Weekly brief - October 13, 2009

Tussles

Solid Oak Software has filed a $1.2 million lawsuit against CBS for posting downloads of Green Dam Youth Escort, the software program that the Chinese government was trying to use to filter content online. Solid Oak claims that the software lifted code from its own product, arguing that CBS is posting its intellectual property in public.

Gary McKinnon, the UK hacker who infiltrated NASA's computers, has been refused permission to appeal to the US Supreme Court, meaning that he will be extradited to the US. He now faces up to 60 years imprisonment.

Ad network information service Anchor Intelligence shut down a Chinese click fraud ring called DormRing1. The ring would have cost advertisers over $3m in a year if undetected, say reports. The FBI and the National Cyber-Forensics and Training Alliance were involved. The Chinese authorities have still not arrested the perpetrators.

The FBI has arrested nearly 100 people in the US and Egypt for participating in a phishing operation. Operation Phish Phry uncovered the perpetrators in Nevada, North Carolina, and California.

Trends

An IDC survey found that most organizations are prioritizing data loss prevention as a security measure.

Tools

AVG Technologies ships the next version of its anti-malware product, AVG 9.0, this month. It will be faster, easier to use, and better at sharing information between its different modules in a bid to boost protection. The company also got $200m from TA Associates, which bought a minority stake.

Atlanta-based managed security firm SecureWorks has launched a web application scanning service. Meanwhile, the Web Application Security Consortium has launched a vendor-neutral set of evaluation criteria to help people evaluate scanners on their capabilities.

Attacks

At the Hack in the Box security conference this week, Sheran Gunasekera, head of research and development at ZenConsult, demonstrated ways to entice Blackberry users into downloading malware that could then be used to monitor phone conversations, steal contact lists, and figure out the users' location.

The 30 000 webmail accounts stolen from Gmail, Hotmail, and Yahoo earlier this month have been used to spam each victim's email contacts, according to an analysis by security firm Websense.

Bitbucket, a service that hosts Web-based code, was down for 19 hours after the cloud infrastructure it rents from Amazon suffered a DDoS attack.

Spam soared again this year thanks to rising image-based junk mail and malicious documents targeting desktop applications, according to Google's Postini subsidiary.

Mac security company Intego has stumbled across a rogue anti-virus site that has been optimized for the iPhone. Bizarrely, it shows a miniaturized Windows animation designed to fit onto the mobile device's screen.

BitDefender has published its top 10 cyber threats for September. The top three were trojans, and they accounted for 25% of total infections.

What’s Hot on Infosecurity Magazine?