[States Adding Drug Test as Hurdle for Welfare]

Your thoughts on this topic.

States Adding Drug Test as Hurdle for Welfare

By A. G. SULZBERGER

Published: October 10, 2011

KANSAS CITY, Mo. — As more Americans turn to government programs for refuge from a merciless economy, a growing number are encountering a new price of admission to the social safety net: a urine sample.

Policy makers in three dozen states this year proposed drug testing for people receiving benefits like welfare, unemployment assistance, job training, food stamps and public housing. Such laws, which proponents say ensure that tax dollars are not being misused and critics say reinforce stereotypes about the poor, have passed in states including Arizona, Indiana and Missouri. In Florida, people receiving cash assistance through welfare have had to pay for their own drug tests since July, and enrollment has shrunk to its lowest levels since the start of the recession.

The law, the most far-reaching in the nation, provoked a lawsuit last month from the American Civil Liberties Union, arguing that the requirement represents an unreasonable search and seizure. The flood of proposals across the country, enabled by the strength of Republicans in many statehouses and driven by a desire to cut government spending, recall the politics of the '80s and '90s, when higher rates of drug abuse and references to "welfare queens" led to policies aimed at ensuring that public benefits were not spent to support addiction.

Supporters of the policies note that public assistance is meant to be transitional and that drug tests are increasingly common requirements for getting jobs.

Story here: http://www.nytimes.c...lfare.html?_r=1

[Internet Explorer 9 haunted by 'critical' security vulnerabilities]

Internet Explorer 9 haunted by 'critical' security vulnerabilities

By Ryan Naraine | October 11, 2011, 12:03pm PDT

Summary: Microsoft fixes drive-by download flaws in the latest version of its dominant Internet Explorer browser and warns that exploits could emerge within 30 days.

Microsoft's shiny new Internet Explorer 9 browser contains critical security vulnerabilities that expose users to drive-by download attacks, the company warned today.

According to Microsoft, the IE vulnerabilities could be exploited if a user simply surfs to a maliciously rigged website.

The IE update (MS11-081), available for all users or Microsoft Windows and all versions of Internet Explorer, covers at least eight documented security holes in the world's most widely used browser.

The most severe vulnerabilities could allow remote code execution if a user views a specially crafted Web page using Internet Explorer. An attacker who successfully exploited any of these vulnerabilities could gain the same user rights as the local user. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.

The update fixes the vulnerabilities by modifying the way that Internet Explorer handles objects in memory and the way that Internet Explorer allocates and accesses memory, Microsoft explained.

Microsoft is urging all Windows users to treat this with the utmost priority because of the likelihood of reliable exploit code within 30 days. Malicious hackers typically reverse-engineer the patches to identify the flaws and write exploits immediately to launch malware attacks.

Story here: http://www.zdnet.com...le_skin;content

[[quote] Trick, No Treat: New Halloween Scams Hit the Web]

Trick, No Treat: New Halloween Scams Hit the Web

Oct 10, 2011 | 2:00 AM ET | By Matt Liebowitz,

Halloween is still a few weeks away, but online criminals are getting a head start on the holiday with a batch of new scams aimed at infecting your computer and stealing your personal information. Researchers at the security firm Websense spotted one scam in which malware authors are spreading a rigged Web page called "Free Halloween skeleton templates."

The crooks manipulated Google's search engine to make their phony page appear near the top of searches for "Halloween skeleton templates." It's a trick called "Poisoned SEO" or "Blackhat SEO," and is widely used to capitalize on trending Web topics.

This particular Web page, Websense said, is not at all what it purports to be, and instead redirects visitors to what appears to be a YouTube video that claims to have nude photos of celebrities such as Emma Watson and Paris Hilton.

Story - http://www.securityn...een-scams-1223/

[More Mixed Language Scams Making the Rounds on Facebook]

More Mixed Language Scams Making the Rounds on Facebook

Facebook scammers continue to make use of a new trick that involves using foreign language dialogs in order to confuse users and increase the success rate of their campaigns.

A new scam spotted by security researchers from antivirus vendor Sophos lures users with the promise of an intriguing video.

"This girl must be Out of her Mind to do this on live Television! Watch the embarrassing moment of her," spam messages sent by the scam's victims read. Clicking on the advertised link takes users to a page showing them a Facebook-like dialog box asking "Are you older than 18 years of age? Choose an option below. Click 'Jaa' twice to play."

This first window has the purpose of training the user to click on "Jaa" which means "share" in Finnish, but also "yes" in informal English. The second window is a real Facebook share dialog intentionally displayed in Finnish to confuse users about its true purpose. Clicking on "Jaa" for the second time here will cause the spam message to be shared from people's accounts, further propagating the scam.

"When I tested the scam on my computer I was taken a to a website that was clearly pretending to be YouTube, but - presumably to avoid getting itself into trouble with lawyers - used a 'YonTube' logo instead.

Story - http://news.softpedi...ok-212140.shtml

[Australian Public Broadcaster's Website Infects Visitors]

Australian Public Broadcaster's Website Infects Visitors

Google's decision to ban Anonymous-related accounts from its new Google+ service was the last drop for the hacktivists who decided to create their own social network.

One account called "Your Anon News" was apparently the most popular one, but others associated with the group were silenced as well.

"This is the sad fact of what happens across the internet when you walk to a different beat of the drum. We’ve all heard the stories of activists being banned from FaceBook, Twitter, YouTube, and governments blocking their people from these sites as well through organized black outs. "That day has came to an end. Not only did a few people organized an Operation ageist [.sic] Google+, but we have started to build our own Social Network," the group wrote in a blog post.

The name for the planned network is AnonPlus. The domain has already been registered and a forum was set up to coordinate and discuss various aspects of the project.

While the details still need to be worked out, one's thing is clear - the network will be censorship-free and will have very few restrictions. "This is one social network that will not tolerate being shut down, censored, or oppressed - even in the face of blackout," the group says.

Story - http://news.softpedia.com/news/Anonymous-Is-Building-Social-Network-for-Hackers-212045.shtml

[New Microsoft Security Essentials 2.1 Antimalware Engine Comes This Week]

New Microsoft Security Essentials 2.1 Antimalware Engine Comes This Week

Users of Microsoft’s free security solution for Windows 7, Windows Vista and Windows XP will get a new antimalware engine this week, according to the Redmond company.

As is the case with all security solutions, Microsoft Security Essentials evolves at a fast pace, to keep up with the changes of the threat landscape. This is the main reason why the software giant is pushing a new version of the antimalware engine for Microsoft Security Essentials 2.1, which is scheduled for release in just a couple of days, on July 20.

Softpedia readers might already be aware of the fact that the Redmond company has been kicking up a notch the technology behind MSE and other of its security solutions with monthly updates. The updates, which have become somewhat of a tradition, cover additional products, as such, Microsoft security Essentials 2.1 customers won’t be the only ones to get the antimalware refresh this month.

“As part of regular update of our antimalware technology to address the latest in the threat landscape, MMPC is planning to release a new antimalware engine on 20 July 2011,” a Microsoft representative said.

“Affected products: Microsoft Security Essentials, Forefront Client Security, Forefront Endpoint Protection, Windows Intune Endpoint Protection. Engine Version will be in the range of 1.1.710X.0.”.

Story - http://news.softpedia.com/news/New-Microsoft-Security-Essentials-2-1-Antimalware-Engine-Comes-This-Week-211993.shtml

[Softpedia Giveaways 2011: 50 Licenses for Process Lasso PRO]

Softpedia Giveaways 2011: 50 Licenses for Process Lasso PRO

July 16th, 2011, 11:01 GMT| By Ionut Ilascu

We know that for most users Task Manager is enough for process management, but if you care to witness the abilities of a professional tool, Process Lasso is here to demonstrate. We have 50 licenses to give away this week and all you have to do is post a smart comment in the section below this article.

As usual, we expect pertinent notes comparing the pros and cons of the application or personal experiences with Process Lasso. You have about a week to share your views with us, so there is plenty of time to take the product for a spin and weigh the benefits and flaws in a compelling argument.

Besides the paid, professional version we’re giving away this week, there is also a free of charge build of the software. The differences between the two versions are quite steep, since the free one is limited with regards to the set of rules you can impose to running processes.

The full-featured edition brings in support for power schemes, possibility to set a maximum threshold for a process’ CPU and RAM usage or automatic restart of a program so that it is always running. In contrast, the free edition can boast only ProBalance technology, setting up default priorities and CPU affinities or foreground boosting.

More plus screenshots - http://news.softpedia.com/news/Softpedia-Giveaways-2011-50-Licenses-for-Process-Lasso-PRO-211873.shtml

[Apple to sell contract-free, $350 iPhone, report says]

July 18, 2011 8:37 AM PDT

Apple to sell contract-free, $350 iPhone, report says

Just when you thought you had enough, another iPhone rumor pops up.

The latest, courtesy of a story from Boy Genius Report today, has Apple selling a contract-free, $350 iPhone 3GS for the prepaid customer segment. The report also said the next iPhone, which may or may not feature a radical design, will be coming out or announced "by the end of summer, late August-ish."

An Apple representative wasn't immediately available to comment on the validity of the report.

Apple has been looking at ways to expand its potential base of customers and cement its leadership role in the smartphone world. The company has already expanded its distribution with the addition of Verizon Wireless as a carrier partner. But Apple wants to go after the burgeoning prepaid market, one of the few areas of customer growth still left in the wireless industry.

More details - http://news.cnet.com/8301-1035_3-20080342-94/apple-to-sell-contract-free-$350-iphone-report-says/

[Mozilla Releases BrowserID Web Authentication System]

July 15, 2011, 10:08AM

Mozilla Releases BrowserID Web Authentication System

by Dennis Fisher

Mozilla has released a new browser-based federated login mechanism called BrowserID that is designed to replace the login process on Web sites that requires users to supply an email and password. The experimental system relies on the Verified Email protocol and also works on other browsers, including Internet Explorer.

For users, the BrowserID system works fairly simply. In order to register with the system, a user enters an email address and password one time and then clicks on a link in a confirmation email, just as she would in a typical Web site sign-up process. Once the user has confirmed that she owns that email address, she can then use it as her mechanism to sign in to any site that supports BrowserID, simply by clicking on the BrowserID button on the site.

The system is implemented in HTTP and JavaScript on sites, and Mozilla officials say that the system is designed to respect user privacy and not leak any data back to the sites involved.

Full details here: https://threatpost.com/en_us/blogs/mozilla-releases-browserid-web-authentication-system-071511

[Weak Passwords Banned from Hotmail]

July 15, 2011, 11:49AM

Weak Passwords Banned from Hotmail

Microsoft’s email service, Hotmail, is implementing tougher standards for user passwords to combat the increasing occurrence email account hijackings.

The company said Hotmail users will no longer be allowed to use common, easily guessable passwords like “password,” “12345,” and “qwerty,” which are susceptible to “brute force” and “dictionary” attacks. They will also have to meet more stringent password requirements when creating a password. Users with passwords deemed too weak or common will be required to change them, the company said.

Microsoft is also introducing a new feature to highlight account takeovers when they occur. Hotmail users can now report accounts that appear to have been compromised if they receive suspicious emails from it. Suspicious mail can now be tagged with a “My friend’s been hacked!” category. That feature has been available for mail received from other Hotmail users, but has now been expanded to allow for reporting hacked email accounts sent from other services.

Accounts that have been marked as compromised will no longer be available to the spammer and the account's rightful owner will be put through and “account recovery flow” that will help them regain control of the account. If it is the case that the compromised account is using a different email service, then Hotmail will contact that service, and they will take it from there. You can find the Windows Live announcement here. http://windowsteamblog.com/windows_live/b/windowslive/archive/2011/07/14/hey-my-friend-s-account-was-hacked.aspx

Story: https://threatpost.com/en_us/blogs/weak-passwords-banned-hotmail-071511

[Fake Banking Email Targets Your Wallet, Computer]

</h1>

<h1>Fake Banking Email Targets Your Wallet, Computer

Jul 15, 2011 | 3:17 PM ET | By Matt Liebowitz, SecurityNewsDaily Staff Writer

A new spin on an old cybercrime ploy is using a devious fake warning about users' bank account info to trick them into opening their wallets.

Scam emails are spreading around the Web claiming to contain an important financial statement regarding users' bank accounts, researchers at the security firm BitDefender reported. The supposed important info is located in what looks to be a Microsoft Word attachment called "Financial_Statement.exe," BitDefender said. (Similar scams use a "Postal_document.exe" attachment.)

For the average computer user, especially one who relies on the Internet for online banking, a message about your finances will most likely get your immediate attention, and put you square in the cybercriminals' sights. However, the financial statement attachment has no sensitive info from your bank; instead, it has a Trojan that copies itself onto your system.

Like most dangerous Trojans, its presence on your computer heralds stormy seas ahead. In this case, the rogue attachments attempt to trick users into purchasing anti-virus software they don't need.

"The application floods the screen with lots of warning pop-ups to scare the user into buying a useless disinfection tool," BitDefender wrote. The offending Trojan also shuts down programs and informs victims that the programs are infected with a virus.

BitDefender warns users to never open suspicious email attachments, especially if they come from a bank, as banks will never send unsolicited emails about your financial information. It's also recommended that users install and regularly update anti-malware and anti-virus software to proactively take a stand against these types of scams.

http://www.securitynewsdaily.com/fake-banking-email-targets-your-wallet-computer-0964/

[What are you snacking on?]

Hey guys .. sounds like you are more like having a feast as opposed to a snack. Now I just snacked on a scone and a hot cup of chocolate with marshmallows. Now I am off to dreamland.

[WRONG E-MAIL ADDRESS]

WRONG E-MAIL ADDRESS

This one is priceless. A lesson to be learned from

typing the wrong email address!!

A Minneapolis couple decided to go to Florida to thaw out during a particularly icy winter. They planned to stay at the same hotel where they spent their honeymoon 20 years earlier.

Because of hectic schedules, it was difficult to coordinate their travel schedules. So, the husband left Minnesota and flew to Florida on Thursday, with his wife flying down the following day.

The husband checked into the hotel. There was a computer in his room, so he decided to send an email to his wife. However, he accidentally left out one letter in her email address, and without realizing his error, sent the e-mail.

Meanwhile, somewhere in Houston , a widow had just returned home from her husband's funeral. He was a minister who was called home to glory following a heart attack.

The widow decided to check her e-mail expecting messages from relatives and friends. After reading the first message, she screamed and fainted.

The widow's son rushed into the room, found his mother on the floor, and saw the computer screen which read:

To: My Loving Wife

Subject: I've Arrived

I know you're surprised to hear from me. They have computers here now and you are allowed to send emails to your loved ones. I've just arrived and have been checked in.

I've seen that everything has been prepared for your arrival tomorrow. Looking forward to seeing you then! Hope your journey is as uneventful as mine was.

P. S. Sure is freaking hot down here!!!!

[Scammers Go Phishing With Fake Microsoft Warning]

</h1>

<h1>Scammers Go Phishing With Fake Microsoft Warning

Cybersecurity experts are warning Microsoft Outlook users to be on the lookout for phishing emails hiding dangerous attachments.

Researchers at the security firm Sophos spotted emails that instruct users of the email program to download and open an attachment "to reconfigure your Microsoft Outlook information again."

The subject line is "Notification from Microsoft Outlook — Please read," and the email comes from This e-mail address is being protected from spambots. You need JavaScript enabled to view it , which makes it appear legitimate.

The attachment included in the email, however, takes users to a page that prompts them to enter their account username and passwords, information which could then be easily exploited to steal their identity or access their personal online information.

[How to Clean Up an Infected Computer]

If you come across unsolicited emails that instruct you to take immediate action to reconfigure an account, ignore them, and never download attachments that appear suspicious.

"Don't make it easy for the phishers, the spammers, the identity thieves and hackers to break into your online accounts," Sophos' Graham Cluley wrote in a blog posting

http://www.securitynewsdaily.com/scammers-go-phishing-with-fake-microsoft-outlook-warning--0891/

[Thanks to Hollywood, Netflix Is Pricing Itself Out of a Business]

</h1>

<h1>Thanks to Hollywood, Netflix Is Pricing Itself Out of a Business

By Erik Sherman | July 12, 2011

Want to watch streaming video and still get an occasional DVD? If you use Netflix (NFLX), prepare to see your bill jump by 60 percent. The company just dropped that bomb today, couching it in as a move to “better reflect the costs of each” and “give our members a choice” of streaming only, DVD only, or both.

OK, so the combination streaming and one-DVD-at-a-time plan technically was a way to get both. Or you could pay just for streaming or just for DVDs. But this isn’t about you. It’s about the studios and a big problem about to drop on Netflix’s head. The Hollywood studios who own the video rights want more money. A lot more money.

That means Netflix has to pull in a lot more to pay higher licensing fees. The only question is, will the company alienate its customers and push them into the arms of such rivals as Hulu and Apple (AAPL)?

Studios like money — lots of it

Michael Pachter, an analyst at Wedbush Securities, thinks that as soon as Netflix’s streaming contracts are up in the next few years, studios will renegotiate for a lot more money. How much more? Maybe ten times as much as they get today. And the future for Netflix is streaming, which explains why the FAQ section describes Netflix as a service for online video with the DVD service described as an add-on. (Wait, what happened to a choice of DVD or streaming?)

Pachter’s estimate may or may not be accurat. But if you’ve spent any time watching how the studios negotiate with producers, actors, writers, theaters, online video companies or anyone else, you can see a pattern of hardball negotiation. When they have the upper hand, they push to get more.

Their way or the super information highway

From their view, the studios have nothing to lose. They like traditional programming carriers that pay a lot more for video. They’d be just as happy to see all the streaming disappear and everyone move back to a Golden Time when consumers paid plenty for bundles of cable channels because they didn’t have any alternatives. They have no love for streaming, unbundled video, or the inevitable breakdown of traditional television and movie distribution.

http://www.bnet.com/blog/technology-business/thanks-to-hollywood-netflix-is-pricing-itself-out-of-a-business/11720

[Download New Release of non-Windows Barrelfish OS from Microsoft]

Download New Release of non-Windows Barrelfish OS from Microsoft

A new release of the Barrelfish operating system is now available for download to early adopters.

The Barrelfish platform is a prototype developed by ETH Zurich in collaboration with Microsoft Research. It’s important to underline that Barrelfish cannot be considered anything else but an experiment, at least for the time being.

Researchers interested in playing around with Barrelfish can download it via Mercurial. “The latest version of Barrelfish is now available. We've also moved over to anonymous access using Mercurial, so we'll do a new release whenever the regression tests all pass,” reads an announcement on the platform’s official website. According to the official description of this research operating system, the project is designed to explore the structure of a platform tailored to future multi- and many-core systems.

“We are motivated by two closely related trends in hardware design: first, the rapidly growing number of cores, which leads to a scalability challenge, and second, the increasing diversity in computer hardware, requiring the OS to manage and exploit heterogeneous hardware resources,” a member of the project revealed.

Being just a research OS, Barrelfish is of course offered for download free of charge, being available under the MIT Open Source license. When building Barrelfish, the researchers contributing to the project have started from scratch, as such, this OS is fundamentally different from existing platforms such as Windows or Linux.

Story: http://news.softpedia.com/news/Download-New-Release-of-non-Windows-Barrelfish-OS-from-Microsoft-210877.shtml

[More malware targeting Android]

July 11, 2011 5:52 PM PDT

More malware targeting Android

by Elinor Mills

Wireshark capture of Zitmo forwarding an incoming SMS on an infected phone to a remote Web server.

Researchers are reporting the discovery of malware targeting Android devices, specifically a new variant of the DroidDream Trojan found in apps that Google removed from the Android Market, as well as malware on alternative app markets in China designed to run up premium SMS bills, and a data-stealing Trojan that targets one-time bank SMS pass codes.

Mobile-security firm Lookout warned of new variants of DroidDream Light that were found in the Android Market and subsequently removed by Google. "Fortunately the malware was available in the Android Market for [only] a short period of time, so the number of downloads was limited to 1,000 to 5,000," Lookout wrote in a blog post Friday.

The four applications, all published by a developer named "Mobnet" are: Quick FallDown; Scientific Calculator; Bubble Buster; ...

Read full post & comments

http://news.cnet.com/security/

[iPhone and iPad Security: 4 Tips to Stay Safe]

iPhone and iPad Security: 4 Tips to Stay Safe

Are you worried about all the ruckus over the Jailbreakme.com 3.0 vulnerability for your iPhone and iPad? While you're waiting for Apple to come out with a fix, there are a few safety precautions you can take.

To recap: Exposed to the public on Wednesday by the iOS hacking group Dev-Team, Jailbreakme.com 3.0 offers a simple way to jailbreak iPhones. Users can click on the app-like icon and 20 seconds later you've got a jailbroken phone, which allows you to run non-Apple approved apps.

Jailbreakme.com 3.0 exploits a vulnerability in the PDF reader. The iOS Safari browser downloads a PDF file that triggers a vulnerability in how the built-in PDF reader handles a certain font type. "This is what installs the actual jailbreak," explains Stephan Chenette, manager of security research at Websense, a content security company.

So why is it so dangerous? An attacker can reverse engineer Jailbreakme.com 3.0 to silently install malicious code through the browser or email attachment. "Then the attacker could gain full control of the iPhone, iPad or other iOS device and install everything from a keylogger to a full-blown bot," Chenette says. "This isn't just limited to iPhones; iPad users need to be on the lookout, too."

Apple responded on Thursday that it is developing a fix for vulnerabilities on iOS 4. Critics have complained that Apple has been slow to respond to security problems, so Apple's quick response to Jailbreakme.com 3.0 underscores the severity of the vulnerability.

While you're waiting for the fix, Chenette offers four tips to keep your iPhones and iPads safe:

1. First and foremost, do not download or open files from untrusted Web sites.

2. Do not click on links from unknown or untrusted Web sites or suspicious links from trusted sources (including sites like Google Search).

3. Do not open email attachments from unknown or suspicious emails from trusted sources. Your friend's email account may have been hacked.

4. As soon as Apple issues a patch, apply it! Many consumers don't patch regularly or do so after it's too late.

Read more about mobile security in CIO's Mobile security Drilldown.

http://www.pcworld.com/article/235449/iphone_and_ipad_security_4_tips_to_stay_safe.html#tk.rss_news

[Yahoo! reads! your! emails!]

Yahoo! reads! your! emails!

And it's your job to warn all your mates

By John Oates

Yahoo! is being criticised for the new Ts & Cs for its webmail service, which give it the right to scan your emails as well as making you responsible for telling anyone who might be emailing you, but the ICO has no problem with the changes. Such scanning has been common for some time; Google was the first to scan all messages. But this led some to choose Yahoo! on the basis that it did not carry out such snooping.

Even more controversially, Yahoo! suggests it is the users' job to warn anyone who emails them that their messages will also be scanned. Consumer lobby group Which?'s in-house lawyer Georgina Nelson said: "The obligation to notify those who email you that their message will be scanned is nonsensical and unrealistic. When exactly are you supposed to do this?" The changes come as part of Yahoo!'s email upgrade. The company said all users will see a pop-up when they make the change.

Yahoo told PC Advisor that anyone who didn't like the changes should simply keep using their old account. But Yahoo! did say it would continue to scan old-school accounts for spam.

http://www.theregister.co.uk/2011/07/11/yahoo_email_read/

//////////////////

[Automatically Fix Windows 7 Errors 0x80070646, 646, and 1606]

Automatically Fix Windows 7 Errors 0x80070646, 646, and 1606

An automated fix is available from Microsoft for issues generating error codes such as 0x80070646, 646, or 1606.

The software giant has confirmed a problem impacting the Windows Installer and affecting customers attempting to use either Windows Update or Microsoft Update.

“This update problem occurs when Windows Installer encounters an error. Error code 0x80070646 and error code 646 are generated by Windows Installer,” the company revealed.

“These generic errors indicate that Windows Installer encountered a problem. When you encounter the errors that are described [above], the problem may be caused by an incorrect value in the registry.”

According to the Redmond company, Windows 7, Windows Vista and Windows XP users have all experienced and reported error codes such as those mentioned at the top of this article.

Fortunately enough, there’s an easy way to repair the issue. All that customers need is the Fix It solution designed to automatically deal with the source of the error messages.

The automated Fix It troubleshooter is available for download free of charge from Microsoft Support.

[Microsoft Security Center Search Results Poisoned with Malicious Links]

</h3>

<h3>Microsoft Security Center Search Results Poisoned with Malicious Links

Microsoft has suspended the search capability on its Safety & Security Center website after it was discovered that cyber crooks poisoned the results with malicious links.

Search result poisoning, technically known as black hat search engine optimization (BHSEO), is a common method used to distribute malware or promote spam sites.

The technique involves compromising legit websites and creating pages under their domain that are filled with popular search keywords. Attackers then use other hacked websites to link back to the pages, therefore increasing their search result standing for the targeted terms. But, while the pages appear to have content to search engine crawlers, they are designed to redirect real visitors to malicious websites.

According to Alex Eckelberry, the general manager of security software at GFI, the BHSEO campaign on Microsoft's Safety & Security Center website is a bit different.

It appears that cyber criminals have managed to create search results to search results. "In other words, blackhat SEOs are seeding illegimate search results within the Microsoft search results. Pretty tricky and impressive," the security expert notes.

"There are a number of ways this could be done (for example, using the ability on the site to Twitter a search result)," he explains.

http://news.softpedia.com/news/Microsoft-Security-Center-Search-Results-Poisoned-with-Malicious-Links-210836.shtml

[Fake Casey Anthony Confession Video Used as Lure in Facebook Scam]

Fake Casey Anthony Confession Video Used as Lure in Facebook Scam

Facebook scammers are at work again, this time luring users with an alleged video of Casey Anthony confessing to her lawyer that she murdered her daughter.

At the beginning of the month a jury found 25-year-old Casey Anthony non guilty of first-degree murder, aggravated manslaughter, and aggravated child abuse.

Casey was accused of murdering her two-year-old daughter Caylee Marie Anthony in a highly publicized case that lasted three years. Media coverage of the case and trial drew very high ratings suggesting that there was a lot of public interest into Casey's Anthony verdict.

Cyber criminals have jumped at the occasion to monetize this interest by launching one of their Facebook survey scams.

The messages spammed from the accounts of users who fell for the scam read: "BREAKING NEWS - Leaked Video of Casey Anthony CONFESSION to Lawyer! Click To See - She can't be re-tried, double jeopordy.. OJ all over again!"

The included link takes users to a YouTube-like page which displays a video thumbnail. A dialog pops-up asking them to confirm that they are older than 13 by pressing on "Jaa."

http://news.softpedia.com/news/Fake-Casey-Anthony-Confession-Video-Used-as-Lure-in-Facebook-Scam-210870.shtml

[Groupon updates rules on mobile tracking, data sharing]

july 10, 2011 1:27 PM PDT

Groupon updates rules on mobile tracking, data sharing

Groupon sent out e-mails to its users this weekend about changes it has made to its privacy statement and terms of use.

Among the most notable changes is more information about the Chicago-based social buying start-up's collection and use of mobile location information.

"In short, if you use a Groupon mobile app and you allow sharing through your device, Groupon may collect geo-location information from the device and use it for marketing deals to you (and for other purposes listed in the "How Groupon Uses Personal Information" section of the Updated Privacy Statement)."

In other words, if you let them, in order to improve the experience and make the Groupon Now app more useful, you're being tracked.

This, of course, has been a dicey issue of late, most recently related to Apple and Google smartphones and what information they collect ...

Read full post & comments - http://news.cnet.com/security/

Story Copyright © 2011 AllThingsD. All rights reserved.

[Hacker warns of pending attack. Who is next?]

July 11, 2011 3:59 PM PDT

Hacker warns of pending attack. Who is next?

Shortly after the hackers with the AntiSec online activist campaign announced the release of about 90,000 military e-mail addresses and other data purloined from Booz Allen Hamilton, AntiSec followers on Twitter were anticipating a second data dump.

The Twitter account of someone believed to be a main operative in the AntiSec hacking campaigns, AnonymouSabu, warned on Sunday: "ATTN: Tomorrow will be two of the biggest releases for Anonymous in the last 4 years. Everyone brace. This is literally explosive."

After the Booz Allen Hamilton (BAH) release, AnonymouSabu tweeted: "ATTN Intelligence Community: BAH Is just the beginning. #antisec #anonymous busy all day today. BBL"

In the United Kingdom, The Guardian speculated that a possible target was the Metropolitan police over allegations from last week that representatives of the News of the World's hacked ………..

Originally posted at InSecurity Complex

Read full post & comments - http://news.cnet.com/security/

[What are you snacking on?]

Dark chocolate & almonds ... had a craving so ate some.