IWSN

• Facebook malware scam takes hold    (Sat, 04 Feb 2012 00:05:44 +0000)
  A "worrying number" of Facebook users are sharing a link to a malware-laden fake CNN news page reporting the U.S. has attacked Iran and Saudi Arabia, security firm Sophos said Friday.
• PHP 5.3.10 fixes critical remote code execution vulnerability    (Fri, 03 Feb 2012 15:57:05 +0000)
  The PHP Group released PHP 5.3.10 on Thursday in order to address a critical security flaw that can be exploited to execute arbitrary code on servers running an older version of the Web development platform. The vulnerability is identified as CVE-2012-0830 and was discovered by Stefan Esser, an independent security consultant and creator of the popular Suhosin security extension for PHP.
• Google won't delay new privacy policy despite E.U. concerns    (Fri, 03 Feb 2012 15:52:24 +0000)
  Google does not plan to delay its new privacy policy despite calls from Europe's data protection watchdog.
• Microsoft researchers say anonymized data isn't so anonymous    (Fri, 03 Feb 2012 13:10:47 +0000)
  Data routinely gathered in Web logs -- IP address, cookie ID, operating system, browser type, user-agent strings -- can threaten online privacy because they can be used to identify the activity of individual machines, Microsoft researchers say. At the same time, analysis of such data when anonymized can help detect malicious activity and so improve overall Internet security, they add.
• Symantec warns of Android Trojans that mutate with every download    (Fri, 03 Feb 2012 12:31:43 +0000)
  Researchers from security vendor Symantec have identified a new premium-rate SMS Android Trojan horse that modifies its code every time it gets downloaded in order to bypass antivirus detection. This technique is known as server-side polymorphism and has already existed in the world of desktop malware for many years, but mobile malware creators have only now begun to adopt it.
• Apple updates Lion, patches 51 bugs in Mac OS X    (Fri, 03 Feb 2012 12:02:16 +0000)
  Apple this week patched 51 vulnerabilities in Mac OS X, most of them critical, in 2012's first security update. Both Mac OS X 10.7, aka Lion, and 10.6, better known as Snow Leopard, were updated with fixes. The two operating systems were last updated in mid-October 2011.
• Google finally scans malware-ridden Android Market    (Fri, 03 Feb 2012 11:00:00 +0000)
  In an effort to improve security in its Android Market, Google has been using a service providing automated scanning of applications submitted to the mobile application store, Google revealed on Thursday afternoon. Code-named Bouncer, the service scans the market for potentially malicious software without disrupting the user experience or requiring developers to submit to an application approval process, said Hiroshi Lockheimer, vice of engineering for Android, in a blog post:
• Security slackers risk Internet blackout on March 8    (Thu, 02 Feb 2012 21:53:42 +0000)
  Companies and home users whose computers or routers are infected by the DNSChanger Trojan risk being unable to access the Web come March 8, 2012, when the FBI unplugs the legitimate DNS servers it set up to replace the rogue DNS servers that were forwardi
• VeriSign hacked several times, won't reveal the details    (Thu, 02 Feb 2012 20:24:50 +0000)
  In October 2011, Internet infrastructure firm VeriSign released its usual quarterly report. Buried in the 50-page filing to the SEC was the revelation that the company had been breached multiple times the previous year.
• Microsoft team discovers malicious cookie-forwarding scheme    (Thu, 02 Feb 2012 20:08:42 +0000)
  Microsoft researchers checking how easy it is to identify users by analyzing commonly collected Web-log data incidentally discovered a cookie-forwarding scheme that can be used to aid session hijacking.