20 May 2009 | VNUNet by Phil Muncaster

Security companies are warning users not to download Windows 7 release candidate software from peer-to-peer sites, after it was discovered that several versions contain malware. The pirated copies of the software, which are circulating on various networks, are infected with a Trojan downloader embedded in the setup.exe file. Trojan-Dropper.Agent, or Trojan.Agent, can take control of the host computer and add it to a botnet, with the potential to cause system failure. It can also result in identity theft or financial loss for the user, according to Australian security vendor PC Tools. The news comes just a month after criminals released pirated versions of Apple's iWork '09 office software suite containing spyware onto peer-to-peer networks.

20 May 2009 | Infopackets by Dennis Faas

Cybercriminals are continuing to target major news stories and global events such as the recent release of Windows 7 release candidate (RC) and results of the FIFA World Cup. It has been reported that thousands of Windows 7 builds downloaded on Torrent and P2P sharing sites contain a malicious Trojan designed to target personal information and has the potential to cause system failure and identity theft. Phishing attacks have targeted the 2010 FIFA World Cup Tournament and evidence suggests that the attacks will continue to escalate, as demonstrated during the previous FIFA World Cup which saw an increase of phishing attacks jump by 40% last year. (Source: pctools.com)

15 May 2009 | Macworld by Scott McNulty

Writing reviews of Mac antivirus software can be a thankless task, much like correcting e-mail grammar: no one particularly wants to hear about it, but there might be some value in the exercise. There have been no major viruses or malware outbreaks for Mac OS X since its introduction in March 2001 (kind of amazing, actually). That excellent track record doesn't make a strong case for running antivirus software on your Mac. Most antivirus software makers get around this by having their products do more than just look for Mac-specific threats. They will scan and clean your Mac of any Windows viruses that might come along so you don’t unknowingly pass them along to your Windows-using friends, making you a better Internet citizen.

19 May 2009 | Search Security by Robert Westervelt

19 May 2009 | IDG News Services by Robert McMillan

20 May 2009 | Network World by Carolyn Duffy

20 May 2009 | ZDNet by Matthew Broesma

15 May 2009 | PC Advisor by Carrie Ann Skinner

20 May 2009 | Computer World by Gregg Keizer

security practices with Reader and Acrobat." (Comments from F-Secure)

18 May 2009 | PC Magazine by Larry Seltzer

14 May 2009 | Net Security

Kaspersky Lab has implemented detection and treatment for a new variant of a unique MBR rootkit, Sinowal. The new variant of Sinowal, a malicious program that is capable of hiding its presence in the computer system by infecting the Master Boot Record (MBR) on the hard drive, was detected at the end of March 2009. Over the last month Sinowal has been actively spreading from a number of malicious sites that use the Neosploit exploit toolkit. Kaspersky Lab analysts have been monitoring the Sinowal rootkit since early 2008. earlier versions, the new modification, Backdoor.Win32.Sinowal has these features:

18 May 2009 | SPAMfighter News

Various security agencies report that the malicious worm Conficker is currently attacking a large number of Indian PCs, to quietly turn them into spam bots as well as to load spyware on them. A research by Symantec has revealed that India ranks high among the nations that are severely hit by Conficker. This is attributed to the country's rampant use of P2P file sharing applications, inadequate knowledge about the necessity of updating antivirus programs and the widespread use of fake or pirated software. Shantanu Ghosh, Vice-President of India Product Operations, Symantec India, states that India is one of the top ten nations affected by Conficker, as reported by CIOL on May 11, 2009.

13 May 2009 | Dark Reading by Kelly Jackson Higgins

19 May 2009 | Computer World by Gregg Keizer

After discovering attack code on a brand new Windows XP netbook, Kaspersky Lab warned users yesterday that they should scan virgin systems for malware before connecting them to the Internet. When Kaspersky developers installed their recently-released Security for Ultra Portables on an M&A Companion Touch netbook purchased for testing, "they thought something strange was going on," said Roel Schouwenberg, a senior antivirus researcher with the Moscow-based firm. Schouwenberg scanned the machine – a $499 netbook designed for the school market – and found three pieces of malware. "This was done at the factory," said Schouwenberg. "It was completely brand new, still in its packaging." (Comments by Kaspersky)

20 May 2009 | ZDNet by Dancho Danchev

21 May 2009 | IDG News Services by Robert McMillan

21 May 2009 | Kablenet

Nearly 400 computers at the House of Commons needed attention after malware attacks during the past 12 months. Out of nearly 5,000 computers used by MPs, their staff and Commons administrators, eight percent had to be visited by an ICT specialist because of problems with malware. The information was revealed by Nick Harvey, a Liberal Democrat MP and member of the House of Commons Commission, the body responsible for the administration and services of the House. Harvey was replying to a parliamentary written question from Conservative MP Tim Loughton. Harvey said that over the last year 86 percent of computers on the Commons estate had been attacked by malware, but 78 percent of these were automatically cleaned by Parliament's antivirus software.

20 May 2009 | IDG News Services by Jeremy Kirk

Even if your spouse doesn't know your email password, he or she probably knows enough information to get it. Free email providers often present a so-called "secret question" as a verification mechanism to reset an account password. But the answer is often easily guessable by other people who know the account holder, according to a new study to be released during the IEEE Symposium on Security and Privacy this week in Oakland, California. In other cases, strangers can successfully supply the answers to some questions, which is how Republican vice-presidential nominee Sarah Palin lost control of her Yahoo account.

19 May 2009 | eWeek by Roy Mark

Latest cyber security initiative aims to link together all organizations and individuals that play a role in securing the Internet. Applying many of the same approaches used to bring nuisance adware under control, three cyber security groups said May 19 they are launching a new initiative: a "chain of command" plan among all organizations and individuals that play a role in securing the Internet. Developed by the ASC (Anti-Spyware Coalition), NCSA (National Cyber Security Alliance) and StopBadware.org, the Chain of Trust Initiative will link together security vendors, researchers, government agencies, Internet companies, network providers, advocacy and education groups in a systemic effort to stem the ever increasing rising tide of malware.

19 May 2009 | Sydney Morning Herald – AP Digital by Bob Lewis

18 May 2009 | PC Magazine by Larry Seltzer

18 May 2009 | Security Fix by Brian Krebs

18 May 2009 | SC Magazine US by Andrew Storms

While I recognize no software is 100 percent bug free and that the world of threats is ever dynamic, customers, consumers and enterprises need their vendors to take the entire life cycle of security management far more seriously than is evident from their behavior today.  Vendors must focus on dramatically reducing events that bring about zero-day exploits that leave security professionals holding the bag and praying nobody opens an attachment.  Vendors that talk about security must deliver evidence that matters. In the big picture, it's clear that features and functionality that drive some level of economic gain are often prioritized over security.

19 May 2009 | The Register by John Leyden

Those who rely on gut instinct and are open to persuasion are more at risk of falling prey to internet scams, according to a research sponsored by the UK Office of Fair Trading. Far from being naive and easily led, many scam victims are often decent decision-makers in their everyday life, psychology researchers at the University of Exeter conclude. Grifters take UK marks for an estimated £3.5bn every year. OFT commissioned research found many frauds rely on exploiting basic human emotions such as excitement or fear to provoke a "gut reaction" to a fraudulent offer. Many fraudsters attempt to hoodwink people by posing as reputable businesses or official institutions.

19 May 2009 | IDG News Services by Jeremy Kirk

18 May 2009 | ZDNet Asia by Michael Kassner

Throughout my series about rootkits and botnets, I've been impressed by the number and quality of member comments, especially the ones discussing how to remove rootkits. Thinking about this led to one of my ah-ha moments; fortuitously I decided to listen and consolidate those real-world tips along with what I have gleaned from security experts. Why rootkits are hard to remove

To be honest, my research is showing rootkit removal to be a rather haphazard affair, with positive results not always the norm. The apparent reason for this is the increased sophistication of rootkits. Some examples of these improvements are: # The ability to install rootkits at increased privilege levels in the operating system, making them immune to malware scanners.

18 May 2009 | Computer World by Gregg Keizer

Identity thieves that hit Facebook last week with a new round of phishing attacks are harvesting passwords for profit, a security researcher said today. "It's not surprising that they're targeting Facebook," said Kevin Haley, a director on Symantec's security response team. "Facebook has, what, 200 million-plus users? The bad guys always go where's there's a lot of people." The newest Facebook attacks resemble previous phishing rounds in their tactics: A compromised account sends a malicious link to friends. That link leads to a site that mimics the legitimate log-in page. (Comments by Symantec)

18 May 2009 | All Around Philly

Israel's internal intelligence service urged the public Monday to exercise caution when using Facebook, saying Arabs are trying to recruit spies on the popular social networking site. The Shin Bet security agency warned Israelis against answering unsolicited messages or sharing telephone numbers and other sensitive information over the Internet. It said there have been numerous incidents recently in which violent groups tried to recruit Israelis through Facebook and other networking sites. The agency said in one instance an Israeli Facebook user was contacted by a man who introduced himself as a Lebanese agent and offered money for information about Israel.

19 May 2009 | Australian IT by Karen Dearne

IT professionals need to name and shame lazy software developers and refuse to deal with dangerous operating systems instead of pretending more security will defeat steadily increasing cyber-threats, US security consultant Daniel Klein has warned. IN his address at the AusCERT 2009 conference on the Gold Coast yesterday, Mr Klein lambasted operating system designers and security software providers, saying patching and protecting essentially insecure computer software was never going to work "It's not the hackers that are the problem, it's the systems that they're hacking that are the problem," Mr Klein said. "All we've ever done is patch the systems to fix problems when they occur.

19 May 2009 | The Age by Yuko Narushima

AUSTRALIANS are wide open to having their secrets tapped by criminals, a crime analyst warned yesterday, as rising instances of theft and fraud online triggered a new government inquiry.The inquiry's chairwoman, the Labor MP Belinda Neal, said the investigation would focus on consumers, whose growing acceptance of internet banking and shopping had made them more vulnerable. "The prevalence of the internet means the dangers are increasing," she said. "No one can turn on their emails without several messages making requests for identification or saying you've won the lottery." Examples of internet crime include hacking and phishing. Hackers breach private computers, or whole networks, to draw sensitive information.

18 May 2009 | Australian IT by Karen Dearne

FEDERAL Communications Minister Stephen Conroy says IT security specialists will help with the detailed design, operating and identity security arrangements needed to underpin the new National Broadband Network. In particular, supervisory control and data acquisition specialists (SCADA) can expect a boost, in recognition of the heavy reliance now placed on critical infrastructure such as electricity and water supply, banking and finance and aviation. “As more vital services such as health and aged care come to rely on broadband, the security of our networks is of the highest priority,” Senator Conroy told the AusCERT 2009 conference on the Gold Coast today

15 May 2009 | Wired Science by Lizzie Buchen

You are how you e-mail: A new technique can tell people apart using only the timestamps in their Sent folders. In the interactive, real-time world of Twitter, blogs and World of Warcraft, timing is one of the most salient aspects of social behavior. Now, researchers at Northwestern University and Yahoo Research in New York show that they can distinguish and categorize people based solely on the timestamps of their e-mails, paving the way for smarter advertisements, spam filters and social networking sites. “You can’t track everything an individual is doing at every hour of the day,” said Dean Malmgren of Northwestern University, lead author of the study posted May 11 on the pre-publication physics repository, arXiv.

15 May 2009 | PC Advisor by Gregg Keizer

15 May 2009 | PC Authority by William Maher

18 May 2009 | Techworld by John E Dunn

17 May 2009 | Computer World by Gregg Keizer

15 May 2009 | CSO by Bill Brenner

What a Botnet Looks LikeResearcher David Vorel mapped interconnected, bot-infected IP addresses and created this geometric representation; CSO contributor Scott Berinato annotated the map and added interactive controls so you can zoom in and explore botnets' inner workings. CSO ran this last year, but it's worth looking at before launching into the new content below. Botnets: 4 Reasons It's Getting Harder to Find and Fight ThemResearchers say vulnerable Web 2.0 applications and peer-to-peer architecture are making it easy for hackers to maintain armies of hijacked computers. USA (and IE) Number 1 for Botnet MayhemResearchers say IT shops aren't doing enough to protect their machines from botnet herders.

15 May 2009 | Computer World by Gregg Keizer

13 May 2009 | Network World

17 May 2009 | The Register by John Leyden

Analysis The Government has announced plans to push ahead with the next phase in launch of a controversial child protection database, despite ongoing concerns about the security of data held on the system. The delayed ContactPoint system, which is due to include names and addresses on every child under 18 in England, will be accessed by frontline care workers in real-life trials for the first time from this Monday. Security experts contacted by El Reg remain concerned that information housed on the database might leak out despite ministerial assurances on security provisions that will accompany the roll-out of the directory system.

15 May 2009 | PC Advisor by Carrie Ann Skinner

Here's another reason to stay one from porn sites: they're bad for your computer's health. Ten percent of Britons' PCs havce picked up a virus after surfing adult sites. That's according to a survey from comparison site Moneysupermarket, which also found that 19 percent of users have been infected through general surfing while 12 percent of users blamed opening files from unknown senders. Moneysupermarket also revealed that of those infected by viruses. Five percent of respondents said personal information was stolen. James Parker, manager of broadband at moneysupermarket, said: "People need to be more aware of security threats than ever before. Most people use some of their personal details online -

15 May 2009 | The Register by Chris Williams

British law enforcement agents are quietly working with European counterparts on changes to national legislation that will allow them to share intelligence gained by hacking into suspects' PCs. Sharon Lemon, director of the Serious and Organised Crime Agency's (SOCA) e-crime unit, told The Register data laws in some EU countries make it impossible for investigators to obtain and pool data covertly. The desired change could mean law enforcement officers in eastern Europe could ask SOCA to hack into a suspect's PC for them and share the data. SOCA said its hacking activities are always within the law. Lemon refused to be drawn on the specifics of the techniques the agency uses.

15 May 2009 | The Register by John Leyden

15 May 2009 | IT PRO by Asavin Wattanajantra

14 May 2009 | CRN by Stefanie Hoffman

The former head of security architecture at One Laptop per Child (OLPC), Ivan Krstic, has taken a job with Apple to help fend off malware threats directed at the Mac platform. Krstic began his job at Cupertino, Calif.-based Apple on Monday. In his new role, Krstic will work on core security and shore up security infrastructure to prevent further malicious attacks targeting the Mac operating system. During his stint as security director for OLPC, a nonprofit aimed at building $100 laptops for millions of children in developing countries, Krstic created the Bitfrost security application, a secure system that wouldn't require tech support and continual security updates.

21 May 2009 | The Register by John Leyden

21 May 2009 | ThreatFire Research Blog

20 May 2009 | ThreatFire Research Blog

A couple of anti-malware firms have grumbled about the number of successful web site attacks a group has been making in order to inject malicious web pages on these victimized sites. These hijacked web sites in turn attack visiting users' web browsers with the goal of downloading and executing more malware hosted on a remote server. Originally the malware hosting site was gumblar.cn, it was changed to martuz.cn, and most likely will change again. The delivered dropper uses an interesting technique to register loaded components for auto start on an unsuspecting user's system. Instead of the usual run key and service locations, this writer decided to abuse a user-mode auxiliary audio driver location that is loaded when Internet Explorer is started.

15 May 2009 | ThreatFire Research Blog