Infosecurity - the week in brief

UK hacker Gary McKinnon came one step closer to extradition this week after the British Crown Prosecution Service (CPS) decided not to prosecute him. It has the evidence to prosecute him, but not for the severity of the crimes that the US wants. The US has repeatedly stated that it wants to throw the book at him after he hacked into defense systems in what he said was a search for evidence of extraterrestrial activity and UFOs.

Breach Security's Web Hacking Incidents Database (WHID) 2008 Annual Report says that half a milion web sites were hit by SQL injection attacks last year. 19% of these attacks were designed to steal personal information, while 16% of them planted malware on the sites to infect visitors' machines.

Facebook was once agan in the spotlight this week after being hit by two rogue applications, and attempting to repair its relationship with distrustful users.
After last month's imbroglio over changes in terms and conditions, Facebook has decided to ask its users first next time. Last week, an application called 'Error Check System' appeared. A message is sent to a user warning them that there are multiple errors on their Facebook profile page, and inviting them to install the application to fix them. When users take the bait, it sends the same mail to their friends. Trend Micro then reported a similar application called 'f a c e b o o k - - closing down!!!' that warned users their accounts were being suspended and encouraged them to install the application and rectify the problem. It then replicated itself in the same way. Trend Micro called on Facebook to review its application hosting terms.
The company has published a set of guiding principles which include "a town hall process of notice and comment and a system of voting to encourage input and discourse on amendments to these Principles or to the Rights and Responsibilities".

Officials at BC's Organized Crime Agency believe that a federal employee at the Canadian Revenue Agency may have leaked information to members of a local criminal gang.

A laptop taken from the Steamboat Springs School District office contained the social security numbers of 1300 employees.

What’s hot on Infosecurity Magazine?