From the shutdown of McColo to last week’s disruption of the Pushdo botnet, spammers have continually found ways to stay in business.

Nearly 20 of the 30 command and control (CnC)servers associated with Pushdo were taken offline last week due to efforts by security vendor LastLine. The servers were supported by eight hosting providers, some of which did not respond to the vendor’s requests for action.

Apple released a security update for Mac OS X that patches 13 vulnerabilities.

The release fixes issues in several components, including CoreGraphics and Apple Type Services. Several of the vulnerabilities are buffer overflows, and can be exploited to execute arbitrary code.

Facebook users are being targeted again in a scam that offers them a chance to install a “dislike” button. This scam has been making its way around Facebook this past weekend and it is said thousands of users have been affected, effected and infected.

The scam asks users if they would like to install a “dislike” button on their Facebook page, once they select the link the user are tricked into allowing a rogue application to access their profile page, which then begin post spam messages. The rouge application also attempts to lure the user into completing an online survey, for which the responsible party of the scam are paid money.

Apparently, everyone was waiting for the update, while small in size and a quick download for the iPad, the same could not be said for the iPhone. The patch for the iPhone took over an hour for the 300+ MB file to be downloaded. The latest versions are now 4.0.2 for the iPhone and 3.2.2 for the iPad.

As the popularity of the small Apple products (iPhone, iPad, iTouch) take off, they are drawing the attentions of hackers. Some hackers just want to access the OS so they remove roadblocks for application customization and to add unauthorized tools and programs, while others might want to do damage or steal your information.

Adobe today said it would issue an emergency patch the week of Aug. 16 to fix a critical flaw in its Reader and Acrobat software.

The bug was disclosed by researcher Charlie Miller at last month’s Black Hat security conference when he demonstrated how the open-source BitBlaze toolkit could be used to boost bug-hunting productivity tenfold.

Computer hackers have begun targeting power plants and other critical operations around the world in bold new efforts to seize control of them, setting off a scramble to shore up aging, vulnerable systems.

Microsoft Security Bulletin MS10-046 – Critical
Vulnerability in Windows Shell Could Allow Remote Code Execution (2286198)

Computer networks controlling the electric grid are plagued with security holes says a new Energy Department report based on the findings of 24 assessments of computer-control systems performed between 2003 and 2009. Many are VERY basic.

Microsoft stated they will issue an emergency patch for the critical Windows shortcut bug on Monday, Aug. 2. The patch is set to be released on Monday at around 10 a.m. California time. The news of this vulnerability surfaced 2 weeks ago and with an of attackers trying to exploit this vulnerability, Microsoft has taken an out-of-band approach to fix the problem. To date SecurityOrb.com has learned a few companies were comprimised by this bug.

DEFCON18 — Las Vegas — A hardware hacking expert here at Defcon18 successfully faked several attendees’ cell phones into connecting to his phony GSM base station during a live demonstration that had initially raised concerns at the Federal Communications Commission (FCC).

For those who are not familiar with the term jailbreak, it is freeing a device from the constraints imposed by the vendor. It normally requires the installation of software on a computer that will allow it to be installed on the device thus breaking it wide open for access and full modification as well as access to third party non-approved software.