Week in review: Android malware, Facebook security features and Zuckerberg’s page hack

Here’s an overview of some of last week’s most interesting news and articles:

Lush hack due to numerous security vulnerabilities
The Web site of Lush, the natural ingredients cosmetic firm, has reportedly been cracked and subverted by attackers. So far 43 customers have had their cards used by fraudsters.

Tide turns for US employee privacy?
When it comes to the US workforce, the trend that allowed employers to practically monitor everything their employees do in their workplace, on their office or other company issued computers, or even on the employees’ social networking websites, may be coming to an end.

Android malware records and steals credit card numbers from phone conversations
Researchers from the City University of Hong Kong and Indiana University have developed a Trojan for the Android mobile OS that extracts credit card and PIN numbers from phone conversations and sends them to a remote server via another Trojan.

Internet porn still main source of threats
A significant 63% of the users attempting to find adult content on their computers compromised their computers’ security on multiple occasions.

The vulnerability species: Origin and evolution
Secunia’s Yearly Report for 2010 revealed that out of more than 4,000 vendors on the market today, just 14 vendors with products in use on millions of private and corporate systems daily, were responsible for over half of the vulnerabilities discovered in the last two years.

Fedora Project investigates possible infrastructure compromise
A security incident on Fedora infrastructure has been reported by Jared Smith, Fedora Project’s leader, who confirmed that the account of one of its contributors has been compromised.

PayPal most phished, Facebook most blocked
OpenDNS released statistics about which websites were commonly blocked — and which websites users were frequently given access to — in 2010.

A good decade for cybercrime
The latest report from McAfee, “A Good Decade for Cybercrime,” examines the past ten years of cybercriminal tactics and online threats, an era that dramatically changed the face of crime.

Facebook fake photo links lead to malware
This simplistic but seemingly effective bait leading to malware is apparently been circling on Facebook for a couple of weeks now.

Conficker: Lessons learnt
The Conficker worm is the largest computer worm infection with more than seven million government, business and home computers in over 200 countries now under its control.

Hedge funds unprepared for cyber attack
With details trickling in about how the sophisticated Stuxnet computer worm derailed years of work on Iran’s nuclear program, many seasoned observers are left to wonder what might happen if such a powerful weapon were ever turned against the nearly $2 trillion hedge fund industry.

Riskiest social media applications
Facebook and Twitter top the list.

Protesters organize via social networks, governments move to block them
The wave of nation-wide protests that ended in the Tunisian president Ben Ali’s run to Saudi Arabia was at least in part made possible by the organizers’ use of Facebook to keep the protesters abreast of the latest happenings and fan the flames with videos of hurt demonstrators.

Facebook adds secure browsing and social authentication
The “social CAPTCHA” method of authentication that Facebook developed to prevent the Tunisian government to access the accounts of the people whose login credentials they have stolen will become a standard fixture, confirmed Facebook’s Alex Rice.

A step towards wider SSL implementation
Two great stumbling blocks on the path leading to a Web-wide implementation of the SSL/TLS protocols have always been cost and speed.

Worrying increase in surveillance across Europe
A landmark EU-wide study of national privacy safeguards shows a decline in privacy protection across Europe and a steep increase in state surveillance over the lives of individuals. The study includes a rating for EU member states and accession candidate countries. This rating pits Britain and Ireland fighting over the bottom of the privacy league.

API bug responsible for Zuckerberg page hack
A Facebook spokesman says that the bug has been fixed, but he would not name the high-profile accounts affected by the bug and the pages where unauthorized postings turned up.

Who’s watching you? Online fears revealed
Despite lingering concerns about the U.S. economic recovery, Americans worry more about having their online privacy violated (25%) than declaring bankruptcy (23%) or losing their job (22%).

More about

Don't miss