Bill Brenner

I see a lot of friends and family on the social networks freely sharing their location. I can understand why they would, but I'll never approve.

Call me paranoid, because I am in this case. People share their precise coordinates because they think their peers will find it cool that they are at Disney Land or in a posh restaurant in the North End of Boston. Share on Facebook and Twitter that you are currently at such-and-such a cafe in Rome and peeps are bound to be jealous over the savvy world traveler you've become.

Sophos Senior Technology Consultant Graham Cluley agrees with a BitDefender study showing Facebook as a growing attack vector for smartphone malware. Sophos has seen a similar pattern, and Android phones are often the easiest targets, Cluley said in a sit-down interview Tuesday.

"The iPhone operates in a more controlled environment and the BlackBerry security model is fairly strong. Because Android operates in a more open environment, it's more open to infections," Cluley said during a visit to the offices of IDG Enterprise, home of CSO.

The good news is that the public and private sectors are getting better at these global botnet takedowns. The bad news is that the bad guys are already planning for it.

That's one of the takeaways from a new Fortinet report looking at five perils and opportunities to expect in the coming year. In an interview with CSO, Fortinet Cybersecurity and Threat Research Project Manager Derek Manky shared the following details:

The WikiLeaks story has snowballed so quickly and dramatically that it can be hard to keep track of everything that has taken place. In an attempt to sort all this out, CSO has constructed a timeline of events, starting with the most recent news and working back to when the story first gained our attention in late November.

What follows is taken directly from articles that have appeared on CSO since the story broke on Nov. 28.

Google. Twitter. Government websites. Fortune 500 companies. All have been victims of crippling distributed denial-of-service (DDoS) attacks. The attacks have grown in reach and intensity thanks to botnets and a bounty of application flaws. And Akamai Technologies has a seen it all firsthand.

Many people use Akamai services without even realizing it. The company runs a global platform with thousands of servers that customers rely on to do business online. The company currently handles tens of billions of daily Web interactions for such companies as Audi, Fujitsu and NBC, and organizations like the Department of Defense and Nasdaq. There's rarely a moment--if there are any--when an Akamai customer is not under the DDoS gun.

You want to embrace cloud computing because it makes your IT operations leaner and less expensive. But your understanding of cloud security hasn't advanced much in the last year, so you have to be cautious.

That's one of the takeaways from the Eighth Annual Global Information Security Survey CSO conducted along with sister publication CIO and PriceWaterhouseCoopers. Some 12,847 business and technology executives from around the world took the survey, and many admitted they're still a bit scared with the idea of putting critical data in the cloud.

When it comes to mobile devices, IT security practitioners prefer employees use a BlackBerry because it's easier to control the data users share on them than, say, an Android or iPhone. But as consumer-based devices like the Apple brands get more sophisticated with each release, it's getting harder to keep them out of the workplace. Proliferation of the iPad has only heightened enterprise hunger.

For some IT shops, it's not that big a deal. Others are more reluctant. What follows are just a few of the concerns CSO has heard from industry experts, and what -- if anything -- can be done to improve the security controls.

Everything I've learned about mobile security tells me it's bad to use the consumer-based technology for work. That's where all the bad stuff comes from. That includes devices like the iPhone and iPad.

The Apple Army, a group of people that reminds me of a more fanatical, less forgiving version of the KISS Army (even the KISS Army will tell you the band's disco album should be burned) will tell you Apple products are superior to all the rest from a security standpoint. Apple products don't get malware infections and users need not worry about their data falling into evil hands, the Apple Army tells me. That stuff only happens in the Windows universe.

I usually present Security Wisdom Watch as a list of thumbs up and down, but this month it's all thumbs down, thanks to the recent state of affairs in the social media world.

This is a sequel of sorts to a column I wrote last week called " Social Stupidity: Am I too social (LinkedIn, so to speak) to be saved." In that piece, I focused on my own challenges in getting security right in the social networking world. This installment focuses more on how the platform providers themselves are making matters worse.

The summer blockbuster season has officially kicked off with Iron Man 2, an action-packed superhero flick that had the fifth-highest-grossing opening weekend in Hollywood's history. Whether you like the movie or not, at least one thing about it rings true — the plot and the characters provide a striking reflection of today's tech security industry.

More: 2010 'Geek and Tech' Summer Movie Preview

Google. Twitter. Government websites. Fortune-500 companies. All are victims of crippling distributed denial-of-service (DDoS) attacks. The attacks have grown in reach and intensity thanks to botnets and a bounty of application flaws. This collection of articles will bring you up to speed on how the threat has evolved and what you can do to better protect your organization.

PODCASTS

Tyler Shields, senior member of the Veracode Research Lab, spends a lot of time picking apart those BlackBerry devices that are ubiquitous across the enterprise. What he's found may disappoint those who thought they were secure.

At this week's SOURCE Boston conference, Shields will present his findings in a talk called "BlackBerry Mobile Spyware -- The Monkey Steals the Berries.