A lot of write-ups have been covering this, so here are a few from InformationWeek, Dancho, SCMagazine and McAfee.

Besides saying the ever satisfying “told you so”, nothing much to add here. More bogus profiles enticing users to connect to them, look at the content, and catch the same old nastiness – only packaged in another format. Just remember that social networks, just like in real life, can be a great playground for eCriminals – this is just the tip of the iceberg. What would have happened if you were to see the profile of a person you actually know on LinkedIn (or any other network for that matter), and click on a link from it that is actually malicious? That would be much more effective, and not that far-fetched wouldn’t it?

Since the beginning of the Israeli military campaign in the Gaza Strip, thousands of Israeli websites have come under cyber-attacks carried out by hacking groups operating out of Morocco, Lebanon, Turkey, and Iran.

A Moroccan Islamic group hacked into the registration system server of domainthenet.com on last Friday, and the main pages of more than 300 Israeli Web sites were defaced. The group hijacked the domains of major Israeli websites including Israeli Bank Discount, a website for weather forecast and the Israeli Ynet News, a popular Israeli news website. Visitors of the hijacked domains were rerouted to websites featuring images of the casualties of the ongoing Israeli offensive against Gaza, and with anti-Israeli and anti-U.S. messages.

Ynet reported that the hackers obtained a password which granted them access to the server, “which updates and 'translates' the websites' IP addresses into a Domain Name Service; and change the IP's numeral values, effectively rerouting users away from the original websites”. Ynet added also that the hackers did not hack into the actual websites but redirected the users to a “hostile” website, while other hackers managed to access original websites.

It has been also reported that another popular Israeli news website called “debka.co.il” is down due to a cyber attack.

And here comes the cyber response from the Israeli side – a group of Israelis students has built a website which allows any user, even non-technically oriented ones, to attack Hamas websites. The group define itself as “a group of students who are tired of sitting around doing nothing while the citizens of Sderot and the cities around the Gaza Strip are suffering, NO MORE!”. The group says that they “created a project that unites the computer capabilities of many people around the world. Our goal is to use this power in order to disrupt our enemy's efforts to destroy the state of Israel”.

The attack could be performed by downloading a file which launches DoS attacks – the file recurrently refers to the servers on which the Hamas websites are hosted, and the large number of requests will overburden the servers. In cases where the attacked server is no longer able to handle all the requests, the hosted websites will be unavailable. The file is obviously blocked by eSafe due to its malicious nature.

This outbreak of cyber-attacks is typical of the emerging trend of cyberwar. Last year’s Russian-Georgian cyberwar showed how political tensions are usually followed by or preceded by cyber-attacks on targets affiliated with the opposing side.

I have just read a couple of excellent posts (on SquaredPeg, and InsideFacebook) that talk about something I have been preaching for a while – your online identity and how easily it can be manipulated (or falsely created). The posts talk about Facebook groups and accounts that have been created for the class of 2013 for quite a few colleges in the US. While in fact none appeared to be legitimately affiliated with the incoming class at any of the colleges

Motive? In this incident, it’s mostly marketing – getting ahead start on the right audience can go a long way nowadays.

This is not the last of it. In what may have been the first more publicly exposed online identity “squatting” (remember the domain name cyber squatters of the 90s…) I do expect a lot more to come on that front. So , if you haven’t got a Facebook/LinkedIn/MySpace/ Bebo account yet,  you probably want to make sure you get one soon enough. You’d never know who may be creating an online persona of yourself now. The implications are grave; just thinking of what kind of damage someone could do if he was to create an account for me, connect to my friends and business partners, and start communicating on my behalf is mind-boggling.

So don’t just be safe out there. Be out there!, that is to say, knowing what’s out there under your name is the first step in protecting your online identity.

Update (12/24/08): As noted to me by my colleague Andrew Lindell, this is also true for your real identity as it is manifested online in other means. For example - online banking, bill payments, and online credit card management. If you do not have an account for these - get one now! It's overly simple to obtain a bank statement or a bill, and use it to set up online banking on your behalf. Even if you don't plan to use online banking - get an account, put a decent passowrd on it and tuck it away. That way you can be sure that noone can create that account for you using some old banking statement!

Aladdin eSafe has provided full vulnerability protection for the recently published Microsoft IE7 XML bug.

There have been public reports of attacks against a new unpatched vulnerability which exists in Microsoft Internet Explorer and allows remote code execution if the user visits a webpage containing a specially crafted XML elements. The bug exists in the way Internet Explorer handles data binding functions. This vulnerability is in Internet Explorer, and all versions of Internet Explorer dating back to version 5 are affected. Websites are being compromised through SQL Injection in order to insert Javascript that loads this code.

This bug data has been provided to Aladdin eSafe through the newly established MAPP (Microsoft Active Protections Program) initiative from Microsoft, which enables security vendors to provide better protection from such vulnerabilities in advance. In this case, as the vulnerability has surfaced directly after the Microsoft patch, MAPP was able to prove itself, and eSafe has been actively protecting all of its customers from the vulnerability – including several hundreds of thousands of home and small business users through ISPs that employ Aladdin eSafe in a clean-pipe solution.

Today, Microsoft is scheduled to release an out-of-band update to fix the said bug. More information can be obtained on the Microsoft website at http://www.microsoft.com/technet/security/bulletin/ms08-dec.mspx.

Microsoft has released its monthly security bulletin for December 2008 to address eight vulnerabilities in Windows and Internet Explorer, six of them are critical. We strongly suggest applying the patches provided by Microsoft for these vulnerabilities.

The following is a list of the security updates released by Microsoft:

Microsoft Security Bulletin MS08-071: Critical
Vulnerabilities in GDI Could Allow Remote Code Execution
http://www.microsoft.com/technet/security/Bulletin/ms08-071.mspx

Microsoft Security Bulletin MS08-075: Critical
Vulnerabilities in Windows Search Could Allow Remote Code
Execution
http://www.microsoft.com/technet/security/Bulletin/ms08-075.mspx

Microsoft Security Bulletin MS08-073 - Critical
Cumulative Security Update for Internet Explorer
http://www.microsoft.com/technet/security/bulletin/ms08-073.mspx

Microsoft Security Bulletin MS08-070 - Critical
Vulnerabilities in Visual Basic 6.0 Runtime Extended Files (ActiveX Controls) Could Allow Remote Code Execution
http://www.microsoft.com/technet/security/Bulletin/ms08-070.mspx

Microsoft Security Bulletin MS08-072 - Critical
Vulnerabilities in Microsoft Office Word Could Allow Remote Code Execution
http://www.microsoft.com/technet/security/bulletin/ms08-072.mspx

Microsoft Security Bulletin MS08-074 - Critical
Vulnerabilities in Microsoft Office Excel Could Allow Remote Code Execution
http://www.microsoft.com/technet/security/bulletin/ms08-074.mspx

Microsoft Security Bulletin MS08-077 - Important
Vulnerability in Microsoft Office SharePoint Server Could Cause Elevation of Privilege
http://www.microsoft.com/technet/security/bulletin/ms08-077.mspx

Microsoft Security Bulletin MS08-076: - Important
Vulnerabilities in Windows Media Components Could Allow Remote
Code Execution
http://www.microsoft.com/technet/security/Bulletin/MS08-076.mspx