Tiny Trojan May Pose More of a Threat Than the Giant Flame: Lots of attention has been focused on the Flame spyware this week, but\u00a0a small program called Tinba is probably a bigger threat to most of us. Although Flame is a giant with 20 MB of code, Tinba uses just 20 KB and a number of well-worded man-in-the-browser tricks to defeat two-factor authentication. CSIS in Denmark says the malware doesn't bother with any encryption or packing, and it is slipping past a lot of desktop defenses. Tinba injects itself into a number of common processes, including\u00a0firefox.exe, explorer.exe and svchost.exe. It is designed to steal online-banking and credit-card information\u00a0from compromised computers, and it makes each infected machine part of a botnet that reports to one of four known command-and-control servers. Flame is more powerful, but it has so far been found on very few computers.\n\tObama Increases Cyber Attacks on Iran: President Obama has significantly increased cyber attacks against Iran since he first took office, according to the New York Times. The attacks, which started under President Bush, target the computer systems that run Iran\u2019s main nuclear enrichment facilities. Obama ordered the attacks to continue \u201ceven after an element of the program accidentally became public in the summer of 2010 because of a programming error that allowed it to escape Iran\u2019s Natanz plant and sent it around the world on the Internet.\u201d That program was identified by security experts who named it Stuxnet.\n\tChinese-Made Silicon Chip Could\u00a0be Threat to U.S. Defense: A Chinese-manufactured chip used by the U.S. government has a hardware defect\u00a0that could let attackers tamper with sensitive applications\u00a0related to national security. University of Cambridge researchers found a secret access point in a field-programmable gate array, a device which can be configured by users to add custom functionality. The Actel ProASIC3 (AP3) chip used by California-based defense contractor Microsemi is used in weapons, flight controls, power distribution and nuclear power plants, according to a\u00a0study.\n\tSpyware\u00a0Targets Iranian, Syrian Dissidents: The popular proxy tool Simurgh, used to circumvent censorship efforts, is also being used to install spyware aimed at Iranian and Syrian Web users. A team at the University of Toronto\u00a0said installation software for Simurgh also installs keylogging spyware. Simurgh, designed to make Web use anonymous and give access to blocked sites, had a Trojan added to it which sends data from victims' PCs to a site registered with a Saudi Arabian ISP. The data can include the computer operators' usernames and machine names, as well as every window clicked and every keystroke entered. Visitors to the website of Simurgh\u2019s developers are now warned that versions of the software installer downloaded from the file sharing service 4shared have been compromised.