Week in review: Facebook scams, OddJob Trojan and corporate espionage via social networks

Here’s an overview of some of last week’s most interesting news and articles:

New types of cookies raise online privacy concerns
The advertising industry has led the drive for new, persistent and powerful cookies, with privacy-invasive features for marketing practices and profiling.

Vulnerability allows phishing messages on RapidShare.com
An improper input validation vulnerability discovered recently by M86’s researchers could be used to create phishing messages targeting RapidShare users.

Libya practically offline, bit.ly still working
As Libya descends into a vortex of protests and violent retaliations for the same – courtesy of the country’s long-lived president Muammar al-Gaddafi – the conflict has serious repercussions on the nation’s ability to access the Internet.

New type of financial malware hijacks online banking sessions
A new type of financial malware has the ability to hijack customers’ online banking sessions in real time using their session ID tokens. The OddJob Trojan keeps sessions open after customers think they have “logged off”, enabling criminals to extract money and commit fraud unnoticed.

Phishing scam and malware distribution scheme combined
The Facebook phishing campaign spotted last week turned out not to be so unimaginative after all.

“Free Southwest Airlines tickets” Facebook scam
A new scam is targeting Facebook users and luring them in with promises of complimentary tickers from Southwest Airlines.

A single click can open door to cybercrime
Blue Coat Systems unveiled their 2011 security report that examines Web behavior and the malware to which users are most frequently exposed.

BIND Denial of Service vulnerability
A vulnerability has been reported in BIND, which can be exploited by malicious people to cause a Denial of Service, according to Secunia.

41% of organizations not aware of security risks
41 percent of organizations are not well aware of or protected against IT security risks, and another 40 percent are not completely confident they can accurately deploy countermeasure products thus leaving them at risk.

Spyware compromises 150,000+ Symbian devices
A new variant of spyware “Spy.Felxispy” on Symbian devices causing privacy leakage has recently been captured by the National Computer Virus Emergency Response Centre of China.

Assange to be extradited to Sweden
WikiLeaks founder and director Julian Assange is to extradited to Sweden so that he might be questioned regarding to and possibly charged with sexual assault and rape, decreed the British judge presiding over the extradition hearing.

Apple releases developer preview of Mac OS X Lion
Apple released a developer preview of Mac OS X Lion, which takes some of the best ideas from iPad and brings them back to the Mac.

Corporate espionage via social networks
At this years’ edition of the RSA Conference in San Francisco, Abhilash Sonwane – VP of Product Management and Technology for Cyberoam – gave an interesting talk about the possibility of using social media to map out the organizational DNA of a company.

Malware-driven pervasive memory scraping
Reports are coming in of a new trend in hacking techniques. Known as “pervasive memory scraping,’ the technique relies on the fact that certain areas of Windows memory are only occasionally overwritten, meaning that data from software that has been closed down on the PC, can still remain for some time after.

Going “eye to eye” with network security threats
One of the ironies of our increasingly technology-dependent society is that you need an ever increasing amount of technology to address the failings or risks of the technology itself.

Failure to invest in secure software a major risk
Failure to take software security seriously is putting organizations, brands and people at risk, according to a report by Creative Intellect Consulting.

Facebook is not overpopulated – it’s a scam
The latest survey scam to hit Facebook users starts with a message that’s supposedly from the Facebook team.

Don't miss