Week in review: Cybercrime victims, PayPal phishing and Moxie Marlinspike

Here’s an overview of some of last week’s most interesting news and interviews:

Top 10 security threats for 2011
Imperva announced their predictions for the top ten security trends for 2011 which have been compiled to help IT security professionals defend their organization against the next onslaught of cyber security threats.

Security preparations for IPv6 migration must start now
The arrival of a slew of new and upgraded operating systems, smartphones and tablets that are enabled for IPv6 has the potential to open new and unrecognized security weaknesses in otherwise secure environments.

Half of SMBs block employee access to Facebook
Companies are becoming more vigilant when it comes to their employees’ use of social networking sites. The survey of more than 1,000 businesses from the U.S. and U.K. with up to 500 employees found most (81 percent) have an employee Internet policy.

Proof-of-concept Android app reveals platform’s security bug
Security researcher Jon Oberheide was bent on proving the existence of a security bug in the Android platform that would allow an application to download and run additional applications from the Android Marketplace.

10 holiday ID theft prevention tips
In the search for the ultimate holiday gift or the biggest bargain, consumers need to make sure that they are not putting their identity at risk this holiday season.

Two thirds of Internet users have fallen victim to cybercrime
According to Symantec, 65% of adults worldwide have been a victim of some kind of cybercrime. And if you live in China, Brazil, India or the U.S., the likelihood of having been a victim is even higher.

Security implications of new Facebook e-mail service
“Before signing up, users need to realise that these new features increase the attack surface on the Facebook platform, and make personal accounts all the more alluring for cybercriminals to break into,” said Graham Cluley, senior technology consultant at Sophos.

Inside the mind of a computer forensics investigator
Jess Garcia is a senior security engineer and an active security researcher in areas of incident response, computer forensics and honeynets. In this interview he introduces the reader to the world of computer forensics and talks about cyber crime scenes, how forensics experts testify in court, privacy concerns, changes in the field of forensics in the past decade and offers advice for anyone interested in learning more about computer forensics in general.

50 ISPs harbor half of all infected machines worldwide
The often believed assumption that the presence of a high speed broadband connection is linked to the widespread presence of botnet infection in a country has been proven false.

(IN)SECURE Magazine issue 28 released
(IN)SECURE Magazine is a free digital security publication discussing some of the hottest information security topics.

Well crafted PayPal phishing e-mail doing rounds
A well crafted e-mail purportedly coming from the “PayPal Review Department” has been hitting inboxes lately. In it, potential victims are notified that due to some unusual account activity, a restriction was placed on their account.

Stuxnet analysis points to a specific target
Some two months since the discovery of the Stuxnet worm made headlines and started speculations on who is behind it, Symantec’s researchers have unearthed another piece of the puzzle that tells us a bit more about its likely target.

Curiosity fuels Chatroulette and Facebook scam
Another scam taking advantage of the curiosity of users is spreading on Facebook. This time, the lure is a supposedly embarrassing and disgusting chance meeting between father and daughter on Chatroulette.

Rogue e-mail makes Swiss bank lose millions?
Reports that a rogue e-mail generated by a Swiss bank employee has cost the organization around £6.2 million in lost business highlights the problem of data leakages caused by email errors.

New Google service could be a godsend to scammers
The Instant Previews service that Google launched last week allows users to click on the magnifying glass icon next to a result’s title or on its background in order to see a preview of that result.

Whitehat hacker’s laptop, cellphones seized and searched
The well-known whitehat hacker and security researcher that goes by the handle Moxie Marlinspike has recently experienced firsthand the electronical device search that travelers are sometimes submitted to by border agents when entering the country.

New type of ATM skimming attacks
ATMs in Europe have lately been hit with skimming attacks that are not only effective, but also rather brazen – the criminals have taken to reprogramming the banks’ own anti-skimming devices for their unlawful purposes.