Sony has confirmed the vulnerability found by F-secure on the company's new MicroVault line of USB memory sticks and fingerprint reader. The security flaw lies in the memory stick's function to write a hidden folder in PCs that hackers can exploit.

The case is similar to the case Sony faced in 2005 when their music CDs were found to also write software into the PCs that were hackable.

F-secure and McAfee, which also took part in the investigation, found out that the memory stick wrote an undetectable folder in the hard drive.

While not reachable by normal means, hackers can break into it and spread malicious code through the folder. Since even some popular anti-virus software can't detect the folder, it's danger is even more alarming.

The two security companies who found the flaw were surprised at the similarities between this case and Sony's 2005 case, but the latest security flaw is not as serious. The 2005 case involved anti-piracy software in Music CDs that wrote a rootkit into the PC to prevent the user from ripping the tracks. They said there is a major difference between the two cases:
 

Sony is attempting to protect the user's own data [with the bundled third-party software]. In the DRM case, Sony was attempting to restrict you - the user - from accessing the music on the CD you bought. So their intent was more beneficial to the consumer in this case.

The USB storage has been discontinued in stores but is still available online. A Sony spokesperson explained that the program was outsourced and was developed by a third-party manufacturer. They will address the issue by releasing a downloadable fix by the middle of September.

Here's a bit of news that the more tech-savvy of us should take note of: the software included in high-end memory sticks sold by electronics and media giant Sony Corp can make your personal computer vulnerable to outside attacks. This alarming bit of info comes from none other than researchers from two security firms.

So what's the actual product from Sony that's been causing all this hub-bub? Specifically, the MicroVault USB memory stick and fingerprint reader. These two products seem to have software that creates a hidden directory on the computer's hard drive.

This hidden directory is known as a root kit, and it pretty much opens your PC up for hackers to exploit and take advantage of - all with you none the wiser.

It doesn't end there: not only is the root kit undetectable by normal means (searching through your folders, browsing through your directies) - it's also hidden away from some of today's more popular computer security software, or those programs you use to sniff out viruses, spyware and other sorts of malware.

This is definitely not good, as it's not only a very real vulnerability, but one that's practically permanent (barring a full hard drive wipe). And this recent finding by F-Secure, a Finnish security software maker, has been confirmed by none other than McAfee Inc.

What can be done, then? For now, you might want to beef up your computer's security measures, if you've been using the aforementioned devices, and hope for the best - as well as cross our fingers that Sony quickly catches wind of this and resolves the issue as soon as possible.

Consumers' eyes and attention are keenly fixed on how to crack open the eye-candy iPhone ever since Apple launched it this year. And to tell you the truth, a lot of homebrew applications have been appearing lately showcasing the mobile phone's flexibility and functionality.

Experts, however, warn consumers that this may lead to complex mobile attacks in the future much like the problems PC users are facing right now. Anti-virus Research Director Mikko Hypponen from computer security service provider F-Secure had this to say:

The amount of hype around the iPhone is pretty unbelievable, so it's a given that people will continue to play around with it and find ways around the security features of the phone. It's quite likely that we'll see iPhone malware sooner or later.

The director further explained that despite having a Bluetooth function, the anticipated malware are expected to spread through email because iPhone doesn't use the chip for file transmission. He added that other smart phones based on the OS Symbian have a lot to worry in the future. Hypponen added:

We've seen a little over 370 different examples of malware running on smart phone platforms. Almost all of them target Symbian-based phones, because Symbian is by far the market leader, with over half the smart phones in the world running that operating system.

Anything that appears to be lucrative or of value is susceptible to being abused or taken advantage of. The gaming industry is no exception to that.

Dave Weinstein, an engineer at Microsoft, has sent out a warning that hackers are now targeting online games. Massive multiplayer online role playing games (MMORPG), like World of Warcraft, are particularly vulnerable to such attacks. These hackers break into players' account information by using malicious programs to sell virtual items, such as gold or weapons, for cash.

While the issue seems to be trivial, F-secure security specialist Mikko Hypponen maintains that this is a real problem. In fact, there have already been lots of cases concerning malicious programs that seek to steal players' account details. Earlier this year, almost a fourth of a million characters were created in Lineage, a Korean online game, using stolen identities.

Hypponen further explains that trojans are most commonly used by criminals to steal account details. This is supposedly a harmless program that collects login and password information. The catch is that these information are actually being sent back to the hacker. Once he takes hold of the password details of a character, the hacker can now login to the account and sell the characters' weapons, potions and spells. Trojans are often disguised as programs that will give a character special powers such as invisibility. Distribution may be done through in-game chat rooms or by e-mail.

At the annual Gamesfest conference in Seattle, Weinstein urged the developers to be up on their toes, especially now that there are serious security risks on their games. "Those of you who are working on massively multiplayer online games, organized crime is already looking at you," he said.