Weekly brief, March 16, 2009

Visual representation of the Rustock botnet, courtesy of Symantec.
Visual representation of the Rustock botnet, courtesy of Symantec.

Last week saw some saber rattling between Google and China. Google CEO Eric Schmidt warned that "something will happen soon" in the current standoff with China over censorship. China puffed up its chest in return, warning Google that any attempt to stop censoring its Chinese search engine would be "irresponsible", and that the Chinese government would respond accordingly.

The standoff was induced by Operation Aurora, a hacking campaign in which Google and other companies were targeted from Chinese IP addresses by hacks exploiting earlier versions of Internet Explorer. And last week was another low point for Microsoft's beleaguered browser, thanks to the discovery of another zero day vulnerability. No sooner had the information been revealed, than researcher Moshe Ben Abu naturally produced exploit code.

Talking of browsers, Apple upgraded its own Safari software, fixing 16 security flaws, some of which allowed malicious code to be arbitrarily run of a victim's machine.

It isn't just desktop software that is suffering from baked-in flaws, however. An HTC phone distributed by Vodafone was found by Panda Labs to have the Mariposa malware on it.

According to a blog post by Symantec researchers, the Rustock botnet has been sending more spam using TLS encryption. Botnet clients that encode spam messages using TLS use far more bandwidth than those who sent their pernicious emails in plaintext. The percentage of spam sent using this method increased from 20% the week before last to 35% by the middle of last week, the researchers said.

Wikibooks is trying to produce an open source cryptography textbook, reports Bruce Schneier.

Twenty-three suspected hackers believed to be working for the outlawed Kurdistan Workers Party were arrested in Turkey. The individuals are accused of hacking state websites at the direction of the unauthorized organization. Party propaganda has been posted on 300 sites, according to press reports.

What’s Hot on Infosecurity Magazine?