Monday, October 12, 2009

Monday 10/12/09

Researchers advise cyber self defense in the cloud

Security researchers are warning that Web-based applications are increasing the risk of identity theft or losing personal data more than ever before.

The best defense against data theft, malware and viruses in the cloud is self defense, researchers at the Hack In The Box (HITB) security conference said. But getting people to change how they use the Internet, such as what personal data they make public, won't be easy.

----------

Expert provides more proof hackers hijacked Hotmail accounts
It's almost certain that hackers obtained the Hotmail passwords that leaked to the Internet through a botnet-based attack, a researcher said today as she provided more proof that Microsoft's explanation was probably off-base. Read more...


----------

Sidekick users livid over Microsoft server failure
On Saturday, Microsoft announced that users' data stored on its servers "almost certainly has been lost as a result of a server failure at Microsoft/Danger," referring to Danger Inc., the Microsoft subsidiary that provides data services for Sidekick phones sold by T-Mobile.

...

"I just spoke to a lawyer and explain[ed] the entire situation," said a user tagged as "Calsmail" last Thursday. "He informed me he would be happy to start a class-action suit against T-Mobile. He said he could not only get us out of our contracts but can more than likely get $50 per contact lost."

----------

UC Berkeley tightens personal data security with data-masking tool


----------

No Facebook at work in most US companies
By News Room Yesterday

----------

What's replacing P2P, BitTorrent as pirate hangouts?

----------

EU High Court Amassing Strength & Reach
By NICK WILSON

As the European Court of Justice continues a dramatic rise in power and volume of cases, a comparison is inevitably made with the U.S. Supreme Court where an initially weak political body grew into an enormously powerful interpreter of the law in a vast region of wealth and population. But there are also key differences between the two high courts, based on the greater power held in the U.S. Constitution and the less competitive relationship between the courts of the European nations and the EU's high court.

----------

Google patches DoS vulnerabilities in Android
Researchers at the Open Source Computer Emergency Response Team (oCERT) disclosed two denial-of-service vulnerabilities in Google Inc.'s Android 1.5 mobile phone platform, both of which have already been patched by the vendor.

----------

Hackers exploit this year's fourth PDF zero-day

The bug in the popular Reader PDF viewer and the Acrobat PDF maker is being exploited in "limited targeted attacks," Adobe said yesterday. That phrasing generally means hackers are sending the rigged PDF documents to a short list of users, oftentimes company executives or others whose PCs contain a treasure trove of confidential information.

Adobe promised to patch the vulnerability on Tuesday, Oct. 13, the same day that Microsoft plans to issue its biggest-ever collection of security updates.

----------


McAfee Labs’ October Spam Report
Monday October 12, 2009 at 8:36 am CSTPosted by David Marcus

Cybercriminals are taking advantage of American concerns about healthcare by flooding the internet with spam. According to our October Spam Report, 70 percent of global spam is now “Canadian” pharmacy spam that takes advantage of fears of Swine Flu and rising costs of Medicare and pharmaceuticals.

Spammers generate more than 150 billion spam messages daily; that’s enough to send everyone in the world more than 30 emails every day (including people without computers). Nearly 19 out of every 20 emails are spam, and cybercriminals are growing more sophisticated with their attacks. No brands seem to be safe, and this month’s report analyzes how spammers are abusing the brands of Monopoly, The Hollywood Reporter and even the Jewish organization Chabad to distribute malware.


The report can be downloaded here.

----------

Posted at 2:00 PM ET, 10/12/2009
Avoid Windows Malware: Bank on a Live CD

http://blogs.washingtonpost.com/securityfix/

The simplest, most cost-effective answer I know of? Don't use Microsoft Windows when accessing your bank account online.

----------

No comments: