TechBlog

(CNN) (CNET) — Facebook this week was awarded a patent pertaining to streaming “feed” technology — more specifically, “dynamically providing a news feed about a user of a social network,” complementing another patent filing that has been published but not yet approved. The implications for this, as AllFacebook.com pointed out earlier on Thursday, are far-flung: Facebook may choose to pursue action against other social-media sites that potentially violate this patent. ...

Herndon, Va., forensics firm NetWitness has said that the Zeus botnet has breached the networks of nearly 2,500 organizations in nearly 200 countries, including 10 U.S. federal agencies. NetWitness researchers said many victims are Fortune 500 companies in energy, finance and high tech sectors. NetWitness based its conclusions on information from a 75-gigabyte collection of data that they intercepted. It was information the botnet had stolen in one month. The Zeus botnet, which started in 2008, is believed to have 74,000 machines infected. ...

Fraudsters never seem to rest. They have now turned their attention towards phishing using the Indian Income Tax Department’s name and branding. It is the season of tax returns in India and it is well known that people will file their income tax returns for the end of the fiscal year in India. Hence, phishers have chosen the right time to phish the market since most users will not be aware of these attacks. ...

Symantec has recently observed phishing scams targeting Apple iPhones in order to gain serial numbers, IMEI, model, and capacity, etc. What is an IMEI? An IMEI (international mobile equipment identity) is a 15-digit unique number used by GSM networks to identify valid devices. Every GSM, WCDMA, or iDEN mobile phone (and even the odd satellite phone) has an IMEI. It can be found under the battery of the device or by typing *#06# on the mobile. If your phone or device is lost or stolen you can report it to your service provider, providing the IMEI number. The service provider can then blacklist the IMEI number, rendering the device unusable in that country. ...

A survey of 54,000 households (129,000 people) commissioned by National Telecommunications and Information Administration (NTIA) last year found that 30 percent of U.S residents did not use the Internet at home or at work. The study, based on Census Bureau work, found that 64 percent of households had connections. In 2007, only 51 did. The NTIA researchers found that of those without connections, 38 percent said they didn’t need Internet and 26 percent said it was too expensive. In rural areas, 11 percent said they didn’t have any Internet access available. In urban areas, one percent said they couldn’t get it. ...

Evgeny Legerov, founder of Intevydis in Moscow, has created an exploit that hits a previously unknown heap-corruption vulnerability in the Firefox browser. The code isn’t readily available though, since he’s put it in a module to the automated exploitation system he sells (reportedly at a considerable price.) Legerov has not provided information on the vulnerability to Mozilla. The Intevydis site says: “Exploitation frameworks are not new on the market, but only we may offer you hundreds of CANVAS modules for unpatched and unknown vulnerabilities in highly popular software products.” ...

Symantec recently upgraded their scanner on VirusTotal to include their new reputation-based security engine. That has caused a spike in their detection rates, in particular Suspicious.Insight detections, and so I thought I’d take a few minutes to explain some of the background and what is going on. So what exactly is a Suspicious.Insight detection? These detections are derived from Symantec’s new reputation-based security technology. They highlight files that have not yet developed a strong reputation (either good or bad) amongst Symantec’s community of users. their goal is to keep their users’ machines safe, and part of achieving that goal means helping their users make informed choices about the files they allow on to their systems. Suspicious.Insight detections help shine a spotlight on files that have not yet developed a full reputation. ...

First, make a note: after Adobe updates, restart your machine immediately to remove the Adobe Download Manger – it can be a vector for malcode. Now, back to our story. Aviv Raff has discovered a vulnerability with Adobe’s web site in combination with its Download Manager, an ActiveX script that is used to download updates for Reader and Flash. After a Reader or Flash update the download manager remains running on a user’s machine until it is rebooted. Malicious operators could exploit it to download their code of choice. ...

“Dammed thieves. Stole our logo. I suppose we should be flattered, though.” — A.E. Old rogue, new package: AntivirusProtectionCenter av2009.exe : crc6:7f3d73762762 crc8:003091628c68decc md5:d71d1e303ab963fdae76936ba52a05b7\ AMC.exe : crc6:1d6922972762 crc8:003005cfbb91b729 md5:e5555754fd758fc2be1374796f9433e2\ Hash’s different from their PersonalAntiMalware added 2/16/2010 opener_.exe : crc6:8ee75c08081d \ crc8:00dc55e5aaa82efa md5:5bb290cd1eb419ca98ca1f31273f7219\ “It’s the same gang that had the code saying ‘hello Sunbelt software’ They are watching us.” — P.J.

Representatives of computer companies and governments meeting at the EastWest Institute security meeting in Brussels said that an industry culture of obscure jargon is preventing the world’s two billion Internet users from putting security measures in place to protect themselves. The group met to figure out how to protect computer users from massive abuse, fraud, online theft, vandalism and espionage. The New York Times story carried the following quotes from those at the meeting: ...