Week in review: Fox breach, SpyEye targeting Verizon and fake Macs rogueware
Here’s an overview of some of last week’s most interesting news and articles:
Five ways to migrate applications to the cloud
Organizations seeking to move applications into the cloud have five options: rehost on infrastructure as a service (IaaS), refactor for platform as a service (PaaS), revise for IaaS or PaaS, rebuild on PaaS, or replace with software as a service (SaaS).
PSN attackers allegedly used Amazon cloud for attack
According to an unnamed source, the attackers used fake information to rent a server from which they launched the attack.
Obama administration reveals cybersecurity plan
The Obama administration has issued a new legislative proposal that contains a number of steps it thinks critical to improving cybersecurity for U.S. citizens, the nation’s critical infrastructure and the Government’s own networks and computers.
Hackers steal, publish Fox employee passwords
A group of attackers who clearly have it in for Fox Broadcasting have managed to access a company server with hundreds of their employees’ email usernames and passwords.
Wikipedia-like sites peddling fake pharmaceuticals
Wikipedia is practically a household name now, so it’s no wonder that spammers are trying to take advantage of the online encyclopedia’s popularity and (relative) trustworthiness to peddle their fake wares.
Microsoft investigates the current threat landscape
Microsoft published volume 10 of the its Security Intelligence Report (SIRv10) which provides perspectives on software vulnerabilities, software vulnerability exploits, malicious and potentially unwanted software, and security breaches in both Microsoft and third party software.
Two teenage GhostMarket members sentenced
Two UK teenagers who stole credit card details from a number of online casinos, betting companies and web hosting companies and sold them on the now defunct GhostMarket have been sentenced on Friday after having pled guilty in December last year.
Facebook survey scam with a twist
Facebook survey scams that lure in users with promises of being able to see who looks at their profile are nothing new, but here is one that has some unusual twists and merits a mention.
Trojan paves way for rogue defragmenter
You might have heard about rogue AV solutions and scareware, but not many people have experienced a rogue defragmenter that hides files and (indirectly) asks money to return it.
HADOPI stops monitoring for copyright infringement due to breach
Trident Media Guard – the company tasked by the French High Authority for the Dissemination of Works and Protection of Rights on the Internet to monitor P2P networks and warn offenders about their breaking of the infamous HADOPI (three-strike) law – has apparently been breached.
Journalist arrested for article on Facebook privacy flaw
Australian journalist Ben Grubb was arrested following the publication of an article he wrote about a demonstration of how to access Facebook photos even if they are protected by the right privacy settings.
SpyEye Trojan attacks Verizon’s online payment page
Trusteer discovered a configuration of the SpyEye Trojan targeting Verizon’s online payment page and attempting to steal payment card information. The attack took place between May 7th and 13th.
A closer look at MainMenu Pro
MainMenu Pro (v3.0.3) is a maintenance tool for the Mac. It enables you to keep your Mac in shape by reclaiming unused disk space, speeding the launch of application, cleaning various caches and logs, fine-tuning your machine, and more.
Mac Protector: Fake AV targets Mac OS X users
A little over two weeks have passed since the appearance of MAC Defender, the fake AV solution targeting Mac users. And seeing that the approach had considerable success, it can hardly come as a surprise that attackers chose to replicate it.
Insider threats plague data managers
Financial services organizations struggle with human error, abuse of privileges more than most.
SCADA flaws talk cancelled due to security fears
Since the advent of the Stuxnet worm, SCADA industrial control systems have been receiving a lot of attention. You would expect that since these systems are those that control many critical infrastructure systems and are used in big manufacturing facilities, security would be the first thing on the minds of their developers. But, it turns out that it’s not so.