[Previous] Twitter Deploys New Anti-Phishing Service | threatpost...

 [Next] Phishing emails with attached HTML forms instead of embedded U...

Some related posts from Technorati and Google.

[Thoughts from the Sidelines] Twitter Keen to Fight Phishing Scams & Spam [Twitter Steps Up to ...: Twitter’s trust and safety team boss Del Harvey has officially announced on the company’s blog that they’re working on a new new link-screening tool that will automatically detect bad links and spam, and remove them. “By routing all links submitted through this new service, we can detect, intercept and prevent the spread of bad links across all of Twitter.

[Financial Cryptography] Financial Cryptography: Mozilla moves on security: There's an opportunity for these people, if they get excited about the Mozilla project, to really contribute. They can contribute to secure design, they can suggest features, they can help us identify vulnerabilities, and they can help us test it.

[IT Security News from Global Secure Systems] Security tips for large and small businesses: Although you might think that in 2010, most users (and especially tech workers) would be suspicious of any password reset or messages declaring that "we are improving our security," a stunning number of them will still be fooled by such schemes. My company, Special Ops Security, as part of its assessments with organizations and government agencies, will run controlled experiments where we intentionally phish targeted individuals at a company and track both click-through and captured passwords on an encrypted Web site.

[Asa Dotzler: Firefox and more] Asa Dotzler: Firefox and more: opera gets anti-phishing: in some cases I've never looked in- but I know that if I need a pair of scissors, they will be there and fully functional .However, when someone points out that Opera now has anti-phishing like Firefox 2.0 and IE7, it means maybe some more people can check out Opera and possibly recommend it to less computer savvy people without worrying quite as much .

[TechCrunch] Mozilla Extends Lucrative Deal With Google For 3 Years: founder Jason Calacanis reported a rumor on his blog that Mozilla Corporation gained $72M during the previous year, mainly thanks to the Google search box in the Firefox browser.[5] The rumor was later addressed by Christopher Blizzard, a member of the Mozilla board, who wrote on his blog that “it’s not correct, though not off by an order of magnitude”.[6]“

[Kickstartnews - Daily News & Reviews] Norton Internet Security 2007 - review: However (and more important), we really missed the antispam component and we think that any internet security suite which fails to include protection from spam should really stop calling itself an internet security suite. In terms of direct competition for the feature and function crown, have a look at Zone Alarm Internet Security v7 or McAfee Internet Security 2007, both of which offer excellent and somewhat more inclusive feature and function sets.

[CNET News.com - Business Tech] Mac security not so much about the Mac | Apple - CNET News: "Even if Apple moved to 10 percent market share, why spend the time on the 10 percent when you can just nail 90 percent with one bug?" Miller points out. It's far easier, and far more lucrative, for those shadowy figures in the hacking business to spend their time going after the other 90-plus percent of computers in the world than it is to try to exploit flaws in the Mac--even if there's a shiny new computer involved.

[O'Reilly Radar - Insight, analysis, and research about emerging technologies.] Getting OpenID Into the Browser - O'Reilly Radar: Only because something like this is very vulnerable not to phishing attacks but to malware and virus attacks, imagine getting an OpenID centered virus on your computer that hijacks your account, changes the password and then proceeds to send/post spam on every site you've accessed (and maybe even log into some new ones), it would be hell to clean this up.

[SuperSite Blog] Microsoft: IE 8 Is the World's Most-Used Browser - SuperSite Blog:  Looking at the Secunia advisories over the past year, there has always been at least one major unpatched hole in IE 8 while most of the other browsers have seen the significant unpatched flaws come and go in a matter of days.  Those security features may as well not be there if the bad guys are just going to direct the exploits at the gaping unpatched vulnerability.

[Chromium Blog] Chromium Blog: Google Chrome, Chromium, and Google: One can compile this source code to get a fully working browser. Google takes this source code, and adds on the Google name and logo, an auto-updater system called GoogleUpdate, and RLZ (described later in this post), and calls this Google Chrome.

[Michael Sutton's Blog] A Tour of the Google Blacklist - Michael Sutton's Blog -: While I would like to think that the existence of Google's blacklist had contributed to the demise of these sites, phishing sites tend to emerge and disappear quickly, so I suspect that this is just a natural part of the phishing cycle. I had expected to see a combination of social engineering attacks, known vulnerabilities and 0day attacks used on the sites with the majority falling into the first category.

Reflected tags on Technorati: Blog, Phishing, Global Security Watch