Looking back, what a strange bunch of news we had last week – and by strange, I mean that SC Magazine covered a little bit of everything.

First, a lot of IT pros are likely scratching their heads wondering if the iPhone’s release is going to be a career-changing event, and not in a good way.

Researchers and analysts last week were cautious of the iPhone. Here’s another take from a Symantec researcher:

“Projections made by various analysts suggest that iPhone adoption will be quite high. This allows attackers to target a larger audience with malicious code designed to run on the devices. The Safari browser and HTML email capabilities of the device could present an ideal attack vector. As recently demonstrated, Safari can be affected by vulnerabilities just as easily as other browsers on the market. While Apple may patch these holes on both the desktop and mobile platforms, the question is will users who have to pay for data transfers be willing to download large security updates on a regular basis?”
- Marc Fossi, Symantec Security Response Weblog, “Dialing for trojans”

The conventional wisdom used to be that malware authors would try to reach as many end-users as possible to spread viruses, worms, trojans or the malware of the day.

But now, attackers may be taking a page from marketers and forgoing attempts at global mass-attacks in favor of targeted, language- and custom-specific attacks to spread malware through a specific region.

Last week we saw the “Italian Job” trojan attack, spread mostly through use of the Russian-gang-controlled MPACK toolkit.

Here’s what Exploit Prevention Labs had to say about the trojan that ran amok through the boot-shaped country this month.

“The most important thing to keep in mind about this attack using compromised hosts and the MPACK exploit toolkit is that there is nothing unique save for the number of hosts involved. A year ago, the popular exploit toolkit was WebAttacker from Inet-Lux. The same many-to-one approach of using multiple compromised hosts to redirect to a singular malicious site was popular. Also, both WebAttacker and MPACK can serve up several exploits based on the visitor’s configuration…Prior to this ‘Italian Job’ we’ve been seeing MPACK use in the wild exploding this year. However, there are other toolkits out there, and there is no shortage of malicious talent to construct new ones. Whoever advertises the highest anticipated rate of infection will have a chance to become the weapon of choice. Moving forward, I’m sure we’ll see further larger-scale attacks play out either with MPACK or another toolkit.”
- Robert Freeman, Frequency X, “Reflecting on an ‘Italian Job’”

And what would a recap of last week’s news be without Harry Potter. The boy wizard was at the center of an information security controversy of his own, as a hacker claimed to have penetrated the networks at Bloomsbury Publishing and found out the end of the hugely popular series.

Most experts think the reported hacking was a fake; here’s the good word from Security-Protocols:

“If what (hacker) ‘Gabriel’ says is true, then that means tons of new spoilers for the book are now available online and we are going to have a lot of very upset Harry Potter fans. The spoilers the hacker gives away basically tell who dies in the last book…We also have to remember that potential troll posts like this one have occurred on two previous Harry Potter books, both of which were not true.”
- Security-Protocols, “Harry Potter and the Deathly Hallows hacked?”