Week in review: less spam, a new Android Trojan and the dark side of Twitter

Here’s an overview of some of last week’s most interesting news, videos, reviews and articles:

The security landscape from 2010 to 2011
Vendor-neutral testing and certification firm ICSA Labs offers its thoughts on the security landscape spanning 2010 and 2011.

Carders.cc, Exploit-db.org and others hacked on Christmas
Waking up on Christmas morning and finding out you’ve been hacked must be pretty annoying, and that it what happened to the administrators of Carders.cc and to the administrators of some other websites and databases.

Man makes career out of suing e-mail spammers
There may be a lot people who thought about it, but there is one who decided to actually do it – Daniel Balsam from San Francisco quit his job and started his new career: suing spamming companies.

The secure coding practices quick reference guide
In the video below, Keith Turpin talks about the secure coding practices quick reference guide. It’s a technology agnostic set of general software security coding practices, in a comprehensive checklist format, that can be integrated into the development lifecycle.

The criminal in your browser is real
The browser has emerged as the weakest link in an enterprise’s security infrastructure. It is being successfully exploited by malware authors and criminals who use this method to steal logon credentials and inject Trojans that crack IT systems wide open, often undetected.

Geolocation, mobile devices and Apple top the list of emerging threats
McAfee unveiled its 2011 Threat Predictions report, outlining the top threats that researchers at McAfee Labs foresee for the coming year.

Older Facebook apps threaten your and your friends’ privacy
Facebook users that are concerned with keeping their privacy have probably become more careful with the years about adding applications to their account. But two, three years back – before Facebook was forced to give users more privacy control over each application used – applications asked for a lot more information in order to function than they do now.

Computer Incident Response and Product Security
As time passes, more and more companies realize the importance of having an in-house incident response team. But how to go about forming one and organizing its functioning? This book offers the answers to those questions and teaches you to ask the right questions when dealing with unique situations.

The dark side of Twitter
In this video, Paul Judge, chief research officer for Barracuda Networks, talks about measuring and analyzing malicious activity on Twitter. He talks about identifying the bad guys based on their behavior before an actual attack takes place.

GSM cracking is all about knowledge, not money
Since the cracking of GSM encryption back in December 2009 by encryption expert Karsten Nohl, the cost of setting up an operation that includes sniffing out the calls made by a specific target and decrypting them has decreased time and time again.

The significant decline of spam
In October Commtouch reported an 18% drop in global spam levels (comparing September and October). Analysis of the spam trends to date reveals a further drop in the amounts of spam sent during Q4 2010.

Android Trojan with botnet capabilities found in the wild
A new, more sophisticated Trojan for Android devices has been spotting lurking on third-party Chinese Android app markets – the first ever piece of Android malware that has the capability to receive instructions from a remote server and thus become part of a botnet.

A closer look at Steganos Privacy Suite
Steganos Privacy Suite (v.12) is a suite offering most Steganos privacy and encryption products bundled up together: Safe, Portable Safe, Crypt & Hide, Password Manager, Private Favorites, E-Mail Encryption, Trace Destructor and Shredder.

Don't miss