Hackers have turned YouTube into a spam channel by exploiting legitimate users invite feature. YouTube users have the facility to “Invite Your Friends”, which in effect allows them to send email to any address from their YouTube accounts.

This functionality is what the spammers are exploiting. The spam message is just like any “Invite Your Friends” message, except that it includes the typical spam content and links to spam Web sites. The messages all come from service@youtube.com.

In the past couple of months, bothents have become smaller and more versatile in order to escape the ever increasing corporate security controls.

Security firms Finjan and F-Secure pointed out that criminal organizations are splitting their botnets into smaller groups in an attempt to create multi-swarm attacks that can escape detection.

Message Labs has released the September edition of the MessageLabs Intelligence monthly report.It provides the latest threat trends for September 2007, as well as a quarterly retrospective, to keep you informed regarding the ongoing fight against viruses, spam and other unwelcome content.

GAP, the famous clothing retailer, shares the cruel faith of TJX and Monster. The theft of an unencrypted laptop on Sunday caused the loss of more than 800,000 SSN belonging to former job applicants at GAP.

Gap learned of the theft on Sept. 19, and later said the laptop was stolen from the offices of a third-party vendor managing job applicant data for it.Cynthia Lin, spokeswoman of the California-based clothier, would not disclose the name of the vendor, nor would she provide any other details of the theft.

"If you're going to do cybersecurity, you have to spy on Americans to secure Americans"

In a major shift, the National Security Agency is drawing up plans for a new domestic assignment: helping protect government and private communications networks from cyberattacks and infiltration by terrorists and hackers, according to current and former intelligence officials.

From electricity grids to subways to nuclear power plants, the United States depends more than ever on Internet-based control systems that could be manipulated remotely in a terrorist attack, security specialists say.