Malware

Malware / News Briefs

DNSChanger Disruption Inevitable, ISPs Urged to Bolster User Support

Up to 100,000 customer modems are at risk of losing their internet connection from July 9 when the FBI disables rogue DNS servers seized late last year. The affected customer modems make up about a third of the 350,000 to 400,000 internet users believed to still have the DNSChanger malware on either their modems or Windows computers. more»

Gas Pipeline Firms Under Targeted Phishing Attacks

The United States Industrial Control Systems Cyber Emergency Response Team (ICS-CERT) has issued a warning about an active "spear phishing" campaign targeting companies in the natural gas pipeline sector. In an advisory issued last week, ICS-CERT said it has received information about targeted attacks and intrusions into multiple organizations over the past several months. more»

Microsoft and Financial Services Groups Disrupt Zeus Botnet Servers

Microsoft's Digital Crimes Unit - in collaboration with Financial Services - Information Sharing and Analysis Center (FS-ISAC) and NACHA - The Electronic Payments Association, as well as Kyrus Tech Inc. - has executed a coordinated global action against some of the worst known cybercrime operations fueling online fraud and identity theft, said Microsoft in an announcement today. "With this legal and technical action, a number of the most harmful botnets using the Zeus family of malware worldwide have been disrupted in an unprecedented, proactive cross-industry operation against this cybercriminal organization." more»

FCC Releases New U.S. Anti-Bot Code

The Online Trust Alliance (OTA) joined a unanimous vote at the Federal Communications Commission's (FCC) Communications Security, Reliability and Interoperability Council (CSRIC) meeting today, approving the voluntary U.S. Anti-Bot Code of Conduct for Internet Service Providers (ISPs), also known as the ABCs for ISPs. As a member of the CSRIC appointed by FCC Chairman Julius Genachowski, the OTA has been working with the FCC and leading ISPs to develop this voluntary Code. more»

NATO Announces 58 Million Euro Investment in Cyber Defence

The NATO Consultation, Command and Control Agency (NC3A) has announced the award of a contract for upgrading the NATO cyber defence capabilities. The award to private industrial companies will enable the already operating NATO Computer Incident Response Capability (NCIRC) to achieve full operational capability by the end of 2012. At approximately 58 million Euro, it represents NATO's largest investment to date in cyber defence. more»

Malware Increasingly Uses DNS As Command and Control Channel to Avoid Detection

Number of malware threats that receive instructions from attackers through DNS is expected to increase, and most companies are not currently scanning for such activity on their networks, security experts said at the RSA Conference 2012 on Tuesday. While most malware-generated traffic passing through most channels used for communicating with botnets (such as TCP, IRC, HTTP or Twitter feeds and Facebook walls) can be detected and blocked, it's not the case for DNS (Domain Name System) and attackers are taking advantage of that, said Ed Skoudis, founder of Counter Hack Challenges and SANS fellow. more»

Feds Ask for DNSChanger Deadline Extension As Millions of PCs Could Be Cut Off from the Web

Brian Krebs reporting in Krebs on Security: "Millions of computers infected with the stealthy and tenacious DNSChanger Trojan may be spared a planned disconnection from the Internet early next month if a New York court approves a new request by the U.S. government. Meanwhile, six men accused of managing and profiting from the huge collection of hacked PCs are expected to soon be extradited from their native Estonia to face charges in the United States." more»

Our Nuclear Facilities are Cyberattack-Proof, Claims Iran

Iran's nuclear facilities are immune to cyber attack a senior Iranian military official has claimed today according to various reports. "Gholam Reza Jalali, who heads an Iranian military unit in charge of combatting sabotage, was quoted Monday by the official IRNA news agency as saying that Iran and its nuclear facilities possess the technology and knowledge to deal with malicious software." more»

DNSChanger Trojan Still Running on Half of Fortune 500s, US Govt

More than two months after authorities shut down a massive Internet traffic hijacking scheme, the malicious software that powered the criminal network is still running on computers at half of the Fortune 500 companies, and on PCs at nearly 50 percent of all federal government agencies, new research shows," reports Brian Krebs. more»

Public-Private Cooperation Policy for Cyber Security Suggested by Commissioner Kroes

At a speech during the Security and Defense Agenda meeting on 30 January Vice-President of the European Commission, Neelie Kroes, showed how the Commission envisions public-private cooperation on cyber security. more»

Japan Developing Distinctive Anti-Cyberattack Virus

The Japanese Defense Ministry is creating a computer virus capable of tracking, identifying and disabling sources of cyberattacks, according to reports. The development of the virtual cyberweapon was launched in 2008. Since then, the weapon has been tested in a closed network environment. "The most distinctive feature of the new virus is its ability to trace cyber-attack sources. It can identify not only the immediate source of attack, but also all "springboard" computers used to transmit the virus." more»

Botnets: Most Prevalent Threat on the Internet for the Enterprises

Based on the total number of transactions, Zscaler reports botnets as the biggest security risk on the Internet for the enterprises. "Once a host gets infected, the botnet usually spreads quickly within an enterprise. It also generates a significant amount of traffic to the command and control server, to download additional malware or perform other actions." more»

Typosquatted Domain Names Pose Plenty of Risk But Surprisingly Little Malware

A recent study took an in-depth look at the scale and the risk of domain name typosquatting -- the practice of registering mis-spellings of popular domain names in an attempt to profit from typing mistakes. "Applying every possible one-character typo to the domain names of Facebook, Google, Twitter, Microsoft, Apple and Sophos," Paul Ducklin, Sophos' Asia Pacific head of technology collected HTTP data and browser screenshots from 1502 web sites and 14,495 URLs. In this report, Ducklin analyses the data revealing unexpected results within the typosquatting ecosystem. more»

FBI Warns of Cyberattacks Against Banks - Aided by Variant of Zeus Trojan Called 'Gameover'

The FBI is warning that computer crooks have begun launching debilitating cyber attacks against banks and their customers as part of a smoke screen to prevent victims from noticing simultaneous high-dollar cyber heists. The bureau says the attacks coincide with corporate account takeovers perpetrated by thieves who are using a modified version of the ZeuS Trojan called 'Gameover.'" more»

Mobile Malware Growing Exponentially, Limited Capability of Current Security Solutions Big Concern

Security analysis suggest troubling and escalating trends in the development of malware that exploits vulnerabilities on mobile devices. "From turning mobile devices into bots, to infiltration of mobile applications, driven by the use of personal devices in the workplace, cybercriminals are taking full advantage of this market," reports M86 Security Labs in its just released Threat Predictions Report. more»