Facebook releases official Security Guide

Help Net Security | Zeljka Zorz
Posted on 19 August 2011.



Tired of having to explain to friends and family about the dangers lurking on Facebook? The social network has released an official Guide to Facebook Security, so share the link with them.

The short - 14 pages in all - guide, written by former Senior Director of Internet Safety at Symantec Linda McCarthy, security research engineer at Purdue University Keith Watson and teacher and editor Denise Weldon-Siviy, offers tips on:
Protecting your Facebook account
Avoiding the scammers (very helpful examples of the most popular Facebook scams)
Using advanced security settings (one-time passwords, secure browsing, singel sign-on, social authentication, etc.)
Recovering a hacked Facebook account
Stopping imposters.Written in a manner understandable to anyone and everyone, it should be a required read for everybody who begins using the social network and for many old users who are ignorant of the fact that they need protection.

Complete Article Published : http://www.net-security.org/secworld.php?id=11487http://www.net-security.org/secworld.php?id=11487

Mass injection attack compromised 20,000+ domains, delivers fake AV

Help Net Security | Zeljka Zorz
Posted on 18 August 2011.

A simple mistake on the part of cyber attackers has revealed another mass malicious iFrames injection attack that is currently under way, according to Armorize's researchers.

Social networking is an exploitable internet addiction says Webroot

Research just released by Webroot claims to show that social networking is a form of internet addiction. And because of this, the IT security vendor says the addiction can be exploited by cybercriminals.
Infosecurity (UK) 

In its third annual report on cybercrime on social networks, the security vendor reports that 54% of users are addicted to the social networking services, so allowing fraudsters to take advantage of internet users.

Don't let malware infect your PC

Tips to avoid malware on your computer
ITworld

August 19, 2011, 2:31 PM — Malware seems to be everywhere you turn these days. Countless computers have been infected with it, to the detriment of their users. Here's how you can help avoid malware and protect your computer.

1. Only open links that you can trust.
2. Don't use HTML in email.
3. Beware of unusual attachments.
4. Take phishing seriously and beware of suspicious emails.
5. Check all USB sticks before using them.
6. Be very careful what applications you install on your computer. Only install apps from a trusted source.

Malware can be frustrating and dangerous. It can, however, be avoided with a little care and common sense.
 7 Tips to avoid infecting your PC with Malware

Complete Article Published : http://www.itworld.com/security/195535/dont-let-malware-infect-your-pc

Read More >>

Microsoft disables 'supercookies' used on MSN.com visitors

New tracking technology a 'colossal privacy gaffe,' researcher says
Computerworld

August 19, 2011, 9:00 AM — Microsoft said it has disabled an online tracking technology that, according to a Stanford University researcher, allowed the company to sneakily track users on MSN.com -- even after they deleted their browser cookies and other identifiers.

Complete Article Published : http://www.itworld.com/security/195381/microsoft-disables-supercookies-used-msncom-visitors

Read More >>

Android keylogger hack might make you shake every time your phone vibrates

ITworld.com
Malware and virus writers have turned some kind of corner.

A pair of University of California security researchers created an Android app called TouchLogger that can match the phone's vibration every time you hit a touchscreen key with the particular key you hit.

With a 70 percent accuracy rate, TouchLogger works as a keylogger that never has to actually record the keystrokes you make on your Android device.It only needs you to give it permission to use the motion sensors, which should make it sound relatively safe.

Report finds Microsoft Internet Explorer 9 ahead of Google Chrome and Apple Safari in blocking malicious pages

http://www.scmagazineuk.com

Microsoft's Internet Explorer 9 is the best browser for preventing web-based malware from executing, according to a NSS Labs test.

Windows Internet Explorer 9, Google Chrome 12, Mozilla Firefox 4, Apple Safari 5 and Opera 11 were tested against 1,188 malicious URLs, with IE9 blocking 96 per cent of the URLs when the reputation filter was enabled. It also blocked an additional 3.2 per cent once its application reputation filter was enabled.

Google reports on four years of experience in malware detection

H-online.com

Google has announced the publication of a technical report entitled "Trends in Circumventing Web-Malware Detection". This report describes the results of analysing four years of data – from 160 million web pages hosted on approximately eight million sites – collected through the company's Safe Browsing initiative. The report comments that "Like other service providers, we are engaged in an arms race with malware distributors", and that each day Google issues around three million malware warnings to over four hundred million users that use browsers supporting the Safe Browsing API.

10 Most Costly Cyber Attacks in History

http://www.businesspundit.com/10-most-costly-cyber-attacks-in-history/

by Julian on August 15, 2011

Cyber-attacks aren’t just fuel for poorly made movies or something teenagers do for fun. They are a serious issue with real-world consequences for companies, consumers and nations (and while good web hosting is a undoubtedly a good protective measure, it’s far from an impenetrable defense). A recent survey by the Ponemon Institute found that 59% of those surveyed had suffered a slew of attacks in the last year, with the average cost to businesses exceeding $500,000 when they added up expenditure, overheads, labor, revenue losses, business disruption and other costs. Of course, that’s just the average outlay…

Security Alert: New DroidKungFu Variant -- AGAIN! -- Found in Alternative Android Markets

By Xuxian Jiang, Assistant Professor, Department of Computer Science, NC State University

It seems smartphone malware authors are diligent and hard-working to protect their own "intellectual property" -- malware by evolving/bringing them to the next level. After discovering the originalDroidKungFu malware in June and its variant in July, our research team, in collaboration with NetQin, recently identified a new wave of DroidKungFu-infected apps this August. The new variant is much more "advanced" than previous versions -- as it is clearly designed to evade the detection from existing mobile anti-virus software. More specifically, this variant is equipped with new protection mechanisms by (1) obfuscating remote C&C server URLs (instead of including them as plaintext in earlier versions); (2) hiding all malware-related native binaries with encryption; and (3) masquerading an embedded app as the official Google Update. These obfuscation mechanisms as well as various differences from earlier versions are a clear sign behind the rapid evoluation of Android malware.

Read More >>

Source & Full Article : http://www.cs.ncsu.edu/faculty/jiang/DroidKungFu3/

10 Reason’s for the Internet Pornographer’s Bill

There has been a furor about the proposed Protecting Children from Internet Pornographer’s Act, and the situation boils down to issues of privacy, free speech and effectiveness. Only a true sociopath could say that nothing needs to be done about child pornography and its appalling presence on the Internet, but just how to achieve the goal of eradicating this social illness is a matter of great debate. Presented here are some of the reasons put forth by supporters of the bill, as well as some of the related issues that  have been raised.

Search engine hack innovation

Net-Security.com
Quote :

Attackers are increasingly leveraging the power of search engines, like Google, to successfully carry out automated cyber attacks against vulnerable websites, according to Imperva.
 Dubbed "Google Hacking," hackers armed with a browser and specially crafted search queries ("Dorks"), are using botnets to generate more than 80,000 daily queries, identify potential attack targets and build an accurate picture of the resources within that server that are potentially exposed.


Read More >>>
Source & Credit : http://www.net-security.org/secworld.php?id=11463

Mozilla strokes coders with Firefox 6

JavaScript Scratchpad
By Cade Metz in San Francisco

Mozilla has officially released Firefox 6, offering a new JavaScript editor and several other tools aimed at web developers.
Over the weekend, the open source outfit posted the latest stable version of Firefox to its FTP servers, but the browser wasn't formally released on the web until Tuesday.

Consumers keep falling into phishing traps

Net-Security.com

".....Whether in the form of fraudulent emails, falsified websites or deceptive text messages, cybercriminals are casting a wider phishing net in the hopes of obtaining personal information from unsuspecting consumers, according to ProtectMyID

Even though bots themselves can be distributed all over the world, there is evidence that most of the malicious hosts are, in fact, concentrated in small fractions of the IP address space, on certain networks....."

Read More >>> 
Source & Full Article :http://www.net-security.org/secworld.php?id=11469

Best Chrome Extensions for Online Security | Ethical Hacking-Your Way To The World OF IT Security

Ehacking.net

Excerpt:

"....Google chrome is one of the best and safe web browser that has multiple features and provides security for online browsing, however you must not depends on browser side security you must have some extra extensions and add ons that will enhance your online security and protect your information from hackers. ...."
Read More >>>
Source & Full Article : http://www.ehacking.net/2011/08/best-chrome-extensions-for-online.html#.TkVVeMtWB7o.blogger