wiredmikey writes "Despite its significant user base within enterprises, BlackBerry devices have managed to stay off the radar for malware writers. That may be ending, as four new Zeus-in-the-mobile (Zitmo) samples targeting BlackBerry users in Germany, Spain, and Italy have been found. Zitmo, which hit Android devices back in July 2011, refers to a version of the Zeus malware that specifically targets mobile devices. Denis Maslennikov, a security researcher at Kaspersky Lab, also identified a new Zitmo variant for Android using the same command and control (C&C) numbers as the BlackBerry versions. While previous Android variants have been primitive, the latest .apk dropper, which shows up as an app 'Zertifikat,' looks 'more similar to "classic" Zitmo,' he said. When executed, it displays a message in German that the installation was successful, along with an activation code. The Android sample also included a self-issued certificate that indicates it was developed less than a month ago."
Become a fan of Slashdot on Facebook
TheNextCorner writes "With more data moving into the cloud, there is an increasing danger of data loss when one of these cloud computing data centers fails. Hurricanes pose a real threat to infrastructure located in Virginia and North Carolina, where Google, Apple & Facebook have opened large data centers. 'Where would the most damaging hit be? It's debatable, but the most detrimental hit may be in Virginia. Amazon Web Services (AWS) has one of their major centers in Northern Virginia. ... In a study involving millions of people, a third of those surveyed reported visiting a website every day that used Amazon's infrastructure. In 2011, Amazon's S3 cloud stored 762 billion objects. It's possible that Amazon's cloud alone holds an entire 1% of the Internet.' Could a category 5 Hurricane become a problem for these cloud data centers and take down parts the Internet?"
twoheadedboy writes "After being hit by a '72-hour' DDoS in May, WikiLeaks is claiming to be under attack yet again. All its sites appear to be down and fingers have already been pointed at government entities. WikiLeaks, posting on Twitter, said it had its suspicions of why it was being targeted. It was either because of its ongoing releases related to Stratfor and Syria, or because of an upcoming release, Julian Assange's organization speculated. The fact that everyone is currently engrossed in the Olympics may have given attackers good reason to target the websites right now, WikiLeaks said."
Lucas123 writes "Over the past three years, about 21 million patients have had their unencrypted medical records exposed in data security breaches that were big enough to require they be reported to the federal government. Each of the 477 breaches that were reported to the Office for Civil Rights (OCR) involved 500 or more patients, which the government posts on what the industry calls 'The Wall of Shame.' About 55,000 other breach reports involving fewer than 500 records where also reported to the OCR. Among the largest breaches reported was TRICARE Management Activity, the Department of Defense's health care program, which reported 4.9 million records lost when backup tapes went missing. Another five breaches involved 1 million or more records each. Yet, only two of the organizations involved in the breaches have been fined by the federal government."
netbuzz writes "Employment research firm Foote Partners says U.S. labor statistics from last month reveal an increase of some 18,200 jobs in IT, which represents the largest such monthly jump since 2008. 'The overall employment situation in the U.S. is lackluster, in fact this is the fifth consecutive month of subpar results,' says David Foote. 'But the fact that more than 18,000 new jobs were created last month for people with significant IT skills and experience — and nearly 57,000 new jobs added in the past three months — is incredibly good news.'"
Sparrowvsrevolution writes "Every day or so of the last six months, Carnegie Mellon computer security professor Nicolas Christin has crawled and scraped Silk Road, the Tor- and Bitcoin-based underground online market for illegal drug sales. Now Christin has released a paper (PDF) on his findings, which show that the site's business is booming: its number of sellers, who offer everything from cocaine to ecstasy, has jumped from around 300 in February to more than 550. Its total sales now add up to around $1.9 million a month. And its operators generate more than $6,000 a day in commissions for themselves, compared with around $2,500 in February. Most surprising, perhaps, is that buyers rate the sellers on the site as relatively trustworthy, despite the fact that no real identities are used. Close to 98% of ratings on the site are positive."
waderoush writes "PARC research fellow Van Jacobson argues that the Internet was never designed to carry exabytes of video, voice, and image data to consumers' homes and mobile devices, and that it will never be possible to increase bandwidth fast enough to keep up with demand. In fact, he thinks that the Internet has outgrown its original underpinnings as a network built on physical addresses, and that it's time to put aside TCP/IP and start over with a completely novel approach to naming, storing, and moving data. The fundamental idea behind Jacobson's alternative proposal — Content Centric Networking — is that to retrieve a piece of data, you should only have to care about what you want, not where it's stored. If implemented, the idea might undermine many current business models in the software and digital content industries — while at the same time creating new ones. In other words, it's exactly the kind of revolutionary idea that has remade Silicon Valley at least four times since the 1960s."
sweetpea86 writes "Mekong Development has become the first bank in Vietnam to launch fingerprint authentication enabled debit cards. Fingerprints are captured by Mekong Development at the point of opening an account, and then can be used, instead of a pin, to access funds. Not only has Mekong's account base tripled through the use of fingerprint technology since its launch in June, but the deposit balance per debit card account is two times higher than a regular account."
An anonymous reader writes "In a new study, Barracuda Labs analyzed a random sampling of more than 70,000 fake Twitter accounts that are being used to sell fake Twitter followers. They also analyzed some of the people that are using such fake followers including the recent example of U.S. presidential candidate Mitt Romney's Twitter account. Between Facebook's 10-Q filing stating that 83 million of its accounts are fake, to Mitt Romney's Twitter account recently falling under scrutiny for suspicious followings, fake social network profiles are a hot topic at the moment. And these fake profiles are at the center of a very vibrant and growing underground economy. This underground economy consists of dealers who create and sell the use of thousands of fake social accounts, and abusers who buy follows or likes from these fake accounts to boost their perceived popularity, sell advertising based on their now large social audience or conduct other malicious activity."
Nerval's Lobster writes "Between 4:52 and 5:12 on August 3, attackers used Wired writer Mat Honan's Apple ID to wipe his MacBook, before seizing control of his Gmail and other online identities ('My accounts were daisy-chained together,' he wrote in an Aug. 6 postmortem on Wired), and posting a message on Twitter for all to see: 'Clan Vv3 and Phobia hacked this twitter.' In the wake of Honan's high-profile hack, there are some key takeaways. Even if a typical user can't prevent a social-engineering attack on the company hosting their cloud account, they can armor their online life in ways that make attacks more difficult. First, two-factor authentication can prevent an attacker from seizing control of those vital 'hub' accounts (such as Gmail) where users tend to store much of their most vital information. Google offers two-step verification for signing in, as does Facebook. The truly security-conscious can also uncouple their cloud accounts; for example, making sure that iCloud and iTunes use two different sets of credentials. That might rob daily life in the cloud of some of its convenience, but it could also make you a harder target." Update: 08/08 01:17 GMT by S : This high-profile security breach has had an impact already: Apple has suspended password resets through customer support, and Amazon no longer lets users call in to change account settings.
coondoggie writes with word that a "group of researchers is proposing a sensor that would authenticate mobile and wearable computer systems by using the unique electrical properties of a person's body to recognize their identity. In a paper [presented Monday] at the USENIX Workshop on Health Security and Privacy, researchers from Dartmouth University Institute for Security, Technology, and Society defined this security sensor device, known as Amulet, as a 'piece of jewelry, not unlike a watch, that would contain small electrodes to measure bioimpedance — a measure of how the body's tissues oppose a tiny applied alternating current- and learns how a person's body uniquely responds to alternating current of different frequencies.'"
An anonymous reader writes "IEEE Spectrum reports on a method that exploits the decaying contents of unpowered computer memory to create an hourglass-like 'time machine' that rate limits brute force attacks against contactless smartcards and RFIDs. The paper takes an odd twist on the 'cold boot' attack reported four years ago at USENIX Security. Not quite as cool as a hot tub time machine though. " Full paper (PDF).
An anonymous reader writes "Apparently someone set up a fake Twitter account under the name of a Russian Foreign Minister and said President Assad of Syria had been hurt/killed. From the article: 'The ministry and the embassy denied the veracity of the report and a message later appeared on the same Twitter account saying "this account is a hoax." It did not say what the aim of the hoax was although it had briefly affected oil markets.'"
1sockchuck writes "Some data centers are kept as chilly as meat lockers. But IT operations in colder regions face challenges in managing conditions — hence Facebook's to use environmentally controlled trucks to make deliveries to its new data center in Sweden, which is located on the edge of the Arctic Circle. The problem is the temperature change in transporting gear. 'A rapid rate of change (in temperature) can create condensation on the electronics, and that's no good,' said Facebook's Frank Frankovsky."
zacharye writes "Bruised mobile carriers such as AT&T and Verizon are 'fighting back' against Apple's iPhone, despite the fact that the device has helped them eke out consistently higher average revenue per wireless subscribers since its launch. To hear the carriers tell it, the iPhone is a major inhibitor to their profits as last year they were 'only' generating wireless service profit margins in the 38% to 42% range. But ever since these beleaguered companies started 'fighting back' by implementing data caps, increasing fees for device upgrades and implementing longer waiting periods before users can switch devices, they’ve seen their wireless service profit margins surge. AT&T reported a 45% margin in Q2 2012 and Verizon reported a record-high 49% margin."