Malware

Malware / News Briefs

Botnets: Most Prevalent Threat on the Internet for the Enterprises

Based on the total number of transactions, Zscaler reports botnets as the biggest security risk on the Internet for the enterprises. "Once a host gets infected, the botnet usually spreads quickly within an enterprise. It also generates a significant amount of traffic to the command and control server, to download additional malware or perform other actions." more»

Typosquatted Domain Names Pose Plenty of Risk But Surprisingly Little Malware

A recent study took an in-depth look at the scale and the risk of domain name typosquatting -- the practice of registering mis-spellings of popular domain names in an attempt to profit from typing mistakes. "Applying every possible one-character typo to the domain names of Facebook, Google, Twitter, Microsoft, Apple and Sophos," Paul Ducklin, Sophos' Asia Pacific head of technology collected HTTP data and browser screenshots from 1502 web sites and 14,495 URLs. In this report, Ducklin analyses the data revealing unexpected results within the typosquatting ecosystem. more»

FBI Warns of Cyberattacks Against Banks - Aided by Variant of Zeus Trojan Called 'Gameover'

The FBI is warning that computer crooks have begun launching debilitating cyber attacks against banks and their customers as part of a smoke screen to prevent victims from noticing simultaneous high-dollar cyber heists. The bureau says the attacks coincide with corporate account takeovers perpetrated by thieves who are using a modified version of the ZeuS Trojan called 'Gameover.'" more»

Mobile Malware Growing Exponentially, Limited Capability of Current Security Solutions Big Concern

Security analysis suggest troubling and escalating trends in the development of malware that exploits vulnerabilities on mobile devices. "From turning mobile devices into bots, to infiltration of mobile applications, driven by the use of personal devices in the workplace, cybercriminals are taking full advantage of this market," reports M86 Security Labs in its just released Threat Predictions Report. more»

Mega International DNS Malware Operation Dismantled, Reports FBI

FBI today announced six Estonian nationals have been arrested and charged with running a sophisticated Internet fraud ring that infected millions of computers worldwide with a virus and enabled the thieves to manipulate the multi-billion-dollar Internet advertising industry. Users of infected machines were unaware that their computers had been compromised -- or that the malicious software rendered their machines vulnerable to a host of other viruses. more»

FBI Official Calls for Secure, Alternate Internet to Protect Critical Utility, Financial Systems

Shawn Henry, FBI's executive assistant director says computer networks that control power plants and financial systems will never be secure enough, so government and corporate leaders should consider developing a new, highly secure alternative Internet, according to an AP report. "We can't tech our way out of the cyberthreat. The challenge with the Internet is you don't know who's launching the attack." A key step, he said, would be to develop networks where anonymity is not an option and only known and trusted employees have access. more»

Duqu Reported as Precursor to a Future Stuxnet-Like Attack

Virus researchers at Symantec Corp. have revealed a variant of the Stuxnet worm, named Duqu, that is found to be stealing information about industrial control systems. Symantec reports: "Duqu's purpose is to gather intelligence data and assets from entities, such as industrial control system manufacturers, in order to more easily conduct a future attack against another third party. The attackers are looking for information such as design documents that could help them mount a future attack on an industrial control facility... Parts of Duqu are nearly identical to Stuxnet, but with a completely different purpose." more»

Feds Seek Code of Conduct for Detecting, Mitigating Botnets

The U.S. departments of Commerce and Homeland Security (DHS) has met with other agencies and private-sector leaders in the information technology industry discussing the need to create a voluntary industry code of conduct to address the detection and mitigation of botnets. The meeting, hosted by the Center for Strategic and International Studies (CSIS), included topics such as the problematic and at time controversial issue of notifying individuals whose computers have been infected with malware and are part of a botnet. more»

Microsoft Takes Kelihos Botnet Offline, Shuts Down the cz.cc Subdomains

Robert McMillan reporting in InfoWorld: "Microsoft has opened a front in its ongoing battle against Internet scammers, using the power of a U.S. court to deal a knockout blow to an emerging botnet and taking offline a provider of free Internet domains. Microsoft used the same technique that worked in its earlier takedowns of the Rustock and Waledac botnets, asking a U.S. court to order Verisign to shut down 21 Internet domains associated with the command-and-control servers that form the brains of the Kelihos botnet." more»

OPTA revokes Diginotar License as TTP

Wout de Natris: "In this decision OPTA revokes the registration of Diginotar as a so called Trusted Third Party. Diginotar issued certified certificates for digital signatures. The security breach by Iranian hackers over the summer, which Diginotar did not report to the authorities, lead to severe credibility issues for all Diginotar certificates issued before. This included Dutch government websites, but also led to severe breaches of privacy for Iranian end users, in multiple countries. As a result of OPTA's decision all certificates issued by Diginotar have to be revoked, while at the same she is forbidden to issue new ones. more»

New Research Reveals 56% Rise in Cost of Cybercrime

New research indicates cyberattacks increasingly plague businesses and government organizations, resulting in significant financial impact, despite widespread awareness. Conducted by the Ponemon Institute, the Second Annual Cost of Cyber Crime Study revealed that the median annualized cost of cybercrime incurred by a benchmark sample of organizations was $5.9 million per year, with a range of $1.5 million to $36.5 million each year per organization. This represents an increase of 56 percent from the median cost reported in the inaugural study published in July 2010. more»

Security Researcher Warned US Congress of Stuxnet Variants 10 Months Ago

Paul Roberts reporting in threatpost: "Stuxnet may have been super sophisticated cyber weapon deployed by state actors, but future generations of the malware will be available to run of the mill script kiddies, a noted expert on security and industrial control systems has warned in a letter to the U.S. Congress ten months ago. Ralph Langner, the UK-based security consultant, released a copy of a confidential letter addressed to a member of the U.S. House of Representatives." more»

Automated Web Application Attacks Can Peak at 25,000 an Hour

Web applications, on average, experience twenty seven attacks per hour, or roughly one attack every two minutes, according to the newly released Imperva Web Application Attack Report. Report also notes that when websites came under automated attack they received up to 25,000 attacks in one hour, or 7 attacks every second. more»

Google Removes All Sites Under .CO.CC Over Security Concerns

Dennis Fisher in ThreatPost reports: "In a rare and sweeping move, Google has removed all of the sites hosted on .co.cc domains from its search results, saying that because such a large percentage of the sites on that freehosting provider are low-quality or spammy, they decided to de-index all of them. The .co.cc domain is well-known in security and anti-spam circles for being a favorite spot for phishing and spam domains, but there also are legitimate domains hosted there." more»

ICM Registry to Provide Free Malware Scanning for .XXX Domains

ICM Registry announced this week it has struck a deal with McAfee for a free malware scan for every .XXX domain. The deal would include McAfee's "trustmark" and date stamp, ICM said. Every .XXX domain will be scanned for vulnerabilities such as SQL injection, browser exploits and phishing sites, reputational analysis and malware, Stuart Lawley, CEO of ICM Registry, said in a statement. more»