Best Of The Web

IRAN TIMES
Tehran Says It Traces Stuxnet Back To Texas
The commander of the Iranian civil defense organization told the state news agency that Iranian investigations have found that the Stuxnet worm came from Texas: "After following up the reports that were sent, it became clear that the final destinations [of these reports] were the Zionist regime and the American state of Texas," he said

THE REGISTER
London Olympics 'Not Immune' To Cyber Attack
Cabinet Office minister Francis Maude has warned that the London Olympics will not be immune to cyberattack, and that organizers have set up a dedicated unit for defense

THREAT POST
Expert Warns That WordPress Autoupdate Feature Used To Infect Blogs With Malware
More than 1,000 WordPress blogs are getting hit with malware that has spread via the WordPress automatic update function, a security researcher has discovered

NEXGOV
DHS Cyber Chief: Industrial System Threats Are Growing
Mark Weatherford, deputy undersecretary for cybersecurity at DHS' National Protection and Programs Directorate, says there has been a "troubling increase in the threats and the vulnerabilities associated with" industrial systems

SEARCH SECURITY
Android Mobile Attack: Hacked Websites Target Android Users
Compromised websites are now targeting Android devices with a suspicious mobile application, in what appears to be the first drive-by attack to target mobile users

TREND MICRO BLOG
17 Bad Mobile Apps Still Up: 70,000 Downloads So Far
More malicious apps were discovered in the official Android app store now known as Google Play --10 apps using AirPush to potentially deliver ads and six apps that contain Plankton malware

CHANNEL5 BELIZE
Antivirus Founder, John McAfee, Says Politics Caused GSU Raid
Philanthropist John McAfee, founder McAfee Antivirus, was raided and arrested by Belize's Gang Suppression Unit in his home there under what he says were bogus charges

SC MAGAZINE
700 U.S. Government Staff Details Hacked
Home addresses and phone numbers published on Pastebin

WALL STREET JOURNAL
Card Data Breach May Be Wider Than First Reported
Global Payments compromise may leave as many as 7 million card accounts vulnerable

BBC
Attack Takes Soca Crime Agency Website Down
Website of U.K.'s Serious Organized Crim Agency is taken offline by cyberattack

BANK INFO SECURITY
Global Breach: Did It Start In 2011?
New Visa advisories suggest breach goes back to June

ADWEEK
Ad Industry Takes Major Step To Fight Online Piracy
ANA, 4A's adopt best practices to cut ads on rogue sites

THE CONSUMERIST
Study: 13 Million People Haven't Touched Facebook Privacy Settings
Millions rely on default settings, Consumer Reports study says

SYMANTEC
Website Injection Campaign Used In Conjunction With An Android Trojan
New campaign involves distribution of a mobile threat

MICROSOFT
Microsoft To Issue Seven Updates On Patch Tuesday
Three new patches are considered critical, software giant says

THREAT POST
Google Fixes Five Bugs In Chrome 18
Google has issued an update that patches five security vulnerabilities in its Chrome browser, including three high-severity flaws

THREAT POST
Citing Terms Of Service, Google Takes Down Blog Of Iranian Security Researcher
Google has taken down a blog of an Iranian man who exposed a security hole in a popular point of sale system in Iran and posted account information for 3 million bank accounts in Iran online

CNET
Mozilla Is First Major Tech Company To Denounce CISPA
While Facebook, Microsoft, and Oracle have thrown their support behind the controversial Internet surveillance bill that passed in the House last week, Mozilla says the bill "infringes on our privacy"

INFOSEC ISLAND
Did Iran Recover Encrypted Data From Downed Stealth Drone?
If Iran did really recover encrypted data from the downed U.S. drone as it claims, could they use the information gained to compromise another unmanned drone?

E-HACKING NEWS
"The Unknowns" Hacker Group Hacked NASA, US Air Force, ESA, And Others
A group of hackers who goes by "The Unknowns" says it hacked NASA, the U.S. Air Force, Harvard University, Renault, and the European Space Agency -- the group posted documents on Pastebin that it says prove the breaches

SCHNEIER ON SECURITY
Cybercrime As A Tragedy Of The Commons
An essay on cybercrime contends that cybercrime isn't as major a problem as thought, and exaggerating the effects of cybercrime is a direct result of how the estimates are generated, Bruce Schneier notes

OXFORD UNIVERSITY BLOG
Musings On Mac Malware
Oxford University's OxCERT says it has been "somewhat overwhelmed by Mac malware" over the past couple of weeks, and this may be the biggest outbreak since Blaster hit Windows machines in 2003

SECURITY NEWS DAILY
How Far Behind Is Apple's Security?
Eugene Kaspersky says Apple is 10 years behind Microsoft. Is he right?

COMPUTERWORLD
Hackers Pick Google's Pocket With Mac Virus
Hackers behind Mac virus could be making $10,000 a day by hijacking clicks, Symantec says

BLOOMBERG
Military Secrets Leak From U.S. Universities With Rules Flouted
Sensitive information gets out through university course material

CIO
Proposed Bill Would Protect Employees? Facebook Passwords
A bill filed in the U.S. House of Representatives would protect people from snooping employers and schools

TRUSTEER
Fake G-Men Attack Hijacks Computers For Ransom
Ransomeware poses as the U.S. Department of Justice and hijacks victims' computers

THE REGISTER
Skype Slurping Software Threatens IP Exposure
It's a P2P problem, says Redmond subsidiary

COMPUTERWORLD
Iran Admits Expanded Cyberattacks, Claims It's Identified Hackers
But state-backed media reports are thin on details

SECURITY WEEK
Why Bad Security Is Bad Business
Business leaders must learn that IT security risks are real risks to their success

GOVERNMENT COMPUTER NEWS
House Wraps Up Cyber Week By Passing Two More Security Bills
The House of Representatives passed both the Cybersecurity Enhancement Act of 2011, H.R. 2096, and the Advancing America?s Networking and Information Technology Research and Development Act of 2012, H.R. 3834 -- all following passage of the controversial Cyber Intelligence Sharing and Protection Act (CISPA)

NAKED SECURITY BLOG
Intruder Compromises User Database For Star Trek Online And Other MMORPGs
Cryptic Studios had informed users that it suffered a database breach exposing online gaming customers 16 months ago, exposing user account names, handles, and encrypted passwords, some of which were cracked

FARS NEWS
Cyber Attack Fails To Hack Iranian Science Ministry
Iran's Ministry of Science, Research and Technology yesterday said hackers did not get inside the Ministry's network despite media reports of their network going down after a cyberattack

IT PRO UK
Workplace Facebook Bans Are A Waste Of Time
Barracuda Networks' chief research officer says when companies ban social networks in the workplace, users usually find a way around the ban

THE WALL STREET JOURNAL BLOG
Religious Sites Are Worst For Malware, Report Finds
Symantec's new Internet Security Threat Report says religious websites are the most at risk of harboring malware, mainly fake antivirus software attacks

COMPUTERWORLD
Snow Leopard Users Most Prone To Flashback Infection
Russian antivirus firm Dr. Web says data shows that nearly two-thirds of the Macs infected by the Flashback Trojan were Macs running OS X 10.6, a.k.a. Snow Leopard, while 28 percent of Lion OS users are running outdated versions of the OS

HELP NET SECURITY
Popular Android Apps Leak Private Information
AhnLab has discovered many popular Android apps are asking for excessive permissions to access to user data

THE LOS ANGELES TIMES
Full FCC Report On Google Street View Reveals New Details
The Google engineer who wrote Street View software said he intentionally wrote it for the program to grab emails, passwords, and other data from unprotected wireless networks and told fellow engineers and a senior manager that he did so

THE REGISTER
Elgamal, Marlinspike Join Dream Team Tackling SSL Screw-Ups
The new SSL Pulse dashboard shows that only 10 percent of the world's top websites follow SSL deployment best practices.

NAKED SECURITY BLOG
Python-Based Malware Attack Targets Macs. Windows PCs Also Under Fire
SophosLabs says a new malware attack targeting both Mac and Windows computers exploits the Java vulnerability that was used in the Flashback Mac infection -- patches for the Java vulnerability have been available since Feb. 14 for Windows, Linux, and Unix computers, and since early April for Mac