Week in review: Cybercriminals moving away from Windows and Facebook privacy

Here’s an overview of some of last week’s most interesting news and articles:

Dating site creates profiles based on information scraped online
Various publicly available information regarding all US citizen is likely to be aggregated and be made available by Gotham Dating Partners, according to an announcement made by the company.

Endpoint security: The year ahead
Traditional security threats posed by hackers, viruses and worms over the past 10-plus years are still a concern, and have been joined by newer, emerging threats from the proliferation of Web 2.0 apps, mobile computing and custom attacks.

Inside a banking Trojan drop-zone
There can be no doubt that cybercrime is on the rise. Compared to real-world crime, it is easier, often more profitable, and carries definitely less risk to the perpetrator.

Toolkit merging Zeus and SpyEye already on the market?
When the alleged Zeus-SpyEye merger became news last October, a lot of people wondered what new capabilities we could expect of this new toolkit. According to McAfee’s Francois Paget, we can stop guessing.

A test of 13 intrusion prevention systems
NSS Labs released its network IPS comparative group test report for the fourth quarter of 2010.

Unsecured IP cameras accessible to everyone
IP cameras have been gaining market share at a fast pace and will likely continue to do so in the future. But, the main issue that remains to be addressed is that of security.

Facebook backtracks on address and phone data sharing
It seems that enough people have objected to Facebook’s announcement about the imminent change regarding permissions for for address and mobile number that the social network decided to put the plan on temporary hold.

ICQ’s critical flaw allows attackers to serve malicious software update
The flaw is affects the application’s automatic update mechanism, and affects all versions of ICQ 7 for Windows up to the latest one.

Global workforce and the cloud
Every couple of years (ISC)2 issue a report on the current situation and future expectations regarding the global information security workforce. At the Infosecurity press event, John Colley, the organization’s Managing Director for the EMEA region, offered insight on their latest report.

Two men charged for AT&T site breach
Two men were arrested on Tuesday and are facing charges of fraud and conspiracy to access a computer without authorization, following an investigation that started with last year’s much publicized harvesting of e-mails and AT&T authentication IDs of 114,000 early-adopters of Apple’s iPad.

The unofficial guide to Facebook privacy
As the service evolves, executives tend to favor our open access to information, meaning information you think is private will slowly become public, but that doesn’t mean you can be private if you want to.

Cybercriminals shifting focus to non-Windows systems
In a major cybercrime turning point, scammers have begun shifting their focus away from Windows-based PCs to other operating systems and platforms, including smart phones, tablet computers, and mobile platforms in general, according to the Cisco 2010 Annual Security Report.

Cybercrime black market statistics
PandaLabs released an investigative report on the current cybercrime black market. They discovered a vast network selling stolen bank details along with other types of products in forums and more than 50 dedicated online stores.

Fake Facebook password change notification leads to malware
The attached .zip file that supposedly contains the new password actually contains a backdoor that downloads a MS Word document and opens it.

Zeus malware now targets online payment providers
The Zeus malware continues to evolve, diversifying away from its target bank sites and their customers, and over to sites with user credentials that allow assets that have a financial value.

Major government websites hacked with access for sale
Researchers from Imperva’s Hacker Intelligence Initiative (HII) have found dozens of .mil, .gov and .edu web sites which have been hacked with access up for sale due to SQL injection vulnerabilities.

Job application e-mails carry banking Trojan
The FBI-backed Internet Crime Complaint Center (IC3) has issued a warning yesterday about the rise in Automated Clearing House fraud aimed at businesses across the country. The cyber criminals target businesses who have recently placed job postings on employment websites.




Share this