According to data compiled by PandaLabs, the number of users affected by malware designed for identity theft has increased 600% so far this year with respect to the same period in 2008. Most of these are Trojans, but there are also many examples of phishing, worms, spyware, etc.
According to Luis Corrons, Technical Director of PandaLabs, “maybe one of the reasons of this increase is the economic crisis along with the big business that selling this information on the black market, such as credit card numbers, Paypal or Ebay accounts, etc. We have also seen an increase of the distribution and infection of this kind of malware through social networks.”
Read More

Anti-virus software vendor Kaspersky has discovered a new type of virus which infects and compromises systems running the Delphi development environment. After infection, all Delphi programs compiled using the infected Delphi environment are also infected. Anti-virus laboratory AV-Test has already spotted the first examples in the wild.

The virus affects Delphi versions 4.0, 5.0, 6.0 and 7.0. After making a backup which it names SysConst.bak, it overwrites the Delphi file SysConst.dcu with a self-compiled version. Since the infected file is loaded whenever Delphi programs are compiled, all programs generated after this point will be infected.
Read More

Google security specialists Tavis Ormandy and Julien Tiennes report that a critical security vulnerability in the Linux kernel affects all versions of 2.4 and 2.6 since 2001, on all architectures. The vulnerability enables users with limited rights to get root rights on the system. The cause is a NULL pointer dereference in connection with the initialisation of sockets for rarely used protocols.
Read more

The following google search queries can be used to identify information about your network thats being exposed to everyone.

site
The site operator is great for trolling through all the content Google has gathered for a target.
This operator is used in conjunction with many of the other queries presented here to narrow the focus of the search to one target.

intitle:index.of
The universal search for Apache-style directory listings.
Directory listings provide a wealth of information for an attacker.

error | warning
Error messages are also very revealing in just about every context.
In some cases, warning text can provide important insight into the behind-the-scenes code used by a target.

login | logon
This query locates login portals fairly effectively.
It can also be used to harvest usernames and troubleshooting
procedures.

username | userid | employee.ID | “your username is”
This is one of the most generic searches for username harvesting.
In cases where this query does not reveal usernames, the context around these words can reveal procedural information an attacker can use in later offensive action.

password | passcode | “your password is”
This query reflects common uses of the word password.
This query can reveal documents describing login procedures, password change procedures, and clues about password policies in use on the target.

admin | administrator
Using the two most common terms for the owner or maintainer of a site, this query can also be used to reveal procedural information (“contact your administrator”) and even admin login portals.

ext:html –ext:htm –ext:shtml –ext:asp –ext:php
This query, when combined with the site operator, gets the most common files out of the way to reveal more interesting documents.
This query should be modified to reduce other common file types on a target-by-target basis.

inurl:temp | inurl:tmp | inurl:backup | inurl:bak
This query locates backup or temporary files and directories.

intranet | help.desk
This query locates intranet sites (which are often supposed to be protected from the general public) and help desk contact information and procedures.

Website-specific searches:

Show all indexed pages for a specific domain:

site:{url}

Find pages that link to a specific URL:

link:{url}

Find pages related to a specific URL:

related:{url}

Show Google’s cached version of a specific URL:

cache:{url}

Show a page containing links to related searches about a URL:

info:{url}

Find only results from a specific domain:

site:{url} {terms}

Content-, Link-, and Title-specific searches:

Find results with the specified terms in the link URL or title of links to a website:

allinanchor:{terms}

Find results with only the first specified term in the link URL or title of links to a website:

inanchor:{terms}

Find results with the specified terms in the URL:

allinurl:{terms}

Find results with only the first specified term in the URL:

inurl:{terms}

Find results with the specified terms in the page title:

allintitle:{terms}

Find results with only the first specified term in the page title:

intitle:{terms}

Find results with the specified terms in the page text, not the links or page title:

allintext:{terms}

Find results with only the first specified term in the page text, not the links or page title:

intext:{terms}

Find results with the specified terms in the page links, not the text or title:

allinlinks:{terms}

Find results with only the first specified term in the page links, not the text or title:

inlinks:{terms}

Find results containing the specified filetype:

filetype:{filetype}

Find results not containing the specified filetype:

-filetype:{filetype}

Other Tips & Tricks

Find directory indexes (a listing of web server files) for specific topics and with specific filetypes:

{term} intitle:"index of /" {filetype}
php intitle:"index of /" .pdf

Find only images containing faces in a Google Image search result by adding ‘&imgtype=face‘ to the end of the search URL:

http://images.google.com/images?q=google

http://images.google.com/images?q=google&imgtype=face

Fears are rising that IP cameras can and willl be hacked. At Defcon, a demonstration showed an IP camera’s feed intercepted and replaced by a fraudulent video, allowing a hypothetical suspect to steal an object right in front of the surveillance camera; thus bringing Hollywood to ‘real life.’

Demo of the Hack

Here’s a demo of the hack (the theft occurs at the end of the clip).

Demo