Week in Geek: Google Announces New Round of Services to be Shut Down

Note: This article is part of our archive and is likely out of date.
(Links may not work, downloads have not been recently tested for safety)

By Akemi Iwaya on December 16th, 2012

Our latest edition of WIG is filled with news link coverage on topics such as an IE flaw allows attackers and advertisers to track cursor movement, Microsoft will retire its Live Mesh PC-sync service in February, Yahoo has revamped its e-mail service & continues overhaul on Flickr, and more.

Weekly News Links

Security News

  • IE flaw allows attackers, advertisers to track cursor movement
    Advertisers have been using a flaw in Internet Explorer to log the mouse movements of users, an issue that could be used to log authentication data entered via virtual keyboards.
  • Microsoft Confirms Internet Explorer Security Flaw, Promises Patch
    Microsoft has already confirmed in an emailed statement that Internet Explorer is affected by a security flaw that allows attackers to track users’ mouse position, but the company has now published a blog post to reveal that it’s also working on a fix.
  • Windows 8 Security Hole Allows Users to Reset Account Passwords in Minutes
    Windows 8 was designed to be a much more secure operating system, so it bundles several new tools and improved features to make sure that it’s harder to break into than any other Windows version. Sadly, it appears that Microsoft has forgotten to fix an important password reset hack that also works on Windows 8 predecessors, including Windows Vista and Windows 7.
  • Apps for Windows 8 easily hacked
    Windows 8 offers several vectors that enable attackers to manipulate or modify apps, according to Justin Angel. On his private homepage, he has described how hacking such apps is easy because, he says, the encrypted data is stored locally – along with the encryption algorithm and the hash key.
  • Windows 8’s Picture Password Is Totally Hackable
    The new Picture Password feature was officially released in October, together with the new Windows 8 operating system, and has been described as a new, innovative and a lot more secure way to protect your touchscreen device. But Naven Jones of Uncoveror.com has found a way to quickly hack any Windows 8 computer using the Picture Password. And it’s not rocket science to do it.
  • New Mac trojan tricks users into paying pricey cell phone fees
    A scam that’s targeted Windows users for years comes to OS X. – Researchers have discovered new Mac-based malware that’s designed to trick users into paying pricey subscription fees.
  • New ‘Dexter’ malware strikes point-of-sale systems
    The malware has apparently infiltrated hundreds of point-of-sale systems worldwide, with America and the U.K. atop the list of targeted countries.
  • Hotmail & Outlook can be hijacked using Cookie Handling Vulnerability
    Hotmail and Outlook, the popular email service from Microsoft is reported to be susceptible to hijacking using ‘stolen’ Cookies. A cookie handling vulnerability has been discovered that can allow cybercriminals to gain access to the accounts of Hotmail and Outlook users.
  • WhatsApp closes hole again, but not in all versions
    The game of cat-and-mouse around the security of WhatsApp has entered the next round: since The H’s associates at heise Security demonstrated that the Android version remained vulnerable to account hijacking about a week ago, the WhatsApp developers have released WhatsApp 2.8.8968 (and subsequently version 2.8.9108) on Google Play, saying that this version offers improved phone number verification.
  • How an Internet-connected Samsung TV can spill your deepest secrets
    Hack demonstrates the growing vulnerability of consumer devices. – If you use a Samsung “Smart TV” that’s connected to the Internet, there’s a chance Luigi Auriemma can hack into the device and access files stored on connected USB drives.
  • Joomla sites misused to deploy malware
    The Internet Storm Center reports that a large number of Joomla sites are currently deploying malicious code and infecting visitors with malware; some WordPress sites are also thought to be affected.
  • Intruders hack industrial heating system using backdoor posted online
    Same control systems are used by FBI, IRS, and Pentagon. – Hackers illegally accessed the Internet-connected controls of a New Jersey-based company’s internal heating and air-conditioning system by exploiting a backdoor in a widely used piece of software, according to a recently published memo issued by the FBI.
  • Botnet hidden in the Tor network
    The Security Street blog has found a botnet client, the operator of which is hiding behind the Tor network. This trick makes the work of security experts and criminal prosecutors much more difficult. The malicious botnet software, called “Skynet”, is a trojan that Security Street found on Usenet.
  • Android app verification service misses 85% of sideloaded malware
    Research by a professor at North Carolina State University (NCSU) has found that Android’s built-in app verification service misses about 85 percent of known malware.
  • Lost+Found: Metasploit phishing, hacker bounties and Android malware
    Too short for news, too good to lose; Lost+Found is a roundup of useful and interesting security news. In this edition: Metasploit goes phishing, Windows 8 password resets, defacing (or not) by git pull, C# rewards, Commander X spotting, and Android malware.
  • LogMeIn, DocuSign Investigate Breach Claims
    Customers of remote PC administration service Logmein.com and electronic signature provider Docusign.com are complaining of a possible breach of customer information after receiving malware-laced emails to accounts they registered exclusively for use with those companies. Both companies say they are investigating the incidents, but so far have found no evidence of a security breach.
  • New Findings Lend Credence to Project Blitzkrieg
    “Project Blitzkrieg,” a brazen Underweb plan for hiring 100 botmasters to fuel a blaze of ebanking heists against 30 U.S. financial institutions in the Spring of 2013, was met with skepticism from some in the security community after news of the scheme came to light in October. But new research suggests the crooks who hatched the plan were serious and have painstakingly built up a formidable crime machine in preparation for the project.
  • FTC’s Second Kids’ App Report Finds Little Progress in Addressing Privacy Concerns Surrounding Mobile Applications for Children
    Kids’ Data Still Collected, Shared without Parents’ Knowledge, Consent – The Federal Trade Commission issued a new staff report, “Mobile Apps for Kids: Disclosures Still Not Making the Grade,” examining the privacy disclosures and practices of apps offered for children in the Google Play and Apple App stores. The report details the results of the FTC’s second survey of kids’ mobile apps.
  • Facebook privacy settings get reworked once again
    The social network overhauls its settings, not for the first time, in an attempt to make things easier for people to understand, and phases out the option to block people from searching for your profile.
  • Microsoft Blocks Free Windows 8 Activation Flaw
    Back in November, software pirates found a way to activate a Windows 8 copy at no cost by simply using the Windows Media Center upgrade key provided by Microsoft for free as part of a limited time offer. Although the Redmond-based technology titan hasn’t provided too many details about it, it appears that Microsoft has quietly patched the bug and all users who attempt to exploit it are provided with a traditional “Activation error” message.

How-To Geek Weekly Article Recap

Geeky Goodness from the ETC Side

One Year Ago on How-To Geek

How-To Geek Comics Weekly Roundup

How-To Geek Weekly Trivia Roundup

Akemi Iwaya is a devoted Mozilla Firefox user who enjoys working with multiple browsers and occasionally dabbling with Linux. She also loves reading fantasy and sci-fi stories as well as playing "old school" role-playing games. You can visit her on Twitter and .

  • Published 12/16/12
More Articles You Might Like

Enter Your Email Here to Get Access for Free:

Go check your email!