Facebook has won a big judgment against a major spammer, who flooded
members of the social networking site with “unwanted and, sometimes,
inappropriate marketing messages.” Atlantis Blue Capital, run by Adam
Guerbuez, will have to pay more than $873 million in statutory and
aggravated statutory damages.
One week after the takedown of McColo, hoster of a major spam
hosting network, spam levels remain at a relatively low level, security
experts from Marshal8e6 said today. However, they also believe that
spammers are setting up a new infrastructure and it may be just a
matter of time until spam levels go back up. In fact, McColo has begun to rebuild its server infrastructure already.
Apple is finally catching up with other browser makers in terms of security and has released a Safari web browser with
anti-phishing protection. But first look left us wanting more, since we
found that the new anti-phishing tools in Safari 3.2 are unreliable and
half-baked, to say the least. It appears that Apple rushed the update
without the necessary thorough testing. If you ask us, an average
user's idea of online security goes far beyond Apple's "preference
Over the weekend, some Windows XP PCs were crippled when a flawed
signature update to AVG Technologies’ antivirus software accidently
deleted a critical system file, the company confirmed.
Your email inbox may have been revealing an interesting trend lately –
many people are receiving Barack Obama-themed emails, as spammers have
discovered the President-elect as a new topic to lure users into
opening potentially dangerous emails or visiting web sites that host
Adobe continued its patch party this week and released a
patch for critical vulnerabilities in its Flash Player 9 that could
allow attackers to bypass the player's built-in security features.
Adobe released a patch for its Acrobat 8 and Reader 8 PDF viewer,
addressing a recently discovered security vulnerability that enables
attackers to lure users into opening a specifically crafted PDF file,
usually sent as an email attachment.
OpenID seems to be having quite the week: Following its adoption by
Microsoft, Google has joined the party and offers a similar plan.
OpenID is a method of using a single digital persona or identity to use
Internet services, regardless where you are on the Internet.
Microsoft announced that Windows Live will now support the OpenID
digital identify framework. Users will soon be able to use their
Windows Live ID to sign into any OpenID-based website.
An independent security consultant firm team claims that Google's
Android platform, which is installed on T-Mobile’s G1 smartphone,
suffers from a serious buffer overflow bug that enables attackers to
remotely execute malicious code and lure users into visiting sites
hiding malware. The vulnerability is serious enough to allow the
attacker get access to the G1 handset with the same rights as its
owner. Google is aware of the security problem and apparently tries to
keep information about the vulnerability secret until a patch is
Two graduate students from UC-San Diego, Erik Buchanan and Ryan Roemer, have published a paper demonstrating that the process of creating an existing, known form of computer virus can be automated much more easily than was previously thought. Application of a concept known as "return-oriented programming" allow even properly written programs to be taken over completely, thereby becoming agents of the attacker capable of running arbitrary code on the machine. Is this threat real? And should we be concerned?
Netcraft today said that a Yahoo website is currently under attack to
obtain authentication cookies from Yahoo users. The Internet analysis
firm warns that the data would allow the attacker to gain access to
Yahoo accounts, such as Yahoo Mail. Update: Yahoo statement
G-mail, Google’s web-based e-mail client was aching yesterday, full of
issues and outages. Last week, a significant outage left many of
Google’s customers without access to their e-mail and other Google web
services for hours. Since then, the service has been spotty.