Apple has shipped a new version of its Safari browser with fixes for 16 serious security vulnerabilities but, based on what I’m hearing, this patching frenzy may not be enough to avoid another embarrassment at this year’s CanSecWest Pwn2Own hacker challenge.

The newest Safari 4.0.5 update, available for Windows and Mac OS X, patches several flaws that could lead to remote code execution if a user simply surfs to a rigged Web site. These are exactly the kinds of drive-by download attack vulnerabilities that typically used to attack Safari in the Pwn2Own contest.

At the RSA Conference last week, I spent a few minutes talking to hacker Charlie Miller about his plans for this year’s contest and he was quite blunt about the fact that he’s going to CanSecWest with a few Safari zero-day flaws in his back pocket.

Since Miller (almost) never reports vulnerabilities to software vendors, it’s a safe bet those flaws will remain unpatched until after the Pwn2Own contest, which is scheduled for the end of this month. Miller exploited Safari vulnerabilities to win the contest in 2008 and 2009.

This year’s challenge will have a big focus on mobile devices. The organizers have put up a $60,000 bounty to entice hackers to exploit vulnerabilities on iPhones, Android, Nokia and BlackBerry smartphones. However, the Web browser is still in play with Safari on Mac and Safari on Windows on the list of targets.

Iran has arrested 30 people suspected of belonging to a U.S.-linked cyber network gathering information on Iranian nuclear scientists and sending people abroad for training, a news agency reported on Saturday.

It said the group sought to recruit people through the Internet for training in Iraq with the People’s Mujahideen Organization, a leftist exile group which launched attacks on the Islamic Republic from Saddam Hussein’s Iraq

“Thirty people were arrested in connection with an organized American cyber war network via a series of complex security measures in the field of information technology and communications,” the Fars news agency said.

Tehran’s general and revolutionary court said one of the group was linked to an outlawed sect — a reference to the Baha’i religious minority, the agency said.

“Among the charges against this network are creating an intelligence gathering network, including identification of the country’s nuclear scientists and staging illegal demonstrations and encouraging the public to take part in them after the presidential elections,” it said.

Talks with China over censorship have reached an apparent impasse and Google, the world’s largest search engine, is now “99.9 percent” certain to shut its Chinese search engine, the Financial Times said on Saturday.

It said in a report on its website Google had drawn up detailed plans for closing its Chinese search engine.

The newspaper cited a person familiar with the company’s thinking as saying that, while a decision could be made very soon, Google was likely to take some time to follow through with its plans.

That would be in order to bring about an orderly closure as the company takes steps to protect local employees from retaliation by authorities, it said.

China warned Google on Friday against flouting the country’s laws, as expectations grow for a resolution to a public battle over censorship and cyber-security.

The Department of Internal Affairs has admitted that the internet filter is now operational and is already being used by ISPs Maxnet and Watchdog. It appears that Maxnet have not told their customers that they are diverting some of their internet traffic to the government system to be filtered.

Thomas Beagle, spokesperson for Tech Liberty, “We’re very disappointed that the filter is now running, it’s a sad day for the New Zealand internet.”

The DIA refuses to say which other ISPs will be joining the filter, claiming the right to negotiate in secret. Tech Liberty understands that Telstra Clear, Telecom and Vodafone have said they will implement the filter, with Orcon, Slingshot and Natcom saying that they won’t.

David Zanetti, technical spokesperson for Tech Liberty, “We fear that the filter will reduce the stability of the internet in New Zealand. It is a single point of failure, introduces a new and very tempting target for hackers, and by diverting traffic will cause issues with modern internet applications.”

The takedown of 100 servers used to control Zeus-related botnets may be a short-lived victory, security researchers said after discovering that about a third of the orphaned channels were able to regain connectivity in less than 48 hours.

The resurrection of at least 30 command and control channels came after their internet service provider found a new upstream provider to provide connectivity to the outside world, autonomous system records

“The problem is that as soon the C&Cs are reachable from the internet again, the cybercriminals can regain the control of their botnet and can safely move the stolen data away from those AS’s to a safer place or to a backup server,” a researcher connected to the Zeus Tracker service told The Register. “Very bad.”

One example of a severed server that was able to reconnect was this one. In all, about 100 of the 249 C&C servers Zeus Tracker monitored lost connectivity. Since then, 30 have been able to reconnect. The researcher, who asked not to be identified by name, said he expected more of the malicious servers will reconnect over time.

China warned Google, the world’s largest search engine, against flouting the country’s laws on Friday, as expectations grow for a resolution to a public battle over censorship and cyber-security.

The chief executive of Google, Eric Schmidt, said this week he hoped to announce soon a result to talks with Chinese authorities on offering an uncensored search engine in China.

Not many grad students see the funny side of science. Meredith Carpenter and Lillian Fritz-Laylin, from the Molecular and Biology Department at UC Berkeley, not only see it but blog it. Their site, ncbirofl.com (National Center for Biotechnology Information, Rolling On the Floor Laughing), is a repository for absurd published scientific papers. Here is their top ten…

The iPhone 4.0 firmware will definitely feature multitasking, claim several sources. Apple is said to have developed a “full-on solution” to multitasking, although no details have been leaked on how problems like battery life, memory use and processor consumption will be handled. The interface for switching between apps is also being kept in the dark, partly because it has a “way to go” before it nears final form.

It is nevertheless claimed by AppleInsider contacts that the task manager will be based on interface technology in Mac OS X, which could potentially refer to the basic Command-Tab switcher, or something like Expose.

Eugene Kaspersky has claimed Apple is blocking attempts to bring third-party security software to the iPhone.

Speaking exclusively to PC Pro, the CEO of Kaspersky Lab claimed Apple has repeatedly refused to deliver the software development kit (SDK) necessary to design security software for the phone.

“We have been in contact for two years with Apple to develop our anti-theft software, [but] still we do not have permission,” said Kaspersky.

Although they are not due to hit store shelves for a few more weeks, Intel is using the always exciting Game Developers Conference currently being held in San Francisco to officially unveil the new Core i7-980X Extreme processor. Intel’s Extreme Edition processors have always been targeted at enthusiasts and hardcore-gamers, so what better place to show off the fastest desktop processor for the PC to date? Unless of course you’re catching it here on the pages of HotHardware, that is.