New Bug in Internet Explorer Used in Targeted Attacks

There’s a new flaw in all of the current versions of Internet Explorer that is being used in some targeted attacks right now. Microsoft has confirmed the bug and said it is working on a fix, but has no timeline for the patch release yet. The company did not rule out an emergency out-of-band patch, however.

UK: Google Street View Data Snarfing Broke the Law

Search giant Google violated the United Kingdom’s Data Protection Act by gobbling up personal data, in addition to images and GPS data, with its roving Street View autos. 

According to a report by the BBC, the UK’s Information Commissioner ruled there was a “significant breach” of the country’s data privacy laws by Google, which will not face monetary penalties or punishment, but will have to allow its data protection practices to be audited by the Information Commissioner’s Office. 

Creator Defends FireSheep: App Does More Good Than Harm

One of a pair of developers who created FireSheep, a Firefox browser plug-in that makes it easy to snoop on others’ social networking sessions, has written a blog post defending his creation, saying it has helped elevate discussion about security on the Web. 

UPDATED: ICS-CERT, the emergency response team for industrial control systems, has warned companies that run SCADA (Supervisory Control and Data Acquisition) software that the systems running it may be easily discovered using a free Web based search engine dubbed Shodan.

Google is extending its nascent bug-bounty program to the Web applications that the company owns, including its flagship search service, YouTube and Blogger. The program will pay researchers rewards of up to $3133.7 for bugs that they find in Google Web services and report directly to the company.

Following an embarrassing expose in the Wall Street Journal, Facebook has tightened its controls over the ways in which applications that use the social networking platform can share unique user identity information (or UIDs). The company also banned several applications accused of improperly disclosing user data. 

Subscribe to our newsletter, Threatpost Today!

Get the latest breaking news delivered daily to your inbox.