There has been a lot of talk this year about the increasing sophistication of cybercrime threat – even going so far as to claim that virus creation has moved into the “Web 2.0” era. However, as is often the case in the security industry, hyperbole and drama garner all the attention, while gentle reminders of continued good practice can easily be forgotten.
Many in the security industry continually stress the importance of implementing the ‘latest prevention trend’ – a recent example being behavioral analysis – or debate the danger of the latest Conficker-esque “zero-day exploits”. However, approaching security policy in this manner encourages a reactive standpoint and leaves organizations constantly attempting to play catch-up with the cyber criminals.
A lot of the talk is designed to make the security industry seem ever more enthralling, but it seems fair to say that the software being used now to create viruses isn’t much more sophisticated than it was ten years ago. Certainly, there are more threats now than there ever have been, and it’s likely that the rate at which viruses are created is accelerating every year. But the make-up and threat level of the individual viruses themselves hasn’t changed enough to mean entirely new prevention processes are required. It’s effectively the same virus creation software that’s being used – just re-invented and re-monetized for phishing and key-logging purposes.
Article at: Net-Security
Microsoft released data collected from an FTP-server honeypot, showing that attempts to guess passwords continue to focus on the low-hanging fruit: passwords with an average length of eight characters, with “password” and “123456″ being the most common.
The data is part of a project to monitor attacks that everyday users might encounter on a regular basis. Most of the attacks attempted to log into the administrator account on English and French computers — “Administrator” and “Administrateur” were, by far, the two most popular usernames — using a variety of passwords. The attackers were typically compromised computer that were part of a botnet, Microsoft researchers stated on the company’s Malware Protection Center blog.
Article at: Security Focus
Filed under Security, Viruses
Tagged as Malware, Spam
The car accident involving golfer Tiger Woods has led to Google trends being dominated by the event.
Hon Lau, senior security response manager at Symantec, claimed that from an IT security point of view, this is just another fruit ripe for the picking as far as malware writers are concerned.
“So it comes as no surprise that the creators of rogue anti-virus or misleading application software have already jumped on the bandwagon and attempted to poison web search engine results to take advantage of this spike in web search activity,” said Lau.
Symantec reported that search engine results are redirecting to malicious domains that go through the usual fake scanning activity, before pointing out a whole host of serious errors and threats that needs to be cleaned from your computer.
Source: SC Magazine UK
Sometimes it is difficult to tell the difference between legitimate online offers and malicious spam. In this day and age, you can be pretty sure that financial and government institutions won’t send you emails asking you to change your account details.
But, sometimes the only thing preventing you to fall prey to cyber crooks that use fake promotional discounts and other special offers online to lure you into giving up your personal information is – your memory. Do you remember having subscribed to those offers and promotions? If you can’t remember, delete the email – no matter how tempting the offer sounds.
Holidays are usually a time of great activity for scammers, especially holidays that involve gift-giving. Trend Labs received a lot of spam samples that took advantage of Thanksgiving. Some of them were fishing for an email address so they can spam you extensively.
More at: Net-Security
[UPDATE] It appears that the problem is not related to Microsoft patches.
Microsoft’s latest round of security patches appears to be causing some PCs to seize up and display a black screen, rendering the computer useless.
The problem affects Microsoft products including Windows 7, Vista and XP operating systems, said Mel Morris , the CEO and CTO for the U.K. security company Prevx.
Prevx was alerted to the problem by users of its security software last week, Morris said. Microsoft apparently made changes to the Access Control List (ACL), a list of permissions for a logged-on user. The ACL interacts with registry keys, creating visible desktop features such as a sidebar.
However, the latest patches appear to make some changes to those registry keys. The effect is that some installed applications aren’t aware of the changes and don’t run properly, causing a black screen, Morris said.
Security applications seem to be particularly affected. Morris said users of other security products have also complained about the issue, even going so far as trying to reinstall the operating system to fix it.
“If you’ve got this problem, it’s massively debilitating,” Morris said.
Source: Computer World
Filed under Privacy
Tagged as IT, Privacy
Former United Way employee based in Miami, Luis Robert Altamirano, was sentenced to 18 months in jail and fined $50,000 for accessing his former employers’ network and deleting “numerous files from UWMD’s servers” and disabling “UWMD’s telephone voice mail system and prevented UWMD employees from accessing their voice mail accounts.”
Source: ThreatPost
Filed under Hacks
Tagged as exploit, IE, metasploit
Developers of the open-source Metasploit penetration testing toolkit have released code that can compromise Microsoft’s Internet Explorer browser, but the software is not as reliable as first thought.
The code exploits an Internet Explorer bug that was disclosed last Friday in a proof-of-concept attack posted to the Bugtraq mailing list. That first code was unreliable, but security experts worried that someone would soon develop a better version that would be adopted by cyber-criminals.
More at: ComputerWorld
Filed under Security
Tagged as botnet
Over the course of a few days in February 2000, a lone hacker was able to bring some of the Web’s larger sites to their knees, using just a few dozen machines and some relatively primitive software to cripple Yahoo, eBay, E*trade, Amazon, ZDnet and others for hours at a time. No one knew it at the time, but these attacks would come to be seen in later years as some of the earlier outbreaks of what has become a massive online pandemic.
The attacks themselves were nothing fancy. The hacker, who would later be identified as a 15-year-old boy from Montreal named Michael Calce, used a DDoS tool called Mstream to instruct a small army of machines he had previously compromised to send huge amounts of junk data at the remote Web servers he was targeting. But the technique was brutally effective: Yahoo, then the dominant search provider and portal site, was knocked offline for about two hours after receiving more than a gigabit of data per second from Calce’s bots.
CNN, ZDnet, Dell.com, eBay and other sites experienced similar floods, each with a varying degree of success. Initial speculation in the security and law enforcement community centered on sophisticated hackers, maybe a foreign group trying to prove a point about American capitalism, or a foreign intelligence service probing the country’s networks for soft spots.
Read more at: ThreatPost
Google plans to use a combination of system hardening, process isolation, verified boot, secure auto-update and encryption to thwart malicious hackers from planting malware on its new Google Chrome OS.
Much like the Google Chrome browser, the operating system will use process sandboxing as the key weapon in a series of anti-exploitation mitigations and attack surface reduction techniques. The end goal is to recover from a successful attack by simply applying an update and rebooting the infected machine.
The operating system borrows much of its security posture from the Chrome browser and, at first glance, resembles the security model used by Apple to secure its iPhone device.
More at ThreatPost
Voting machines in a New York town have been hit by a virus casting doubt on the accuracy of counts retrieved from any of the machines.
According to the Gouverneur Times Cathleen Rogers, the democratic elections commissioner in Hamilton County, claimed that a problem had been found with their voting machines the week prior to the election, and the ‘virus’ had been fixed by a technical support representative from Dominion, the manufacturer.
It also claimed that despite continued assurances from the manufacturer that the system is unhackable, reliable, easy to use, private and secure; a stream of lawsuits, allegations of voter fraud and machine failures against Sequoia from other congressional districts continue to contradict their statements.
Source: SC Magazine UK
