Earlier in March, Panda Security discovered that the 8GB microSD memory card from a Vodafone HTC Magic cell phone running Google's Android OS was loaded with three malware programs - the now-defunct Mariposa bot, the Confiker worm and a program that steals passwords for the Lineage game. Vodafone thought this was an isolated incident, but it turns out it isn't. On Friday, Vodafone in Spain said that as many as 3,000 mobile phones could have infected memory cards in them.

You may have heard about how Pennsylvania's chief information security officer was recently fired after he spoke about security incidents involving the state during a panel discussion at the RSA trade show. It was widely speculated that his termination was due to the subject matter of his talk. But, that apparently isn't true. In an interview with Computerworld (link below), Robert Maley says the official reason he was fired was he spoke without proper authorization, and he was aware of what he was doing.

The Washington Post broke the story (registration) on Friday about how Pentagon officials in 2008 ordered military computer specialists to knock a website off line that was used by Islamist extremists. The kicker is, the site was set up by the CIA and Saudi intelligence services in order to monitor extremist communications.

The Pentagon officials believed Iraq insurgents were using the online forum to plan attacks on U.S. forces.

The Los Angeles Times has an intriguing article about how sensitive Russian government information is for sale in Moscow's Savyolovsky Market. The data is either leaked or stolen and is now available on discs for anyone to purchase. According to the Times, the data includes police and FSB records, unlisted numbers, tax returns, customs declarations, wanted lists, car registrations, and business permits.

The NYPD on Thursday cited a "computer glitch" as the reason police have targeted the home of an elderly, law-abiding Brooklyn couple more than 50 times since 2002. The cops explained to the couple that their address, for some unknown reason, was used to test a department-wide computer system in 2002, and the address was never "wiped" from that system.

The United States Computer Emergency Readiness Team (US-CERT) has posted this advisory about "public reports of malicious code circulating via spam email messages impersonating the Department of Homeland Security (DHS)."

According US-CERT, the malicious unsolicited emails may contain subject lines related to DHS or other government activity, as well as a link or attachment, which if clicked on or opened may infected the user's computer with malicious code, including the Zeus Trojan.

Speaking at the Federal Trade Commission public roundtable on protecting consumers' privacy on the Internet, outgoing FTC commissioner Pamela Jones Harbour said that "respected" online giants "continue to launch products where the guiding privacy policy seems to be, 'Throw it up against the wall and see if it sticks.'"

Wired reports a disgruntled former employee of the Texas Auto Center in Austin was arrested Wednesday for allegedly accessing an online system that allows the auto dealer to remotely disable vehicles. Auto dealers are using this technology as an alternative to repossessing cars and trucks.

The ex-worker is accused of using someone else's credentials to get into the website and then systematically either remotely rendering the vehicles useless or making their horns honk relentlessly. The suspect made it through about 100 cars before the authorities caught on to him.