PC Tools News
How criminals unleash Internet worms
22 April 2009 | USA Today
It's become the new front in cybercrime: scams and identity-theft programs that attack e-mail accounts and users of social-networking sites such as Facebook and MySpace. To carry out many of these automated attacks, cybercriminals first must overcome "captchas," the distorted letters and characters that users of an e-mail or social-networking account are required to type to complete certain online forms. For years, captchas have helped to stop or bog down automated programs aimed at creating, among other things, e-mail accounts that promote scams such as fake computer virus protection. Related News: Cybergangs infiltrate social network sites (23 April 2009 | UPI.com)
Cybergangs infiltrate social network sites (23 April 2009 | MarketWatch) Cybergangs infiltrate social network sites (23 April 2009 | Breitbart.com) Cybergangs infiltrate social network sites (23 April 2009 | WebIndia123.com) Cybergangs infiltrate social network sites – United Press International (23 April 2009 | Uptown Websites)
Google’s CAPTCHA experiment and the human factor
21 April 2009 | ZDNet by Dancho Danchev
Koobface is eating every social network’s internal CAPTCHA barrier for breakfast not because the Koobface gang is taking advantage of CAPTCHA recognition algorithm, but because it’s relying on CAPTCHA solving services. Sergei Shevchenko at ThreatExpert demonstrated the process in December, 2008, and pointed out that :
21 April 2009 | The Register by John Leyden
Security researchers Ben Edelman, an assistant professor at the Harvard Business School, and Chris Boyd, of Facetime Security, continued to document evidence of malpractice. Zango consistently denied any wrongdoing. Security firms routinely labeled Zango's software as adware, or at least potentially unwanted. Zango's separate attempts to sue Kaspersky Lab and PC Tools over such listings both failed in 2007. Related News: Loathed spyware vendor Zango disappears (21 April 2009 | Computer World by Gregg Keizer)
Personal Tech: Gadget News and Reviews
17 April 2009 | Washington Post by Rob Pegoraro
Then today I received an email from a company (PC Tools) talking about Mac Malware. I did more research and found an article in the Guardian about how there are a couple of trojans out there specifically for Macs. So now I'm thinking its time to do more research and be prepared but I have no idea where to start. Am I worrying for nothing?
Conficker Now Bundled With Spyware Protect 2009
17 April 2009 | Shawn’s Technology Corner
I highly recommend that you make sure your computer is protected with some sort of Internet Security Package. Spyware Doctor is a great example as it offers both spyware removal & real time protection. The real time protection engine will not only protect you from getting spyware, but it also gives you the option to block ads that are known to distribute spyware. You can download Spyware Doctor by clicking here.
19 April 2009 | macwereld.nl
First and foremost make sure that you and your fellow Mac users, exercise caution, have Mac specific security software installed and that your existing version of iAntiVirus is up to date – there's a free version or you can purchase a version with full functionality and support for only $29.95. It's also vital that you enable and install the latest Mac security updates. Regards PC Tools Team
Threat Update
23 April 2009 | PC Mag
I's not one of the sexy attention-grabbing trojans out there, but Vundo is a major problem in the real world of malware. Vundo is perhaps most infamous for being especially resistant to removal, but now Microsoft is reporting that recent variants are employing worm behavior. They have added a new detection for Worm:Win32/Vundo.A. The new behavior consists of copying itself to mapped drives on the infected machine, either to a random file name in the root of the share or with the same name it has originally to a random directory it creates on the share.
Security researchers uncover massive, fast-growing botnet
22 April 2009 | Computer Weekly by Warwick Ashford
Security researchers have uncovered a fast-growing worldwide botnet of 1.9 million government, corporate and private computers, it was revealed today. The botnet has been in use since February and is hosted in the Ukraine, according to a report by security firm Finjan. They have tied the botnet to a six-member cybergang that was selling control of batches of 1,000 compromised computers for as little as £30 to £70. Related News: Finjan finds botnet of 1.9 million infected computers (21 April 2009 | CNET News by Elinor Mills)
Twitter riddled with worms and scams (again)
20 April 2009 | The Register by John Leyden
Multiple new versions of the Mikeyy cross-site scripting worm spread across the Twitter micro-blogging network over the weekend. The first in the latest batch of worms berated Twitter for poor security. Mikeyy Mooney, the VXer who got a job in security days after creating the first Twitter XSS worm over the Easter holiday weekend, has confessed to creating this worm too. (Comments by Sophos). Related News: Phishing Scam Plagues Twitter via E-Cards (20 April 2009 | PC Magazine by Chloe Albanesius)
New Twitter Worm targets celebrities
19 April 2009 | IDG News Services by Agam Shah
A worm referencing celebrities such as Ashton Kutcher and Oprah Winfrey is rapidly spreading across microblogging site Twitter, security firm Sophos said on Friday. The worm hacks into Twitter profiles and automatically sends unauthorized Twitter status updates to contacts from the hacked accounts. Users who look at infected profiles are then automatically infected, and unauthorized posts are automatically sent to their contacts.
17 April 2009 | iTnews Australia by Shaun Nichols
A rash of malware for MacOS X systems is now being used to run a botnet, according to researchers. First spotted in January, the Trojan had been bundled into copies of pirated MacOS software. At the time of discovery, researchers noted that the malware payload included tools which could allow an attacker to remotely take control of an infected system. Now, it appears as if those components are being put to use.
(Comments by Symantec, McAfee) Related News: iWork Trojan may be turning Macs into zombies (17 April 2009 | Macworld by Dan Moren) Mac attack: Bot herders going after Apple computers (17 April 2009 | SC Magazine US by Greg Masters); Mac hacked to Form Botnet (17 April 2009 | PC Mag by Larry Seltzer); The First Mac Botnet…Or Is it? (17 April 2009 | Security Watch by Larry Seltzer)
Mac Exploit Enters System Through VMWare
19 April 2009 | Computer World by Gregg Keizer
A bug in VMware's Fusion virtualization software could be used to run malicious code on a Mac by exploiting Windows in a virtual machine, a security researcher said last week. VMware has released Fusion 2.0.4 to plug the hole. According to Kostya Kortchinsky, an exploit researcher at Immunity Inc., a critical vulnerability in VMware's virtual machine display function can be used to read and write memory on the "host" operating system — the OS running the physical hardware.
20 April 2009 | CRN Australia by Shaun Nichols
Security researchers are warning administrators to secure their servers in the wake of new Secure Shell (SSH) attacks. Researchers at security firm SANS warned that so-called 'brute force' attacks were occurring on a "daily" basis. The attacks attempt to guess usernames and passwords in an attempt to compromise the server.
Hackers hijack DNS records of high profile New Zealand sites
21 April 2009 | ZDNet by Dancho Danchev
Remember the DNS hijackings of such high profile sites such as Comcast, Photobucket, and ICANN/IANA domains that were taking place last year? Similar incidents are still happening. Today, a web site defacement group known as “The Peace Crew” has successfully hijacked the DNS records for high profile New Zealand web sites, through what Zone-H claims to be a SQL injection at New Zealand’s based registrar Domainz.net, in order to redirect the visitors to a defaced page featuring the infamous Bill Gates pieing photo, as well as anti-war messages. Related News: Turns hijack Kiwi MSN via DNS cracks (22 April 2009 | The Register by Dan Goodin); Hackers put cream pie on Bill Gates in New Zealand (22 April 2009 | Earth Times)
Rogues besmirch F-Secure with dodgy ad campaign
17 April 2009 | The Register by John Leyden
Miscreants have attempted to trick users interested in finding out more about Finnish security firm F-secure into buying a rogue utility. Searching for "F-Secure" on Thursday lead to the rogue products, not through the usual method of black-hat Search Engine Optimization but through malicious Google ads. The dodgy ads pointed to update-xp.com, a utility that claimed to fix problems with F-Secure's software. In reality the utility reports a plethora of non-existent problems in a bid to scare marks into handing over $34.95 for a full version of the ErrorRepair tool. Related News: Rogue product ads on F-Secure, McAfee, Trend Micro searches (17 April 2009 | SC Magazine US by Angela Moscaritolo)
Vendors get cold feet about revealing software flaw
17 April 2009 | IDG News Services by Jeremy Kirk
Researchers have pulled out of a presentation which was expected to reveal details of a major security vulnerability, citing concerns that hackers could exploit the flaw. The last minute cancellation of a press conference at the Black Hat security event was because the flaw was so sensitive that even revealing the vendor affected could potentially cause hackers to start poking around with applications or operating systems to try to figure it out, said Jeff Moss, Black Hat's CEO.
Criminals offer huge sum for flawed mobile
20 April 2009 | IDG News Services by Jeremy Kirk
Criminals are willing to pay thousands of euros for a discontinued Nokia mobile phone with a software problem that can be exploited to hack into online bank accounts, according to a fraud investigator in the Netherlands. About 10 days ago, investigators observed someone transfer €25,000 (£22,200 or $32,413 US) for a Nokia 1100 phone, said Frank Engelsman of Ultrascan Advanced Global Investigations.
Researcher releases tool to hide malware
17 April 2009 | IDG News Services by Jeremy Kirk
A computer security researcher has released a tool that can simplify the placement of difficult-to-detect malicious software in Microsoft's .Net framework on Windows computers. The tool, called .Net-Sploit 1.0, allows for modification of .Net, a piece of software installed on most Windows machines that allows the computers to execute certain types of applications.
Concern as Microsoft fails to patch PowerPoint flaw
22 April 2009 | iTnews Australia by Iain Thompson
Security experts are expressing concern at Microsoft's failure to patch a flaw in PowerPoint that is already being exploited by malware writers. The flaw is being used in attacks at the moment and many were expecting a patch at the last Patch Tuesday but to date there has been no sign of the fix. (Comments by Sophos)
Cyberspies hack into U.S fighter project
21 April 2009 | Reuters by Peter Cooney
Computer spies have repeatedly breached the Pentagon's costliest weapons program, the $300 billion Joint Strike Fighter project, The Wall Street Journal reported on Tuesday. The newspaper quoted current and former government officials familiar with the matter as saying the intruders were able to copy and siphon data related to design and electronics systems, making it potentially easier to defend against the plane. Related News: Secret US fighter project hit by mystery hack (21 April 2009 | IDG News Services by Sumner Lemon)
Hackers stuff ballot box for Time Magazine’s top 100 poll
17 April 2009 | The Register by Dan Goodin
Time Magazine's poll of the 100 most influential people has been hacked by a motley band of online troublemakers who have managed to manipulate the top 21 names so their first letters spell "marblecake, also the game." According to an inside account detailed by blogger Paul Lamere, members of the 4chan website exploited weaknesses in the web application that Time used to record reader votes.
Phishing Scams
Phishing Scams Surround PayPal Account Holders – 21 April 2009 | SPAMfighter
National Australia Bank Issues Warning Against Phishing 18 April 2009 | SPAMfighter
Phishing E-mails Target MSU Students’ Webmail Account 17 April 2009 | SPAMfighter
Wal-Mart scam sweeps the web 21 April 2009 | 14wfie
Industry News
Apple netbooks manufactured by Foxconn rumoured
21 April 2009 | PC Authority by Sylvie Barak
We've picked up on some Chinese whispering which would have us believe Apple could be about to release its very own netbook, with Foxconn Electronics chosen as the fruity toymaker's main manufacturing partner. Digitimes and a plethora of Russian hardware sites are quoting Chinese-language site Commercial Times, which in turn is quoting sources from the component supply chain.
Chinese Hackers Targetting NYPD Computers
23 April 2009 | Slashdot
"A network of hackers, most based in China, have been making up to 70,000 attempts a day to break into the NYPD's computer system, the city's Commissioner, Raymond Kelly, revealed Wednesday. Kelly suggested that 'perhaps it is because of the NYPD's reach into the international arena' that they are being targeted for computer hacking 'in much the way the Pentagon has been. Related News: Lockheed fends off Chinese hack attack (23 April 2009 | Australian IT by Mark Dodd)
Conficker’s estimated economic cost? $9.1 billion
23 April 2009 | ZDNet by Dancho Danchev
In a recent blog post, the Cyber Secure Institute claims that based on their previous studies into the average cost of such malware attacks, the economic loss due to the Conficker worm could be as high as $9.1 billion. Despite that their analysis also considered a much limited infection rate (200,000 infected hosts), they claim that the cost of the virus in this case is still around $200 million.
Researchers turn Conficker’s own P2P protocol against itself
23 April 2009 | Computer World by Gregg Keizer
Security researchers have updated a free tool that sniffs out the notorious Conficker worm on infected PCs by using the same peer-to-peer (P2P) protocol the malware relies on to communicate with its hacker masters. Symantec Corp.'s security intelligence analysis team has worked with Ron Bowes, a contributor to the Nmap scanner, to come up with a way to detect machines infected with Conficker.c and later variants.
Botnet PCs send 25k spam emails per hour
23 April 2009 | PC Advisor by Gregg Keizer
Security researchers have warned that bot-infected PCs can send as many as 25,000 spam messages each per hour,and 600,000 per day. Email security firm Marshal8e6 deliberately infected machines in the lab of its research arm, TRACElabs, with the malware responsible for the world's nine biggest spam botnets, then observed the PCs' behaviour, including each bot's top-end spam capacity.
(Comments by TRACElabs) Related News: Botnet speed test uncovers drag racers of malware (23 April 2009 | The Register by John Leyden)
So, having ditched Acrobat, what now?
23 April 2009 | Techworld by John E. Dunn
Was respected security techie and F-Secure CTO, Mikko Hypponen, right to condemn the Acrobat PDF as a menace to e-society? Worry over PDFs is nothing new, with hack-crafted versions having been used regularly to attempt spam filter evasion for at least two years. And then there are the occasional big holes. But according to Hypponen, nearly half of the targeted attacks his company has found this year have been aimed at exploiting the PDF or its Acrobat reader, a striking level of malevolence. (Comments by F-Secure)
Can security concerns kill cloud computing?
23 April 2009 | IT Pro by Mya Knight
It seems as though not much new is happening in enterprise IT development that doesn’t involve the cloud. The uptake of outsourcing and software-as-as-service (SaaS) based delivery models has softened end-using organisations to the idea of not necessarily owning the IT infrastructure their business may rely on. The advent of the cloud has even encouraged blue-sky thinkers to declare it will, one day, render the IT department redundant. Related News: Cloud computing a ‘security nightmare’, says Cisco CEO (23 April 2009 | IDG News Services by Robert McMillan)
Adware Firm Driven Under by Security Industry
22 April 2009 | PC Magazine by Larry Seltzer
Adware firm Zango has shut their doors for good, according to multiple news accounts. Zango had been known by a number of names over the years, including Hotbar and 180 Solutions, but always known for aggressively pushing "adware," which is software that pushed advertising to the user. The abuse led them to be classified as malicious and undesirable code by security software, which led Zango to sue and threaten Symantec, Kaspersky, Zone Labs and others.
Malicious program targets Macs
23 April 2009 | CNN by John D. Sutter
Mac computers are known for their near-immunity to malicious computer programs that plague PCs. But that may be changing somewhat, according to computer security researchers. It seems that as sleek Mac computers become more popular, they're also more sought-after targets for the authors of harmful programs. (Comments by Symantec, McAfee)
Security flaw leads Twitter, others to pull OAuth support
22 April 2009 | CNET News by Caroline McCarthy
A security hole in OAuth, the open-source protocol that acts as a "valet key" for users' log-in information, has led services like Twitter and Yahoo to temporarily pull their support, CNET News has learned. Some developers were dismayed when Twitter pulled its support for OAuth, which it had only recently started to implement: blogger Jesse Stay wrote in a post about other restrictions to Twitter's developer API that its removal of OAuth is one of a number of recent examples of how the microblogging service has "pulled the rug out from under its developers."
One bot infected PC = 600 000 spam messages a day
22 April 2009 | Computer World by Gregg Keizer
Some bot-infected PCs can crank out as many as 25,000 spam messages per hour, new research released today claimed. Orange, Calif.-based Marshal8e6 deliberately infected machines in the lab of its research arm, TRACElabs, with the malware responsible for the world's nine biggest spam botnets, then observed the PCs' behavior, including each bot's top-end spam capacity. TRACElabs concluded that Rustock and Xarvester, the latter perhaps linked to the down-and-out Srizbi botnet, are the most efficient spam spewers of the nine bots.
Control over cybersecurity becomes decisive issue
16 April 2009 | NY Times by James Risen and Erik Lichtblau
The National Security Agency has been campaigning to lead the government’s rapidly growing cybersecurity programs, raising privacy and civil liberties concerns among some officials who fear that the move could give the spy agency too much control over government computer networks. The Obama administration is expected to complete an internal cybersecurity review on Friday and may publicly announce its new computer-security strategy. Related News: Obama gets security review (18 April 2009 | SC Magazine US by Chuck Miller)
Teen Twitter worm writer gets a job, spreads new worm
17 April 2009 | CNET News by Elinor Mills
The teenager who takes credit for the worms that hit Twitter earlier this week has been hired by a Web application development firm and on Friday released a fifth worm on the microblogging site, he said.Twitter fought off four waves of worm attacks last weekend and into Monday in which Twitter users were infected just by clicking on the name or image of someone whose account was infected. The worms appeared to do no damage other than spread to infected users' followers and modify profile pages. Related News: Twitter worm author gets security job (17 April 2009 | The Register by John Leyden); Twitter worm culprit gets hacked (18 April 2009 | IT Sneak)
Firefox Addon Fights Social Network Phishes
22 April 2009 | PC World by Erik Larkin
Crooks are targeting social network sites such as Twitter and Facebook with aggravating attacks that might send a message that reads "Don't Click! www.tinyurl.com/XXXXXXXX." But a Firefox addon called LongURL can quickly reveal the real URL and foil the scam. At the ongoing RSA security conference today, Graham Cluley of Sophos displayed examples of both malicious and prankster attacks on social networks, including a Twitter attack like that described above, and the recent "Mikeyy" worm.
Hackers use UK gov’t PCs in a botnet
22 April 2009 | PC Advisor by Carrie-Ann Skinner
Cyber criminals have managed to take control of a number of US and UK government PC's, using them in a two million strong botnet, says Finjan. According to the security firm, machines within six UK government organisations had been taken over by the cyber criminals. Once a machine has been recruited into a botnet, it is then instructed to download further malicious software which will allow hackers to access email addresses stored on the machine, copy sensitive files and data or even record keystrokes typed on the machine, which ensure bank accounts can be accessed.
21 April 2009 | eWeek by Michael Vizard (Podcast)
In this eWEEK podcast hosted by Mike Vizard, Veracode CEO Matt Moynahan talks about what's wrong with application development when it comes to security and how to fix it.
Microsoft security chief trapped in endless identity sales pitch
21 April 2009 | The Register by Dan Goodin
RSA Microsoft on Tuesday gave the world a sneak peak at technology it said would streamline the process of validating people's identity without compromising their privacy. Code-named Geneva, the software provides a framework for schools, businesses, and other large organizations to more safely manage sensitive data about their members. Rather than storing a vast array of data, the system collects only the identity attributes a member chooses to divulge.
Windows 7 security enhancements
20 April 2009 | CNET News by Elinor Mills
Windows 7 makes remote connectivity to corporate networks seamless, protects data on thumb drives, and offers fewer user account control prompts to bug users compared to Vista, Microsoft said on Monday.The software giant began an education blitz about the security features of the newest version of its operating system at the start of the RSA 2009 security conference. Windows 7, which was released in public beta in January, will have 29 percent fewer user account control (UAC) prompts than Windows Vista has.
Net security, Windows 7 and Conficker under security
21 April 2009 | IDG News Services by Sumner Lemon
Cross-domain security on the Internet, Windows 7 vulnerabilities and the Conficker worm will be among the topics under scrutiny at the Hack In The Box Security Conference (HITB) held in Dubai this week. "A lot of time and energy is spent looking at cross-domain issues in web applications. However, there's little point having a secure web application if the underlying platforms, such as Web browsers and common Web plugins, have cross-domain issues themselves," said Chris Evans, security lead at Google, in an e-mail.
21 April 2009 | Computer World by Scott Bradner
This story goes back to at least 2001 when Bob Sullivan of MSNBC and Ted Birdis of AP broke the story of Magic Lantern. At the time the FBI did not want to say much, but now there is real information that clears up some things and reinforces real concerns over this approach. Law enforcement is faced with some very hard problems when it tries to find and get evidence on bad guys.
85% of malicious sites only online for 24 hours
20 April 2009 | PC Advisor by Carrie Ann Skinner
More than 80 percent of websites that had been poisoned with malicious code between 2008 and 2009 were removed within 24 hours, says AVG. The security vendor's Web Threat Profile Report estimated that on any one day between 8 and 14 million web users are being exposed to social engineering scams, such hoax Facebook pages or rogue security apps that encourages surfers to download malicious software to their PC.
Secure software? Experts say it’s no longer a pipedream
20 April 2009 | CNET News by Elinor Mills
With the Conficker worm still hot and Microsoft patching multiple more software vulnerabilities last week, it might be reasonable to assume the bad guys are winning the battle to get control over Internet-connected computers. That's not necessarily the case. Developers are increasingly equipped with tools to shore up their products and vendors are collaborating in unprecedented ways to not only close holes in software, but also make sure they aren't in there in the first place, according to security experts.
Device fingerprinting defends against online fraud
20 April 2009 | Network World by Linda Musthaler
At the recent Web 2.0 Expo, PayPal’s senior director of global risk management, Katherine Hutchison, warned that online fraud is on the rise. There are many factors behind this rise, not the least of which is the rapid growth of the underground cybercrime economy. Criminals have established vast botnets comprised of millions of computers that are unknowingly controlled by malicious masters.
NEC gets into security software
20 April 2009 | Network World by Tim Greene
Japanese network equipment vendor NEC is making its first foray into security software at RSA Conference 2009 with the introduction of a Web application firewall to the U.S. SiteShell is a software platform developed by NEC and sold in Japan since last summer. It blacklists traffic determined to be dangerous based on signatures, but customers can impose a set of exceptions on top of the list to allow legitimate traffic that might appear malicious, the company say.
Soaring online crime hits consumer confidence
20 April 2009 | VNUNet by Phil Muncaster
Nearly three-quarters of UK consumers believe that the recession has put them at greater risk of identity theft and related crimes, according to the latest biannual Security Index report from Unisys. The software and services firm surveyed nearly 1,000 UK citizens, and found that 88 per cent are worried about criminals obtaining and using their credit card or bank details, or gaining unauthorised access to or misusing their personal information.
Analysis: does your PC need security software?
18 April 2009 | PC Advisor by Robert Vamosi and Rick Broida
The hype surrounding Conficker and the Twitter worm has only served for security experts to issue warnings about installing antivirus software. But is it really necessary? Can you survive without a security suite? Two experts give us their views. The recent hype over the Conficker virus has gone hand-in-hand with advice about how best to protect your PC safe from malware, viruses and other malicious software.
Conficker Infection Analysis Turns Spotlight on Number of Compromises
17 April 2009 | eWeek by Brian Pierce
An analysis by Kaspersky Lab has identified roughly 200,000 unique IPs participating in Conficker's peer-to-peer network. That number, however, only represents a small portion of those affected by the worm. Has the number of Conficker infections been overhyped? Not necessarily.
Five Steps to Ditching Malware
18 April 2009 | Computer World by Michael Horowitz
Malware (malicious software) seems to be getting worse. No surprise, since there's big money in it as a recent article in the Wall Street Journal pointed out. Typical scams aim to scare unsophisticated users with phony warnings that their computer is infected with a virus. Conveniently, the warning is followed by prompts to install software to remove the virus. Victims pay for the phony antivirus software and end up infected to boot.
Wanted: Computer hackers…to help government
19 April 2009 | AP Wire by Lolita C. Baldour
Federal authorities aren't looking to prosecute them, but to pay them to secure the nation's networks. General Dynamics Information Technology put out an ad last month on behalf of the Homeland Security Department seeking someone who could "think like the bad guy." Applicants, it said, must understand hackers' tools and tactics and be able to analyze Internet traffic and identify vulnerabilities in the federal systems.
Internet hampered by lack of trust
17 April 2009 | IDG News Services by Robert McMillan
Cybercriminals are increasingly exploiting the anonymity of the Internet according to Microsoft's senior security executive, Scott Charney. He said that the Internet needed to become more trustworthy. In a video posted ahead of Charney's keynote at next week's RSA security conference, Microsoft's Corporate Vice President of Trustworthy Computing described how anonymity was creating problems for legitimate users.
UK govt to reassess tech strategy
21 April 2009 | ZDNet Asia by Tom Espiner
The government has announced a review of its strategy for promoting U.K. technology and innovation. Business secretary Peter Mandelson said in a statement on Monday that the government would seek to remove barriers to enable Britain to remain competitive in an economic upturn. "To succeed in this hi-tech, low-carbon economy of the future, to drive growth and to secure more high-value jobs in the UK, we need to act," said Lord Mandelson.
U.S. to create cybersecurity military command
21 April 2009 | Reuters
The Obama administration plans to create a new military command to focus on Pentagon computer networks and offensive capabilities in cyberwarfare, The Wall Street Journal reported on Tuesday, citing current and former officials familiar with the plans. The initiative will reshape the military's efforts to protect its networks from attacks by hackers, especially those from countries such as China and Russia, the newspaper said.
New approach needed to tackle cyber gangs
22 April 2009 | Computer World by Gregg Keizer
Law authorities should take a radical new approach against cyber criminals said a leading security researcher. Criminal gangs must be harried, hounded and hunted until they're driven out of business, said Joe Stewart, the director of SecureWorks' counter-threat unit. "We need a new approach to fighting cybercrime," said Stewart. "What we're doing now is not making a significant dent."
Shavlik puts cheap AV into patching system
22 April 2009 | Tech World by John E. Dunn
Patching-to-security company Shavlik has announced the latest version of its NetChk Protect 7.0 software with a little surprise for the faithful. From version 7.0 on, antivirus has been integrated at "insignificant" cost. Given that anti-malware software for a PCs is normally a relatively pricey but necessary add-on, getting it as part of a patch management system for little outlay looks like a good deal.
Researcher wants hacker groups hounded mercilessly
21 April 2009 | Computer World by Gregg Keizer
Criminal cybergangs must be harried, hounded and hunted until they're driven out of business, a noted botnet researcher said today as he prepared to pitch a new anti-malware strategy later this week at the RSA Conference in San Francisco. "We need a new approach to fighting cybercrime," said Joe Stewart, director of SecureWorks Inc.'s counterthreat unit. "What we're doing now is not making a significant dent."
The state of spam 2009, Part 4
21 April 2009 | Network World by M. E Kabay
There are many innovations to choose from, many of which are back-end changes that are not visible to the public. Cloudmark also has several new products and services coming out this year, which are yet to be announced. However, the one I’m personally most excited about is Cloudmark ActiveFilter. The core battle between spammers and antispam vendors comes down to a race against time.
Users not patching third party apps
21 April 2009 | iTnews Austrlia by Iain Thomas
Research by vulnerability specialists Secunia suggests that third party applications are increasingly being used by malware writers in preference to using operating system attacks. The Danish company said that data from its free Personal Software Inspector (PSI) tool showed that there were far more unpatched applications than operating systems among users. Furthermore application patches were left open to abuse for far longer than operating system patches. (Comments by Secunia)
Malware Had a Great Year in 2008
19 April 2009 | PC World by Ellen Mesmer
The year 2008 saw a huge increase in malicious code threats, and the United States retained the dubious distinction of being the top cyber sore spot, according to Symantec's Internet Security Threat Report for 2008. The security firm identified 1,656,227 new malicious-code threats, up 265% from the year before, and financially motivated criminal activity was a recurring theme.
19 April 2009 | PC Advisor by Carrie-Ann Skinner
Spyware increased by 10 percent in the first quarter of 2009, compared to the same period last year, says Panda Security. According to PandaLabs, the security vendor's malware detection and analysis centre, the number of Trojans released onto the web increased by 31.5 percent compared to Q1 2008, while there was 21 percent more adware than in the same period last year.
Hackers Launching More Phishing Attacks to Exploit Recession
17 April 2009 | SPAMfighter
According to a new report from research company Gartner, more Americans are becoming susceptible to online fraud during the current time of economic recession. The company states that over 5 Million consumers in the United States lost cash due to phishing assaults over a 12-month period ending in September 2008, resulting in a 39.8% rise from the preceding 12 months (October 2006-September 2007).
Phishers get more willy as cybercrime grows
17 April 2009 | Reuters by Diane Bartz
Phishing scams have grown up from the unsophisticated swindles of the past in which fake Nigerian princes e-mailed victims, who would get a big windfall if they just provide their bank account number. Even as authorities try to stamp out that con and other e-mail and online scams, scammers are getting more wily and finding new loopholes to exploit.
18 April 2009 | David Lacey’s IT Security Blog
The Yorkshire Post quoted me in an article about Spam a few days ago. I admit that I do come across as a bit of a doomsayer. But surely someone needs to in a blinkered business world that seems to be content to carry on regardless, just like a colony of frogs in boiling water. We need concerted action to tackle the growing threats of spam and malware.
To catch a (cyber) thief: It’s not easy
22 April 2009 | CNET News by Charles Cooper
The FBI agent whose undercover sting operation led to the dismantling of an international cybercrime ring believes that increasing transnational police cooperation is turning the tide against digital criminals. J. Keith Mularski, a special agent who works in the Federal Bureau of Investigation's Cyber Division, says that when it comes to fighting cybercrime, the bad guys may still hold a technological upper hand but that the good guys are getting better.
Why the Top U.S. Cyber Official is Losing Sleep
23 April 2009 | CSO by Bil Brenner
The United States' top cybersecurity official already knew the world's digital infrastructure needed help before she took on a 60-day cyberspace policy review. With the review now complete, she admits the gravity of the situation seeps into her dreams and disturbs her sleep. "I worry about [questions surrounding cyber security] every night; they infiltrate my dreams," Melissa Hathaway, acting senior director for cyberspace for the National Security and Homeland Security Councils, said in a keynote speech at the RSA Conference Wednesday.
One third of employees would steal sensitive data
23 April 2009 | PC Advisor by Carrie Ann Skinner
More than one third of employees would steal sensitive company information if they thought they could earn a decent price from the theft, says Infosecurity Europe. Research by the security event organiser revealed that of those willing to steal sensitive data, 63 percent would expect at least £1m for their troubles, while 10 percent want enough to pay off their mortgage. Worryingly, 2 percent admitted all they'd want in return for data theft was a slap up meal.
Mozilla patches 12 Firefox bugs, a third of them critical
21 April 2009 | Computer World by Gregg Keizer
Mozilla Corp. on Tuesday patched 12 security vulnerabilities in Firefox 3, just days before it hopes to roll out the newest beta of its next open-source browser, Firefox 3.5. Of the dozen flaws fixed in Firefox 3.0.9, four were rated "critical," two "high," two "moderate" and four "low" in Mozilla's four-step ranking system. It was the most vulnerabilities Mozilla has patched since December 2008, when it quashed 13 bugs. Related News: Firefox 3 update release (22 April 2009 | Web User)
Gotcha!
Teen hacker sentence to 11 months
20 April 2009 | Boston Herald by Associated Press
A teenage computer hacker who took control of thousands of computers in "botnet" attacks, made hoax 911 calls that resulted in SWAT team responses and bought goods using stolen credit card numbers has been sentenced to 11 months in a juvenile detention center. The now 17-year-old male from Worcester, referred to in court records only as "N.H." or by his online moniker "Dshocker," pleaded guilty to computer fraud, interstate threats and four counts of wire fraud in November. Related News: Teenage hacking menace jailed for 11 months (21 April 2009 | The Register by John Leyden)
FBI used spyware to catch cable-cutting extortionist
18 April 2009 | Computer World by Gregg Keizer
The FBI used spyware to catch a Massachusetts man who tried to extort Verizon and Comcast by cutting 18 data- and voice-carrying cables in 2005, documents obtained under the Freedom of Information Act by Wired.com revealed yesterday. Although the man's name was redacted in the documents provided to the Web site, their description of the case matches that of Danny M. Kelly, an unemployed engineer who at the time lived in Chelmsford, Mass.
Tags: Computer Secutiry, Computer Secutiry News, Spyware, Spyware News
