InSecurity Complex

Symantec may have mistakenly labeled more than a dozen Android apps as malware, according to security researchers at Verizon-affiliated ICSA Labs.

It's an easy mistake to make, according to Roger Thompson, an ICSA "emerging threats" researcher who authored a blog post on the subject. Thompson suggested that the apps appear to include a new release of an ad platform that merely resembles malware in certain ways.

Symantec recently raised an alarm over an alleged Trojan it dubbed Android.Counterclank, saying its researchers had discovered 13 apps on the Android Market that had millions of downloads combined were &… Read more

A 20-year-old Romanian has been arrested on charges of hacking into Pentagon and NASA servers, stealing confidential data, and posting it on his personal blog, according to a statement today from the Romanian prosecutors office.

Razvan Manole Cernaianu, an information technology student who allegedly used the online alias "TinKode," offered a software program for sale on his blog and also showed a video that demonstrated how he compromised the servers, officials said.

Romanian officials said they were working with the FBI and NASA representatives on the case. An FBI spokesman in Washington, D.C., did not immediately have … Read more

Google, Facebook, Microsoft, Yahoo, PayPal and others are working together on a standard that can be used across the Internet for blocking phishing e-mails.

The 15 companies will be announcing on Monday DMARC.org, which stands for Domain-based Message Authentication, Reporting, and Conformance--a system for verifying that e-mails are coming from legitimate companies and not imposters trying to trick people into clicking a phishing link. Basically, the system offers a common way for companies to authenticate their legitimate communications with customers.

Also in the DMARC working group are AOL, Bank of America, Fidelity Investments, American Greetings, LinkedIn, and e-mail security … Read more

Online activists Anonymous are targeting the European Parliament and supporters of the Anti-Counterfeiting Trade Agreement (ACTA), which critics say would curtail freedom of expression and encourage surveillance by service providers.

Copyrightalliance.org was inaccessible today after Anonymous set its sights on the Web site for its pro-ACTA stance. Meanwhile, hackers were poking at the sites of the European Parliament and governments in the EU, with plans to dig up information on officials that could be released publicly, a source familiar with Anonymous' plans told CNET.

Anonymous has a history of operations against what the group complains are antipiracy efforts that … Read more

Twitter said today that it will withhold tweets from a country when there are local restrictions rather than having to block them globally.

"As we continue to grow internationally, we will enter countries that have different ideas about the contours of freedom of expression," the company wrote on its blog. "Some differ so much from our ideas that we will not be able to exist there. Others are similar but, for historical or cultural reasons, restrict certain types of content, such as France or Germany, which ban pro-Nazi content."

Until now, the only way Twitter could … Read more

The Department of Homeland Security is disputing a government memo obtained by Nextgov.com that said a targeted attack on the computer network of a railway company in the Northwest disrupted train service in early December.

"Following more in-depth analysis, it appears that the potential cyber incident did not in fact target a transportation entity," a senior DHS official told CNET today. "DHS worked with the affected entity, the FBI, and the Transportation Information Sharing and Analysis Center (ISAC) to resolve the issue and send alerts to notify the community of the anomalous activity as it was … Read more

Symantec is urging customers to disable PCAnywhere until it issues a software update to protect them against attacks that could result from the theft of the product's source code.

Someone broke into Symantec's network in 2006 and stole source code for PCAnywhere, which allows customers to remotely connect to other computers, as well as Norton Antivirus Corporate Edition, Norton Internet Security and Norton SystemWorks, the company said last week. Earlier this month, hackers in India affiliated with the Anonymous online activist group said they had gotten the code off servers run by Indian military intelligence.

Hackers have threatened … Read more

Google is planning to rewrite its privacy policy to grant it explicit rights to "combine personal information" across multiple products and services, the company said today. Previously, it had only implicit rights to do so.

Beginning March 1, the activities and data of a Google user who is signed in will be used to provide a "simpler, more intuitive" experience for users across all the Google services, according to a post on the Official Google blog.

For instance, Google searches may take into consideration context of searches based on the user information and activities, such as … Read more

Smart meters that monitor electricity usage in homes in parts of Germany leak data that could reveal what programs are being watched on the digital TV, researchers there say.

The researchers tested smart meters made by German company Discovergy and found that someone with network sniffing skills and equipment could use a "man in the middle" attack to eavesdrop on data related to power use in the home.

The smart meters record high-resolution energy consumption of appliances every two seconds and transmit it to the server at the utility company over the Internet. The system gives utilities up-to-date … Read more