women in technology: Week in Geek: 3 Online Networks Suffer Major Password Security ...

Our latest edition of WIG is filled with news link goodness covering topics such as web apps are now available for Firefox 16 nightly builds, Google has acquired Quickoffice & Meebo, ad networks are going around Apple to track iOS users, and more.

Weekly News Links

LinkedIn passwords in circulation
Internet forums are currently circulating a list containing over six million password hashes which allegedly originate from LinkedIn. The passwords are being cracked collaboratively with about 300,000 passwords already published as plaintext.
LinkedIn updates apps in response to privacy concerns
Security researchers had discovered the networking company?s app was transmitting user data without their knowledge.
LinkedIn working with police on password leak
In latest update, business networking company says it has strengthened site security, warned more users, and contacted police.
Millions of Last.fm passwords leaked
A list with several million passwords belonging to users of the music community site Last.fm has been posted on the internet. The site owners have posted a statement saying that the company is investigating the leak and that all users of the service should change their passwords immediately.
eHarmony member passwords compromised
On the heels of LinkedIn?s confirmation of compromised passwords, eHarmony says it is resetting passwords of its users that is says were also compromised.
Password leaks bigger than first thought
There have still been no official statements on the causes and extent of the recent password leaks at LinkedIn, eHarmony and Last.fm. A credible source is now reporting that the published 2.5 million Last.fm MD5 hashes, for example, are just the tip of a 17 million hash iceberg.
Microsoft contains Flame with Windows Update revamp
Following a groundbreaking cryptographic attack that hijacked the platform Microsoft uses to deliver updates to millions of large customers, the company has issued changes designed to prevent similar exploits from working again.
Flame espionage malware issues self-destruct command
The Flame espionage malware that infected Iranian computers has initiated a self-destruct command that removes all traces of itself on infected machines that receive the instruction, researchers said.
Attackers Hit Weak Spots in 2-Factor Authentication
An attack late last week that compromised the personal and business Gmail accounts of Matthew Prince, chief executive of Web content delivery system CloudFlare, revealed a subtle but dangerous security flaw in the 2-factor authentication process used in Google Apps for business customers. Google has since fixed the glitch, but the incident offers a timely reminder that two-factor authentication schemes are only as secure as their weakest component.
Researchers devise hack that sneaks Android malware into Google market
Mobile security experts say they?ve devised multiple ways to bypass the cloud-based service Google uses to keep its online market free of malicious Android apps. By exploiting the weaknesses in Google?s Bouncer service, researchers Jon Oberheide and Charlie Miller say it?s possible to sneak malicious apps into Google Play.
New DoS tool lets a single PC bring down an Apache server
Recently discovered malware circulating online gives miscreants a small arsenal of denial-of-service attack tools, including a relatively new one that allows a single PC to take down an Apache webserver, a researcher said.
Ad networks said to be going around Apple to track iOS users
According to a new report, mobile ad networks are able to track user behavior on iOS through the Open Device Identification Number (ODIN) to more effectively target ads.
Google gives state-sponsored attacks warning
Google now warns users if their account is suspected to be a target of state-sponsored attacks, but does not share in detail how it identifies such malicious activities.
EU?s Almunia: Google has until July to address antitrust concerns
The European Union?s competition commissioner says today that if his office doesn?t receive ?concrete signs? of improvement, it will launch a formal complaint.
U.S. antitrust regulators to question Google co-founders
Larry Page and Sergey Brin have hired a top Washington law firm to prepare for the depositions, Bloomberg reports.
Firefox 13 updates its tab page, adds on-demand tab loadin
Mozilla has announced the availability of Firefox 13, a new version of the open source Web browser. The update brings several major user interface changes, including a long-awaited refresh for the new tab page.
It?s official! Mozilla Web Apps available for Ubuntu?s Firefox
Mozilla developers have recently released a fix that makes the entire web apps stack usable under Linux, in the sense of allowing Linux users to install and run web apps via their Firefox web-browser. You will need to have Firefox 16 Nightly installed in order to access this new feature.
Personalized e-mail feature in Thunderbird 13 lets users register a domain name
Mozilla officially released Thunderbird 13 this past Wednesday, a new version of the open source e-mail client. The update brings several new features, including support for personalized e-mail addresses and easier sharing of large files.
Google acquires cloud-based Quickoffice
This latest acquisition adds to company?s ever-expanding pool of apps and could bolster Google Docs service.
Google buys Meebo to bolster Google+
Meebo ? the Web IM service turned advertising tool ? has been acquired by Google, and will work on the company?s Google+ social network.