers: SOURCE Barcelona 2010
We spent four fantastic days in Barcelona attending our first SOURCE Conference. The best way to describe the SOURCE crowd is as one big family and this is surely one of the reasons of the success of this event.

Spamhaus launches whitelist service
This whitelist is intended for email from qualified corporations such as banks, accounting firms, law firms, airlines; from medical centers & government agencies, and transactional email from automated billing systems, e-commerce servers, online banking and booking systems.

UK-based gang arrested for stealing millions using ZeuS
Nineteen people were arrested in the UK and are suspected of being part of an Eastern European gang that used the ZeuS Trojan to steal online banking credentials from unsuspecting victims and syphon around £2 million per month to their accounts.

World of Warcraft phishing scams
It is common knowledge that login credentials for WoW accounts are very much sought after by phishers, so TrendLabs warns about a couple of scams currently going around.

Sasfis distibuted via fake U.S. Postal Service emails
If you have recently received an email from the United States Postal Service notifying you that a package you sent wasn’t delivered because the recipient’s address is incorrect, don’t open the attached .zip file.

PayPal expands consumer protection
The expanded protection will cover shoppers on merchant websites if they don’t receive an item they purchased, or if they receive an item that is significantly different than described by the merchant.

37 charged in global ZeuS bank fraud schemes that stole millions
Manhattan U.S. Attorney charged 37 defendants, in 21 separate cases, for their roles in global bank fraud schemes that allegedly used hundreds of false-name bank accounts to steal over $3 million from dozens of U.S. accounts that were compromised by malware attacks.

Android applications sharing your data
A group consisting of researchers from Duke University, Pennsylvania State University and Intel Labs has recently created a tool that allowed them to analyze data flows out of Android smartphones, and the conclusion of their research should not be surprising to anyone.

We are two clicks away from malware
Most Internet users are only two clicks away from malicious content from top sites, poisoned search results, and malicious links.

Don't miss