Week in Geek: Firefox 17 Beta now Forces Secure Connections for List of Selected Domains

By Akemi Iwaya on November 4th, 2012

Our first edition of WIG for November is filled with news link coverage on topics such as Gmail has become the #1 e-mail service in the world, Borderlands 2 video game characters are being killed off by a sabotage attack, Ubuntu 11.04 has reached its end of life, and more.

Weekly News Links

Image courtesy of Official Gmail Blog.

Security News

  • Firefox to force secure connections for selected domains
    Mozilla introduced a pre-loaded list of domains for Firefox that only can be connected to securely in order to help protect the privacy and security of users. Firefox Beta 17 is available for download here.
  • For sale: Windows 8 zero-day vulnerability
    French security company Vupen is selling a vulnerability in Microsoft’s latest operation system and browser.
  • Phishing email hijacks Windows 8 launch
    A new round of emails tries to dupe unsuspecting users to “update” to Windows 8 for free.
  • Malware hijacks your email, sends death threats
    A new species of malware found in Japan frames you for sending death threats.
  • Malware hides behind the mouse
    Malware samples use increasingly refined trickery to avoid being detected by automated threat analysis systems. Anti-virus company Symantec reports that it has found a trojan which attaches its malicious code to the routines for handling mouse events. Since nobody moves the mouse in an automated threat analysis system, the code will remain inactive, and the malware undetected.
  • Trojan bargain with Windows 8 support
    While some anti-virus vendors have problems with Microsoft’s newest operating system, the cybercrime community has already jumped on the Windows 8 train. For example, on a Google-hosted site, for €40, a “Remote Administration Tool” called Xtreme RAT, which is already Windows-8-compatible, is available with free updates included.
  • Misconfigured Apache sites expose user passwords, other private data
    More than 2,000 websites—some operated by Fortune 500 companies, game sites, and retail outlets—are exposing system status information that can be used by attackers to compromise Web servers or customer accounts, a recent research project found.
  • Is new malware Jacksbot just starting to rear its head?
    A new Java-based malware package has been found that has the potential to affect multiple platforms.
  • Lost+Found: Hackers – false, scapegoats, captchas and apps
    Too short for news, too good to lose; Lost+Found is a roundup of useful security news. In this edition, there’s a false hacker alert, a hacker scapegoat, hacking CAPTCHAs and hacking apps on a mobile device, restyled government trojans, advice on identity and defective Wi-Fi.
  • For the first time ever, Microsoft is not a Kaspersky top-10 security vulnerability
    Security researcher and software vendor Kaspersky Lab on Friday released its quarterly malware report for the third quarter of 2012, and for the first time in the history of the report, not a single Microsoft product had a vulnerability in the top ten vulnerabilities list.
  • Facebook tries cloaking probe into data leak involving 1 million accounts
    Facebook officials told a blogger to keep their discussions with him private as they investigate claims he acquired names and e-mail addresses belonging almost one million account holders for $5 through a publicly available service online.
  • Speculation over Facebook access via Google index
    According to a report on HackerNews, until recently a special Google search query returned numerous Facebook links permitting access to other users’ accounts. The links contain a token which automatically logs into someone else’s Facebook account. The search results are also reported to have contained links providing access to other users’ email addresses.
  • Borderlands 2 characters killed off by virally spreading sabotage attack
    A bug in the popular Borderlands 2 video game is causing grief for some Xbox 360 players after attackers unleashed a virally spreading exploit that can permanently kill off characters.
  • Born to be breached: the worst passwords are still the most common
    Despite the many, many cautionary tales we hear every day of e-mail, social media, and other Internet accounts being compromised, some people still haven’t heeded the warnings about using easily-guessed passwords. And it isn’t just the non-technical masses that are leaving themselves vulnerable.
  • Prevent Web Attacks Using Input Sanitization
    What do three of the five most common website attacks have in common? Yes, a lack of input sanitization. Find out why it’s important and what to do about it.

TinyHacker Links

  • Easily Download Sports Schedules and Events to Outlook
    Calendar Updates is a site we’ve used for many years to download whole sports schedules and individual events. Downloads are in .ics format and work seamlessly in all versions of Outlook. Most events are free to download, most schedules are not, but for a few dollars you can’t beat the convenience and the site’s support is first rate.

How-To Geek Weekly Article Recap

Geeky Goodness from the ETC Side

One Year Ago on How-To Geek

How-To Geek Comics Weekly Roundup

How-To Geek Weekly Trivia Roundup

Akemi Iwaya is a devoted Mozilla Firefox user who enjoys working with multiple browsers and occasionally dabbling with Linux. She also loves reading fantasy and sci-fi stories as well as playing "old school" role-playing games. You can visit her on Twitter and .

  • Published 11/4/12
More Articles You Might Like

Enter Your Email Here to Get Access for Free:

Go check your email!