Week in Geek: Modern (Metro) Version of Firefox to be Available in September

By Akemi Iwaya on August 19th, 2012

Our latest edition of WIG is filled with news link goodness covering topics such as Windows on ARM tablets might sell for only $199, Facebook is testing an increase of ads in users’ news feeds, companies are turning to GitHub to find tech talent, and more.

Weekly News Links

Security News

  • Google warns of using Adobe Reader – particularly on Linux
    On its August Patch Day, Adobe has fixed numerous critical memory-related bugs in Reader for Windows and Mac OS X – but has chosen to overlook Linux users. The researchers who discovered the holes now fear that potential attackers could find enough clues to build an exploit by comparing the current Windows version of Reader with the previous one. This would leave Linux users defenceless. On top of that, even the patched versions still contain a total of 16 open security holes.
  • Hackers exploit critical security bugs in Adobe Flash, MS Office
    Adobe Systems and Microsoft have patched separate critical vulnerabilities in widely used software after receiving reports that they’re being exploited “in the wild” by targeted attacks. Both companies advise users to install updates as soon as possible.
  • Oracle releases unscheduled fix for critical vulnerability
    At the recent Black Hat conference in Las Vegas, security expert David Litchfield revealed a zero day exploit in Oracle’s database server. Oracle has now plugged this vulnerability with an unscheduled patch. Server versions,,,, and are all affected, though the July 2012 patch update contained a fix for the latter two.
  • Flaw allowing SMS spoofing still present in latest iOS 6 beta
    Thought you received a text from your beloved ex wanting to get back together? It could be one of your friends pranking you, at least if you use an iPhone. An iOS “hacker” going by pod2g is drawing fresh attention to a long-extant SMS spoofing flaw within iOS that allows a prankster to pose as someone else when sending an SMS to your device—a flaw that is still present in the latest beta of iOS 6.
  • BKA trojan goes on an international holiday
    The family of malware known as the BKA trojan has increasingly established an international presence. The trojan extorts money by telling victims that illegal pornography or material that violates copyright has been detected on their computer and that they must pay a fine to the local police authority or face prosecution.
  • Mystery malware wreaks havoc on energy sector computer
    Malware researchers have uncovered an attack targeting an organization in the energy industry that attempts to wreak havoc by permanently wiping data from an infected computer’s hard drive and rendering the machine unusable.
  • Bogus anti-hacking tool targets Syrian activists
    Syrian activists, journalists and opposition group members are reportedly under attack by malware claiming to be a security tool that will help protect them against hackers. The fake “AntiHacker” tool is being spread through targeted phishing emails and via sites such as Facebook, and claims to provide “Auto-Protect & Auto-Detect & Security & Quick scan and analysing” functionality.
  • Reuters blog hacked again
    The journalists’ blog from the Reuters news agency has been hacked again, for the second time in less than two weeks.
  • Magento shops attacked through Zend vulnerability
    A critical vulnerability in the Zend Framework can be exploited by remote attackers to access arbitrary files from online shops using the eBay-owned Magento eCommerce platform.
  • Blizzard passwords could be theoretically reverse engineered
    Data stolen from Blizzard may have given hackers enough information to theoretically reverse engineer weak passwords from user accounts.
  • Font installed with Gauss trojan raises questions
    It is still unknown how Gauss got onto the infected computers. It is however known that the trojan can be spread on USB sticks and deletes itself after thirty infections. On infected computers, a previously unknown font “Palida Narrow” was found.
  • FTC accuses Facebook of misleading developers over security
    An investigation by the FTC has suggested that the social networking site fell short in reviewing and verifying applications.
  • World-class cryptos wanted: Researchers seek help decoding “encrypted warhead”
    Researchers have renewed their call for help in cracking an “encrypted warhead” they believe was unleashed by a powerful nation-state and may be poised to search and destroy a high-profile target.
  • Pwnium 2: Google pledges $2 million for Chrome exploits
    As part of its second Pwnium contest, Google will offer up to $2 million in rewards to security researchers who can find and exploit vulnerabilities in its web browsers.
  • Social engineering threat affects all
    Responsibility of keeping data safe lies with both companies and users, as cybercriminals now target tech administrators and call center staff to gain access to customer details.
  • Security mindset must change with cloud
    Companies need to grasp implications of moving to cloud and develop roadmap to holistically secure IT systems instead of deploying security products for individual stacks.
  • White hats publish DDoS hijacking manual, turn tables on attackers
    Turning the tables on miscreants who paralyze websites with torrents of junk data, security researchers have published a detailed manual that shows how to neutralize some of the Internet’s most popular denial-of-service tools.
  • New algorithm tracks down the origins of internet attacks
    Swiss researcher Pedro Pinto and his colleagues at Ecole Polytechnique Federale de Lausanne suggest using the Sparse Interference algorithm to make tracking down the origins of internet threats more efficient.
  • Inside a ‘Reveton’ Ransomware Operation
    The U.S Federal Bureau of Investigation is warning about an uptick in online extortion scams that impersonate the FBI and frighten people into paying fines to avoid prosecution for supposedly downloading child pornography and pirated content. This post offers an inside look at one malware gang responsible for orchestrating such scams.

Random TinyHacker Links

How-To Geek Weekly Article Recap

Geeky Goodness from the ETC Side

One Year Ago on How-To Geek

How-To Geek Comics Weekly Roundup

How-To Geek Weekly Trivia Roundup

Akemi Iwaya is a devoted Mozilla Firefox user who enjoys working with multiple browsers and occasionally dabbling with Linux. She also loves reading fantasy and sci-fi stories as well as playing "old school" role-playing games. You can visit her on Twitter and .

  • Published 08/19/12
More Articles You Might Like

Enter Your Email Here to Get Access for Free:

Go check your email!