The folks in PR have come up with a competition to promote our Anti-Theft for Mobile software.

More here:
We’re Giving Away 15 Phones

Some folks read Wednesday’s post about autorun-worm infected Samsung Wave microSD cards and commented — thank goodness Windows 7 fixes that issue. Only optical media is allowed to AutoPlay on Windows 7, so USB devices can’t spread autorun-worms. Right?

Read more here:
Windows 7 AutoPlay and Virtual CDs

The lab’s Sean and Mikko recently found some time to discuss security trends that took place during the first four months of this year.

More here:
Videos - May 2010 Security Summary

For online criminals, it’s easy to gain access to stolen bank accounts and credit cards.

Originally posted here:
Corporate Identity Theft

Ten of Application Security industry’s coolest, most interesting, important, and entertaining links from the past week — in no particular order.= Microsoft SDL version 5 Force.com Secure Cloud Development Stroke triggered XSS and StrokeJacking German Government Pays Hacker For Stolen Bank Account Data CAPEC-333: WASC Threat Classification 2.0 WAF Confusion Continues Serious New Java Flaw Affects All Current Versions of Windows + Advisory Safari Integer Overflow Aids Inter Protocol Exploitation OWASP AIR + Flash Security Projects Prion 1.1 - Polymorphic XSS Worm WhiteHat Security is a leading provider of website security services.

See the original post here:
Best of Application Security (Friday, Apr. 9)

Does a Facebook-specific antivirus application sound like a good idea? Maybe not. One of our analysts saw this particular application claiming to be an antivirus wreak havoc on his Friends list.

See the original post here:
Facebook AV

Älypää, a popular Finnish game and quiz site , announced a database breach late last night. Over 127,000 account names and passwords were leaked. The site has currently suspended access and doesn’t maintain any personal details but Älypää users should determine whether or not they recycle their passwords elsewhere.

Original post:
Smart Aleck Passwords

Ten of Application Security industry’s coolest, most interesting, important, and entertaining links from the past week — in no particular order. Bypassing CSRF protections with ClickJacking and HTTP Parameter Pollution Three Steps to a Rational Security Budget Hackvertor and JSReg Multiple DOM-Based XSS in Dojo Toolkit SDK Weak security ID questions put e-mail at risk XSS demo for stealing passwords from the Firefox password manager …because you can’t get enough of clickjacking A gentle introduction to return-oriented programming Facebook Adds Code for Clickjacking Prevention Notes Richard Bejtlich OWASP Podcast WhiteHat Security is a leading provider of website security services.

View original post here:
Best of Application Security (Friday, Mar. 12)

F-Secure has an additional blog that launched today. It’s called Safe and Savvy .

Read the original:
Be Savvy, Get Six Months of Internet Security

ATM skimmers are installed like this: Video source: Spiegel.de & German Federal Criminal Office (Bundeskriminalamt) On 10/03/10 At 12:06 PM

See the original post:
How are ATM skimmers installed?