Week in review: DDoS attacks, anti-Facebook worm and identity in the digital age

Here’s an overview of some of last week’s most interesting news, interviews, videos, reviews and articles:

How to keep mobile devices secure while traveling
“Tis the season to be jolly – and to leave sensitive corporate information behind at the airport!

Upsurge of attacks aimed at Facebook, iPad and smartphones
If you thought 2010 was challenging, just wait for 2011. Here are our top five 2011 security predictions for the coming year from Websense.

Vendor creates malware to sell its anti-malware product
Chinese antivirus software companies seem to have a unusual strategy for keeping its services and products in demand – secretly developing threats themselves and unleashing them online, then turning around and making their products detect and remove them.

Experimental botnet reveals long sought answers
Is there a better way of analyzing the ins and outs of a botnet than making one yourself? The answer to that question was negative for ESET’s researcher Pierre-Marc Bureau and the rest of a team at Ecole Polytechnique de Montreal.

The importance of identity in the digital age
David Mahdi, a Product Manager at Entrust, explains the critical issues in understanding the very nature of identity in a society actively building bridges between the real and digital world.

Database of routers’ embedded private SSL keys published
The recent publishing of a database containing over 2,000 private SSL keys hard-coded into various routers – with their corresponding public certificates and hardware/firmware versions – has made an attack that involves decrypting the traffic going through the device very easy to execute.

Using social networks to profile, find and own your victims
In this video from DojoCon 2010, Dave Marcus, the Director of Security Research at McAfee Labs, illustrates the dangers of doing unintelligent things online. Dave shows you how to figure out a wealth of information about people solely using open source intelligence. Everything he reveals is based solely on details people disclose publicly about themselves.

How can independent media and human rights sites defend themselves from DDoS attacks?
In order to shed more light on this attack technique and to help those organizations to fight it off as best they can, a number of researchers from the Berkman Center for Internet & Society at Harvard University have published a paper on the topic.

Worm blocks access to Facebook
A relatively new worm that Symantec named W32.Yimfoca presents a very interesting and never before seen modus operandi – it specifically targets Facebook users by denying them access to their accounts if they don’t complete a survey.

Highest profile software failures of 2010
SQS Software Quality Systems compiled a list of the worst software failures of 2010 that have damaged reputations, impacted negatively on finances and caused stress to users.

“Evil” URL shortener initiates DDoS attacks
Can you believe that clicking on a shortened link can make you an involuntary and unknowing participant in a DDoS attack on a website? Ben Schmidt, a self-styled student/researcher form the University of Tulsa, has made it possible.

Virus yearbook 2010: Mariposa, Stuxnet and MSNWorm most noteworthy
PandaLabs is closing the year with a look at some of the unique and noteworthy viruses that have appeared over the last twelve months. The list of viruses is vast and varied, since in 2010, they received more than 20 million new strains of malware.

Cisco CCENT Mind Share Game
The Cisco CCENT Mind Share Game covers key networking topics and is designed to test the players’ technical knowledge and their ability to concentrate and perform under pressure, in order to help them pass their CCENT (Cisco Certified Entry Networking Technician) or CCNA (Cisco Certified Network Associate) certification exams.

All versions of Internet Explorer under threat
Microsoft released a new security advisory to help protect users from a vulnerability affecting Internet Explorer versions 6, 7, and 8. Exploiting this vulnerability could lead to unauthorized remote code execution inside the iexplore.exe process.

Hacker recovers stolen computer and gets criminal caught
In this video recorded at DEFCON, a hacker has his computer stolen, and tells the story of how he recovered it and got the criminal caught.




Share this