Best Of The Web

COMPUTERWORLD
Massive Android Malware Op May Have Infected 5 Million Users
"Android.Counterclank" malware was packaged in 13 different apps, including "Sexy Girls Puzzle" to "Counter Strike Ground Force? and many still available this afternoon on the Android Market

NETWORK WORLD
Google Says Privacy Change Won't Affect Government Users
Google says its new privacy policy will not create problems for customers of Google Apps for Government (GAFG) -- it won't change existing contracts for how it handles and stores government customers' data

NAKED SECURITY BLOG
Poll Reveals Widespread Concern Over Facebook Timeline
Facebook's new Timeline feature for the social network's profiles goes live soon and is mandatory, but half of Facebook users say they are concerned about it, according to a new poll

THREAT POST
Does DNS SEC Really Interfere With SOPA/PIPA?
Proposed legislation has many problems, but incompatibility with DNS SEC may not be one of them

CBS NEWS
NYSEG, Rochester Gas Warn Customers Of Data Breach
Subcontractor's employee got unauthorized access to customer information, utilities say

NETWORK WORLD
Hacking Stunt: Stealing Smartphone Crypto Keys Using Plain Old Radio
Researcher will demonstrate method of intercepting codes using radio waves at RSA next month

RT
The FBI Would Like To Monitor You On Facebook And Twitter
Agency issues RFI for technology that would help bad actors? social networking data "pop" on a map

WIRED
Hackers Breached Railway Network
Government memo says unnamed railroad in Pacific Northwest was slowed in Dec. 1 attack

MASHABLE
Twitter Acquires Malware Analysis Company
Technology from Dasient will be integrated into popular social network

INFORMATION AGE
U.S. Government Security Website Hacked
FTC site offering guidance on security is taken down by Anonymous

WASHINGTON POST
Google Announces Privacy Changes Across Products; Users Can't Opt Out
Search engine provider will stitch together data from YouTube, Gmail, and other Google tools to harvest more complete data about users

REUTERS
Symantec Tells Customers To Disable PCAnywhere Software
Symantec is advising users to stop using its pcAnywhere software for accessing remote PCs because the blueprints to that software have been stolen, putting users at risk of attack

READ WRITE WEB
Google Issues New Privacy Policy For One Unified Google Experience
Google announced a privacy policy overhaul effective March 1 that treats all Google services as unified and can share data among one another

SC MARKETSCOPE
White Hat Hackers: It's Time For A New Code Of Ethics
Author says he's "ashamed to be part of an industry that tolerates increasing the risks it's trying to defend against, all for the sake of marketing"

BANK INFOSECURITY
Why Debit Fraud Grows
The American Bankers Association says losses associated with debit fraud has surpassed that of check fraud, some $955 million in 2010, and most banks experienced such losses in 2011

NETWORK WORLD
Google Patches Several Serious Chrome Bugs
Google yesterday patched four vulnerabilities in Chrome, and said it had also patched a fifth flaw two weeks ago that was inadvertently left out of the release notes

THREAT POST
Poison Ivy Variant Changes Benign Code To Malicious After Download
Microsoft researchers have found that bits of code that separately are not malicious but then turn into malicious code when the hit the targeted machine

NAKED SECURITY BLOG
Canadian Resident Sentenced To Death For Writing A Computer Program
Computer programmer Saeed Malekpour, whose photography program was unknowingly used to upload pornography to the Internet, was sentenced to death in Iran where he was arrested while visiting his dying father

US-CERT
Denial-of-Service Malware Campaign
US-CERT issued a warning about Anonymous-led distributed denial-of-service attacks against federal agencies and private sector organizations

POPULAR MECHANICS
Digital Spies: The Alarming Rise Of Electronic Espionage
Foreign agents are stealing stealth technology, hacking heads of state, and sabotaging American companies

HELP NET SECURITY
Hacker Allegedly Leaks 100,000 Facebook Account Credentials Of Arab Users
Israeli hacker posts four installments of Facebook credentials, claims to have 30 million email accounts of Arabs

THE REGISTER
Anonymous Explodes MegaUpload Clone "Scam"
AnonyUpload has nothing to do with us, hacktivist group says

REUTERS
Analysis: New EU Data Laws Command The Tide But Not The Cost
New legislation designed to give customers ownership of their own data and harmonize laws in EU's 27 countries

MARKET WATCH
One In Five Americans Affected By Online Stalking Or Aggressive Outreach Incidents
Nearly two-thirds believe that local police don?t have the ability to deal with cybercrime

HELP NET SECURITY
Researchers Discover Network Of 7,000 Typo Squatting Domains
Network is being used by scammers to drive traffic to their sites

SECURITY NEWS DAILY
Oops! Online Protesters Attack The Wrong SOPA
Scottish Organic Producers Association suffers misguided attacks from militant, but not-too-swift anti-SOPA protesters

CRM BUYER
Guardians Of The Grid: Agencies Unite To Bulk Up Utility Cybersecurity
White House, two federal departments, and electric power industry begin joint effort

THE WASHINGTON POST
Does The Megaupload Takedown Prove That SOPA Is Unnecessary?
The logic behind Congress' much-maligned online-piracy bills was that more weapons were needed to go after copyright infringers overseas. But last week, the U.S. government took down Megaupload, one of the biggest file-sharing sites abroad. A look at whether that implies the new laws are not necessary

CNET
New EU Data Protection Rules Due This Week
Companies will be required to disclose security breaches within 24 hours of their occurrence under European Union proposals being made this week to strengthen data protection rules.

KREBS ON SECURITY
'Citadel' Trojan Touts Trouble-Ticket System
Developers of a new ZeuS Trojan variant are marketing their malware as a social network where customers file bug reports, provide feedback for new and upcoming features, and track trouble tickets for the malware -- another software-as-a-service for malware

WIRED
Warrants Needed For GPS Monitoring, Supreme Court Rules
U.S. Supreme Court ruled unanimously today that authorities must have a probable-cause warrant from a judge to apply a GPS device to a vehicle and monitor its movements

THREAT POST
DreamHost Warns Of Attack, Forces Customer Password Changes
Hosting provider DreamHost says it "detected some unauthorized activity within one of" its databases, so is having all customers change their FTP and shell account passwords

NAKED SECURITY BLOG
Free Amazon.com Gift Card Promotion Is A Facebook Scam
Victims who follow the lure are sent to another Web page that encourages them to sign up for a premium rate mobile phone service -- the scammers also earn affiliate cash by driving traffic to the sites

CNET
FileSonic Disables File Sharing In Wake Of MegaUpload Arrests
File-sharing service FileSonic disabled its sharing function in the wake of the MegaUpload takedown, saying its service can "only be used to upload and retrieve files you have uploaded personally"

ZDNET
Australian Control Systems Exposed Online
Some Australian businesses have left their building management systems exposed to the Internet, potentially leaking sensitive information as well as mundane things, such as the temperature in their office

GOV INFOSECURITY
Decade-Long Virus Infection Discovered
The City College of San Francisco has discovered Trojans and other malware that stole banking information and other information from possibly tens of thousands of students, faculty, and administrators since 1999

WIRED
Hoping To Teach A Lesson, Researchers Release Exploits For Critical Infrastructure Software
A group of researchers has discovered serious security vulnerabilities in General Electric, Rockwell Automation, Schneider Modicon, Koyo Electronics, and Schweitzer Engineering Laboratories PLCs used in critical infrastructure and manufacturing facilities

THE REGISTER
Spam-Squirting Hole Found In Mcafee Antivirus Kit
McAfee says it will fix a vulnerability in its hosted anti-malware service that turns systems that run the product into possible spam-relay nodes

IC3
Fraud Alert Involving E-mail Intrusions To Facilitate Wire Transfers Overseas
The FBI is warning that cybercriminals are using legit e-mail accounts of U.S. individuals to request and authorize overseas wire transactions in a multi-milliondollar scheme -- using money mules in the U.S. and Australia via a romance scam where they are asked to further transfer the funds to Malaysia

REUTERS
Congress Puts Anti-Piracy Bills On Ice
Senate Democratic leader Harry Reid postponed a showdown vote in his chamber on the Protect Intellectual Property Act, and Lamar Smith, the Republican chairman of the House of Representatives Judiciary Committee will delay action on the Stop Online Piracy Act (SOPA) until a compromise can be found