Experts at Sophos Labs  warned  about a widespread malicious attack which is perpetrated through an e-mail inviting users to download the beta for Internet Explorer 7.0. 

The e-mail, whose subject  is "Internet Explorer 7 Downloads", claims to come from  This e-mail address is being protected from spam bots, you need JavaScript enabled to view it     and displays an image which invites users to download beta 2 of Internet Explorer 7.

But actually, the message is fake and it contains the file called ie7.0.exe, infected by  a virus, known as Grum-A  , that infects executable files referenced by Run keys in the Windows Registry. 

Are you worried that your Social Security or credit card number might be stolen? Would you like to be sure that nobody but you could use your data? A new web site apparently represents the solution you are looking for.

The homepage of StolenIDsearch.com  offers a “free, fast and secure search” to understand if US users’ personal information is safe. But there’s a problem: in order to check whether or not data were stolen, people should enter credit card or social security number into a search box, which is very similar to those of other Searching Engines.

The company  says not to worry about that and created a specific section where it is widely explained why StolenID search is so safe. The company claims:

The interest in new technologies and techniques to fight cyber crime is increasing almost as fast as cyber crime itself, but unfortunately this seems to be not enough, since according to statistics users’ interest in security is not supported by a real awareness.

US universities are concerned  about the creation of effective IT security educational programs, as for the University of Texas at San Antonio where it will be opened a new computer-security research institute that one day could protect users from theft or identity theft. The institute will be headed by an internationally recognized scholar, Ravi Sandhu, and it will be partially granted   by  the Texas Emerging Technology Fund  that  has just allocated  $3.5 million  for this project .

But Universities cannot wipe off cyber crime, that is actually increasing, as testified by the number of articles about cyber-crime that are published every day on “Tech-pages” in newspapers from all over the world: internet users are constantly under digital threat.

Pod Slurping is a method of stealing information from a PC and downloading into iPods, USB flashes, MP3 players, PDA drives and other devices with storage capabilities.

Improvements in wireless and mobile technology have made personal storage devices become so powerful that they can file up incredibly high volumes of files. This characteristic represent a dangerous vulnerability for companies, indeed when dealing with wireless security they basically focus on laptops or notebooks and they hardly ever consider other perspectives.

Do you know Jikto? It is a new tool written in Java Script that could be used by cyber crooks on PCs of unknowing users to make them do illegal activities without directly commandeer the systems.

According to Jikto creator Bill Hoffman, researcher at Web security firm SPI Dynamics , This is going to drastically change the scope of evil things you can do with JavaScript," Hoffman said.

"Jikto turns any PC into my little drone. Your PC will start attacking Web sites on my behalf, and you're going to give me all the results." 

The tool will be released later this week during  the annual East Coast hacker convention ShmooCon   in Washington D.C. 

Jikto is a Web application vulnerability scanner that, according to Mr. Hoffman, can be embedded into an attacker’s website or injected into trusted sites though cross-site scripting flaws. It can silently sound and audit any kind of web site, and then sent the results to the attacker who set up the tool.