“When reading about instances of cybercrime, we often get caught in the numbers and think about the details of a particular attack or exploitation of a technology, and actually forget that the victims will have to leave with the consequences. According to Symantec, 65% of adults worldwide have been a victim of some kind of cybercrime. Just think about that number for a moment, and try to imagine yourself in their place….”

Source: Team Cymru Internet Security News

“A Nigerian man has been sentenced to 12 years in prison for sending out fraudulent e-mails offering victims big bucks in exchange for moving cash to the United States. Okpako Mike Diamreyan, 31, was sentenced to 151 months of prison Wednesday by United States District Judge Janet Hall in Bridgeport, Connecticut. Diamreyan made more than US$1….”
Source: Team Cymru Internet Security News

“Twitter has been bitten by a hard-to-kill web-application bug that’s being actively exploited to steal users’ authentication credentials, a security expert said Tuesday. A link that exploits the XSS, or cross-site scripting, vulnerability was included in tweets that sent users’ session cookies to two servers under the control of attackers, according to Stefan Tanase, a security researcher for Russian anti-virus provider Kaspersky. The tweets, written in Brazilian Portuguese, claimed a popular band suffered a tragic accident and offered additional information….”
Source: Team Cymru Internet Security News

“At a seminar Wednesday attended mostly by seniors, District Attorney Mike Ramsey reminded them that older generations are often targeted by frauds and scams because they have more disposable income, are more trusting, and are likely to be more polite to scammers over the phone. Among simple things people can do to protect themselves from Internet fraud is to create a password made up of letters and numbers, rather than using something personal, like a birth date or anniversary. The men also said using your mother’s maiden name is a no-no, but said the biggest mistake most victims make is giving out their Social Security numbers….”
Source: Team Cymru Internet Security News

“Microsoft has released a warning about a new kind of browser-based attack. The attack mimics genuine pages generated by browsers, such as Internet Explorer, Firefox and Chrome, and tricks users into installing a fake anti-virus software. When users visit a compromised website running a malicious code, a genuine looking pop-up surfaces on their web browser, alerting them that their security defences are down and they need to install the an anti-virus software to contain the virus….”
Source: Team Cymru Internet Security News

“A new mass injection attack has compromised tens of thousands of websites with code that directs visitors to rogue antivirus programs. The new attack was detected and reported by security researchers from Websense, a provider of Web and email security solutions. During last week the number of affected sites varied from 22,000 to almost 39,000 depending on the day, with BlueHost being the most affected hosting company….”
Source: Team Cymru Internet Security News

Although the Foursquare check-in service was only supposed to divulge users’ locations to their friends, it was possible to trace users movements by using scripts to permanently monitor locations.

Source: The H Security