Week in review: WikiLeaks developments, rich scammers and ATM infections
Here’s an overview of some of last week’s most interesting news, articles and interviews:
Release of diplomatic cables reveals Aurora attacks instigator
Among the various interesting things that the leaked cables revealed is that, following the January discovery of the Aurora attacks on various U.S. companies, a Chinese contact shared with the American Embassy in Beijing that the hacking of Google was just a part of a larger sabotage campaign.
Android browser flaw allows attackers to access user data
A vulnerability in the Android browser that could allow attackers to download files stored on the mobile device’s or tablet’s SD card has been discovered by security expert Thomas Cannon.
Experiment reveals how scammers earn huge money with simple scams
An interesting experiment conducted by UK-based scam-tracking organization Scam Detectives has revealed how online scams can earn scammers a lot of money in a short time – if they choose their angle well.
Fake Facebook “photo comment” e-mail leads to malware
As Facebook has announced its new messaging system and its deployment in the coming months, online scammers have been trying to use that announcement against unsuspecting Facebook users that may have heard about it and believe that changes will be made in the way that the social network contacts and notifies its users.
Canon image originality verification proven useless
ElcomSoft discovered vulnerability in Canon’s Original Data Security System, a validation system to guarantee authenticity of digital images captured with supported Canon cameras.
Organizations still fail to control USB devices
A survey has found that USB Flash drive ownership has exploded with 100% of the 229 respondents having at least one such device and more than 21% owning as many as 10 or more.
Government seizes 82 website domains
Seizure orders have been executed against 82 domain names of commercial websites engaged in the illegal sale and distribution of counterfeit goods and copyrighted works as part of Operation In Our Sites v. 2.0.
Malicious Kodak Galleries used for serving Trojan
A variant of a highly specialized Trojan has appeared on fake sites mimicking Kodak Gallery pages, where potential victims are urged to download software that would supposedly allow them to watch the offered slideshow.
Amazon profiles abused by spammers and malware pushers
Experience has proven that if a site enables users to contribute content, this feature will be abused by those who want to push their own agenda – usually spammers.
Exploit kit with integrated AV checker
The latest version of the relatively new “Siberia Exploits Kit” has an interesting feature that must make it pretty popular among criminals – a built in AV checker.
ProFTPD.org main FTP server compromised
A warning has been issued by the developers of ProFTPD, the popular FTP server software, about a compromise of the main distribution server of the software project that resulted in attackers exchanging the offered source files for ProFTPD 1.3.3c with a version containing a backdoor.
The golden hour of phishing attacks
Trusteer conducted research into the attack potency and time-to-infection of email phishing attacks. One of their findings was that 50 per cent of phishing victims’ credentials are harvested by cyber criminals within the first 60 minutes of phishing emails being received
WikiLeaks booted from Amazon, Assange to be arrested soon
While a “hacktivist” that goes by the handle of The Jester has claimed responsibility for the DDoS attack aimed at the WikiLeaks’ page via his Twitter account (@th3j35t3r), Amazon has stopped hosting the WikiLeaks’ website on its US-based servers.
WikiLeaks back online on new Swiss domain
The cat and mouse game continues for WikiLeaks as it moves its site to Switzerland – wikileaks.ch is the new domain on which the whistleblowing site can be reached.
Cybergang infects all ATMs in Russian city
A group of fraudsters has been arrested in Yakutsk and Moscow for allegedly compromising all the ATMs in the city of Yakutsk – population: around 210,000 – in the Republic of Yakutia in the Russian Federation.
The world of security on center stage at RSA Conference 2011
Sandra Toms LaPedis, Area Vice President and General Manager of RSA Conferences, is responsible for global promotion and successful execution for the conference. In this Q&A she talks about what you can expect at RSA Conference 2011 in San Francisco.