Week in review: Mysql.com hack, QR codes leading to malware and Facebook fixes post-logout tracking cookie

Here’s an overview of some of last week’s most interesting news, interviews, podcasts and articles:

Facebook changes raise serious security concerns
The last few weeks have been hot for Facebook users. After updating Privacy Controls and silently pushing the Smart Lists, the f8 pushed usability and privacy to a new level: Subscribers, News Ticker and Wall facelift, and the star of this f8 conference, the Timeline and the new Open Graph features.

Email marketing companies web accounts sending out malicious spam
A number of email marketing organization web accounts have recently been compromised – either through phishing or brute force attacks – and have been used by the attackers to send out such emails.

Mysql.com hacked, serving malware
The mysql.com website wass injected with a script that generates an iFrame that redirects the visitors to , where the BlackHole exploit pack is hosted.

Browser companies react to BEAST attack
It seems that at the time being, users are not in immediate danger of having their passwords sniffed out by random cyber crooks, but browser makers have definitely realized that danger can pop up very soon and have started working on a patch months ago, after being notified by the researchers of their breakthrough.

Avoid mobile device geolocation risks
Twenty-eight percent of U.S. adults use location-based applications like Facebook and Google Maps, and that number will grow, according to ISACA. Regulating geolocation data is in progress, so individuals and enterprises must be aware of the information they provide, collect and use.

Facebook fixes logout cookies issue
The offending “a_user” cookie (containing the user’s ID) is now destroyed on logout. Facebook claims that its persistence after logout was due to a bug, which has been fixed.

Alureon extracts backup C&C locations embedded in images
An Alureon Trojan variant designed to extract the location of backup C&C centers from images disseminated across the Web has been discovered by a Microsoft researcher.

New Ovum Technology report: Secunia VIM
How do companies operating diverse and wide-ranging systems solve their vulnerability management challenges? Not by using ad hoc tools, according to the new Ovum Technology Report 2011. In fact they state that “There needs be an integrated and inclusive approach that makes use of security intelligence to highlight vulnerabilities and their severity as they occur.”

10 actions to reduce IT infrastructure and operations costs
As many IT organizations are under intense pressure to continue to implement cost-cutting initiatives, Gartner has identified 10 actions that can reduce IT infrastructure and operations (I&O) expenses by 10 percent in 12 months, and as much as 25 percent in three years.

Microsoft takes down Kelihos botnet
After having disrupted the operation of the Waledac and Rustock botnets, Microsoft has set its sights on a smaller one that is thought to be an attempt to rebuild the Waledac botnet.

Firefox 7 search yields unwanted results
Firefox is the second most widely used browser in the world, so we can be sure that malicious individuals are already working on ways to take advantage of yesterday’s release of its latest incarnation.

Thousands of sites compromised following hosting provider hack
California-based hosting provider InMotion has suffered a compromise that resulted in the defacement of thousands of home pages of websites hosted on their infrastructure, which were allegedly set to serve malware.

Advanced persistent threats, cloud security and mobile security to dominate RSA Conference Europe 2011
This is an interview with Linda Lynch, RSA Conference Europe Manager and Herbert “Hugh” Thompson, Ph.D, Chief Security Strategist, People Security and RSA Conference Program Committee Chair.

Towards secure tokenization algorithms and architectures
Tokenization – the use of surrogate values for sensitive data – is all the rage. Although it is often sold as an alternative to encryption, it is at the core a cryptographic algorithm. This session at RSA Conference Europe 2011 will discuss how the practical implementation of these tokenization systems requires a careful evaluation to ensure they fit securely with the intended information and application use case.

25% of tested Google Chrome extensions allow data theft
27 of a 100 tested Google Chrome extensions have been found vulnerable to data (passwords, history, etc.) extraction attacks though specially crafted malicious websites or by attackers on public WiFi networks.

Mail-borne polymorphic malware soars
Approximately 72% of all email-borne malware in September could be characterized as aggressive strains of generic polymorphic malware.

Nearly 5 million military health care files stolen
Sensitive data about nearly 5 million patients has been compromised following the theft of backup tapes from an electronic healthcare app used in the military health system, warns TRICARE, a health care program for U.S. military personnel.

Smartphone users choose convenience over security
In a revealing survey of smartphone and tablet users, the majority polled admit to not password protecting their mobile devices despite keeping them logged in to sensitive online accounts and applications, leaving them open to account compromise, fraud and data theft.

Critical vulnerabilities triple in 2011
Adoption of mobile devices such as smartphones and tablets in the enterprise, including the “Bring Your Own Device” approach, which allows personal devices to access the corporate network, is raising new security concerns.

QR codes used to infect Android users with malware
As one can’t tell what the code contains just by looking at it, there is nothing to warn the users about a potentially dangerous download.

SSL Labs launches two Convergence notaries
Convergence is Moxie Marlinspike’s attempt to introduce fresh thinking into the debate about PKI, certificate authorities, and trust. The project was launched at Black Hat US in August.

More about

Don't miss