Web Security

European officials want Google to slow its plans to introduce a new privacy policy so that they can investigate whether or not it is strong enough to protect user data. Read more »

CANCUN, MEXICO - A prominent privacy activist says that leading software vendors, and the U.S. government are failing the public when it comes to Internet privacy, and that big changes are needed to prevent consumers from criminals, advertisers and government spies. Read more »

A whopping 97 percent of fake Facebook profiles purport to be female, according to this infographic based on a new study, announced today, from security firm Barracuda Networks. In order to expand their networks and entice would-be victims, 58 percent of the phony profiles also claim to be bisexual and on average, have 726 friends while 68 percent claim to have attended college. Read more »

Verisign, the Internet security company responsible for management of the .COM domain, told federal regulators that it was the victim of several successful attacks in 2010, but that those incidents were not reported to the company's management until September, 2011. The news was first reported by Reuters. Read more »

A new banking Trojan variant can bypass CAPTCHA, as demonstrated by a video posted today by security firm Websense on their Security Labs blog. Read more »

Researchers at the security firm M86 report that hackers have compromised hundreds of Web sites that use the Wordpress content management system. The sites, mostly small Web pages and blogs, are being used to fool spam filters and redirect unwitting visitors to drive by download Websites that will install malicious software on vulnerable systems. Read more »

Researchers have found a string of weaknesses in the WordPress default installation page, including PHP code execution and a persistent cross-site scripting flaw, affecting versions 3.3.1 and later. WordPress officials say that they're not planning to fix the vulnerabilities as there's only a small possibility of exploitation by attackers. Read more »

Google has fixed several serious vulnerabilities in its Chrome browser, including a critical use-after-free flaw in the Safe Browsing navigation. The company paid out its highest bug bounty of $3133.70 for that bug. Read more »

A report from Websense finds that spammers are cleaning up on misspelled domain names for prominent sites. A network of such typo squatting sites is driving millions of visitors to a Web site controlled by the spammers, making it one of the most traffic sites on the Internet. Read more »

By Stefan Tanase

Just as a stand-up comedian carefully places his punch line at the end of the joke, I also usually leave my conclusions for the end of a post. Except for this time. This time, I would like to start with the conclusion: For an ongoing investigation not to be jeopardized, it is extremely important that all information related to those being investigated does not become public.  Read more »