Report

H-Online: The German Federal Office for Information Security (BSI) is warning of online shops which infect users with malicious software by exploiting security vulnerabilities in the user’s browser, operating system or applications. The affected shops have themselves been hacked by attackers exploiting security vulnerabilities in outdated versions of open source online shop software osCommerce. As reported by The H two weeks ago, osCommerce shops are currently being hacked en masse. The vulnerabilities used for the hack were fixed in November last year with the release of osCommerce 2.3, but many companies running online shops have yet to update to a secure version. ...

Google Operating System Blog: Google found a way to solve the problem of Android patents and it’s only three times more expensive than acquiring the Nortel patents: buying Motorola for $12.5 billion. “Motorola has a history of over 80 years of innovation in communications technology and products, and in the development of intellectual property, which have helped drive the remarkable revolution in mobile computing we are all enjoying today. (…) In 2008, Motorola bet big on Android as the sole operating system across all of its smartphone devices. It was a smart bet and we’re thrilled at the success they’ve achieved so far,” says Google’s CEO, Larry Page. ...

This is part of a regular series of Google Apps updates that Google post every couple of weeks. Look for the label “Google Apps highlights” and subscribe to the series. This week we have news from the Gmail and Google Docs teams, which both made interface changes to streamline how you use those applications. We also introduced some new keyboard shortcuts and made improvements to spreadsheet charts and functions. New preview pane in Gmail Labs The Gmail team has heard requests from many of you for an inbox preview pane, and last Thursday we introduced this option as a Gmail Lab. Now you can quickly scroll through a list of messages and see their contents, marking mail as “read” as you go. Once you enable this feature from the Labs area in Settings, you can choose between a vertical or horizontal split in your Gmail window. ...

H-Online: Officially, Adobe’s current update for Flash Player has closed only 13 holes, but unofficially it is said to have closed several hundred. Security specialist Tavis Ormandy, who works for Google, claims that he discovered 400 holes and notified Adobe of them. The specialist has now complained that, while the holes have been closed, they haven’t been mentioned in the official advisory, and he hasn’t been given credit for their discovery. ...

SOFTPEDIA: According to statistics gathered by cloud security provider Zscaler, 56.4% of enterprise users have out of date Adobe Reader plug-in versions inside their browsers. The company gathered statistics about browser plug-ins and presented the results in its “State of the Web” report [pdf] for the second quarter of 2011. “Nearly every browser is running some combination of plug-ins, add-ons or extensions. As with most software, older versions of plug-ins typically have more security vulnerabilities. This adds up to a tempting target for hackers,” the company warns. ...

My Personal Opinion: I doubt if that site is really their official website or not Sophos Labs: Within days of the hacktivist group Anonymous announcing it was setting up its own social network (after being unceremoniously booted off Google+), its plans have taken a somewhat humiliating turn. AnonPlus, Anonymous’s planned social network, has been defaced by rival hackers. A group of hackers apparently based in Turkey replaced AnonPlus’s main webpage with an image of a dog wearing a suit, mocking the more normal Anonymous logo, and messages in Turkish and English: ...

Anonymous claims to have stolen around a gigabyte of classified NATO data The H-Online Security wrote: In a post on Twitter, the Anonymous hacker group said that it has managed to steal a number of secret documents from one of NATO‘s servers. As proof, Anonymous published two PDF documents from 2007 and 2008 that are allegedly from NATO. The classification “NATO Restricted” suggests that the documents are intended only for circulation within the organisation – if they are genuine. The hacktivists say they copied a gigabyte of data in total, but added that it would be “irresponsible” to publish most of the material. ...

TUAW: According to the results of a massive survey by Hunch.com, Mac people are frequently young, vegetarian city-dwellers who like modern art, liberal politics, and independent films. Meanwhile, Windows supporters tend to be older, more conservative, and more likely to compare talking about computers to “struggling with a foreign language.” Whether you’re collecting evidence for the Mac vs. Windows debate you have planned for the weekend or preparing for an appearance on Family Feud, Hunch’s results offer some fun and fascinating insights into the tastes and habits of Mac and PC users, from what TV shows they watch to what snacks will best satisfy their afternoon munchies. ...

Sophos Labs: Millions of blog owners around the world are being advised to consider their password security, after WordPress.com was hacked. To its credit, Automattic – the company behind the WordPress.com blogging platform – didn’t mince its words or try to apply any spin to the incident, explaining it had suffered a “low-level (root) break-in to several of [its] servers, and potentially anything on those servers could have been revealed.” ...

Follow up from: Hacker Gains Access To WordPress.com Servers Tech Crunch: WordPress.com has revealed that someone has gained root-access (“low-level,” as in deep) to several of its servers this morning and that VIP customers’ source code was accessible. WordPress.com VIP customers are all on “code red” and in the process of changing all the passwords/API keys they’ve left in the source code. “Tough note to communicate today: Automattic had a low-level (root) break-in to several of our servers, and potentially anything on those servers could have been revealed. ...