By Steve Huff 10/04/12 1:18pm

SCAMS

Screengrab

New Universal Exploit Lets Cyber Thieves Immediately Snatch Data From Browser Forms [Video]

Malware scammers are streamlining the process they use to steal vital information with a new exploit that works on any website, not just a mocked-up PayPal form. This newly-discovered exploit has been spookily dubbed “Universal Man-in-the-Browser,” or uMitB.

Past scams used plain old Man-in-the-Browser to lift stolen data. Man-in-the-Browser (MitB) extracts data from fake forms that look just like any online purchase page. Cons have to take log files of information gathered by a Man-in-the-Browser scam and sort it for vital information before selling it via black markets online. This need to parse the stolen data worked in the victim’s favor, as it gave anyone who realized they’d fallen for the ploy the time to cancel or close their accounts.

Universal Man-in-the-Browser eliminates the lag time between victim data entry and scammer data use and can pull from any web page. George Tubin, a senior security strategist at security vendor Trusteer, explained uMitB in more detal to CSO Online: Read More

By Jessica Roy 6/20/12 7:40am

Linkages

(Photo: Microsoft)

Booting Up: Nigerian Scammers Edition

Why do Nigerian scammers say they’re from Nigeria? A Microsoft researcher investigates. [Hacker News]

Now you can read through a user’s Twitter stream without all those annoying @ replies to randos clogging it up. [Twitter Blog]

Oops. Microsoft forgot to tell its PC partners about that little thing called the Surface tablet. [Reuters]

Facebook’s head of mobile told the audience at Le Web that the company is trying to copy Path. Cool story, bro. [TechCrunch]

The Daily Dot rounds up some of the more embarrassing moments in Reddit’s history. [Daily Dot]

LinkedIn is being sued for that unfortunate password hacking scandal. [VentureBeat]