-
Topics
-
Blogs
-
News
-
Community
-
Industry
The group that manages Canada's .ca internet domain is working to foil an internet worm set to attack starting April Fool's Day. "We're going to do everything possible to make this extremely inhospitable terrain for any worm, this one in particular," said Byron Holland, CEO of the Canadian Internet Registration Authority, a non-profit organization that represents those who hold a .ca domain... more»
The Conficker worm will be active again on April 1st, according to an analysis of its most recent variant, Conficker.C, by the net security firm CA. This malicious piece of software, also known as Downup, Downadup and Kido, spreads among computers running most variants of the Windows operating system and turns them into nodes on a multi-million member ‘botnet’ of zombie computers that can be controlled remotely by the worm’s as yet unidentified authors. more»
Speaking at the Vasco Banking Summit in Sydney yesterday, the company's technical account manager, Vlado Vajdic, told delegates that cyber crime was becoming so business-like that online offerings of malicious code often included support and maintenance services. Additionally, he said, cybercrime outsourcing would become a key trend in 2009... more»
Brian Krebs of Washington Post reporting: "Verizon.net is home to more than twice as many spam-spewing zombies as any other major Internet service provider in the United States, according to an analysis of the most recent data from anti-spam outfit Spamhaus.org. Verizon, however, says it plans to put measures in place to prevent it from being used as a home to so many spammers. ... If spammers are attracted to the company's network, it may be because Verizon still allows customers to send e-mail on Port 25, the communications channel that is traditionally used by large organizations to send e-mail." more»
Security experts warn the "clickjacking" attack on Twitter service last week is part of growing trend of social engineering attacks via social networks. VP of security firm RSA, Sam Curry, calls the social networking attacks "orthogonal attacks." As users have become aware of phishing attacks and other efforts to get at their personal data, hackers have turned to social networks and "brand attacks," like the recent CNN.com-spoofing Cease-Fire Trojan to spread malware that goes after the same information once installed on the victim's computer. more»
According to a new study by PGP Corporation and Ponemon Institute, data breach incidents cost U.S. companies $202 per compromised customer record in 2008, compared to $197 in 2007. The study is based on 43 organizations across 17 different industry sectors with a range of 4,200 to 113,000 records that were affected. It is also noted that since 2005, the cost component has grown by more than $64 on a per victim basis since -- nearly a 40% increase. more»
A study comparing best-of-breed computer security vendors suggests more than half of active malware and phishing threats on the Internet go undetected, with an average detection rate of 37% for malware and 42% for phishing. "Given the dynamic nature of today's online threats and the traditionally reactive approach taken by today's malware and phishing detection technology, conventional signature-based solutions are inherently at a disadvantage to keep up," said Panos Anastassiadis, CEO and Chairman of Cyveillance. "Because the majority of damage occurs during the first 24 hours of an attack, early detection of attacks is crucial." more»
While the news will not be terribly surprising to CircleID readers, Google's latest report on the status of spam and 2009 predictions posted today, might be of particular interest due to the company's shear email processing volume at 2 billion enterprise email connections per day (drawn from company owned Postini Message Security network)... more»
In a report on Washington Post's Security Fix, Brian Krebs writes: "Some of the most prolific and recognizable malware disbursed by Russian and East European cyber crime groups purposefully avoids infecting computers if the program detects the potential victim is a native resident. But evidence from the Conficker worm -- which by some estimates is infecting more than one million new PCs each day -- shows that trend may be shifting." Based on an analysis by Microsoft experts, the original version of the Downadup (also known as "Conficker") worm will not install if the malware detects the host system is configured with a Ukrainian keyboard layout. However, the latest variant has no such restriction. more»
If current predictions are correct, 2009 will be a tougher year than 2008 in terms of the economy. In tough economic times such as these it becomes increasingly important for us to follow recommended safety practices when going online. As the numbers of Internet-related fraud and financial scams continue to increase we should expect the current economic situation to produce more victims of cybercrime. Knowledge and vigilance are the keys to remaining safe while online. more»
We're learning this week that we have officially passed the one billion number in terms of people using the Internet. Eric Schonfeld writes in his article on TechCrunch that the number is probably higher than that. One billion is a staggering number, even though it makes up only 15 to 22 percent of the world's population. Nevertheless, those one billion Internet users give us a lot to deal with on their own in terms of social and security issues on the web. more»
Continued exploitation of the financial crisis to scam users with fake financial transactions services, fake investment firms, and fake legal services is the top trend to emerge for 2009 according threat predictions by McAfee. "Computer users face a dangerous one-two punch today," said Jeff Green, senior vice president of McAfee Avert Labs, McAfee's research group. "The current economic crisis is delivering a blow to our financial well-being, while malware authors are taking advantage of our distraction to deliver a roundhouse strike." more»
The practice of using stolen or data mined &ndash from a botnet's infected population – FTP accounts is nothing new. In March, 2008, a tool originally published in February, 2007, got some publicity once details of stolen FTP accounts belonging to Fortune 500 companies were found in the wild. Interestingly, none of the companies were serving malicious iFrames on their compromised hosts back then. Despite the fact that 2008 was clearly the year of the massive SQL injection attacks... more»
Security researchers have identified a new phishing attack method designed to trick users into surrendering confidential information after they have logged on to an online banking, brokerage, or other sensitive website. The technique, called In Session Phishing, can be used to inject into all major browsers legitimate looking Pop Up messages using malicious JavaScript that request passwords, account numbers, etc., on behalf of the trusted website. more»
Security firm PandaLabs reports today that it received more malware in the first eight months of 2008 than in the previous 17 years combined -- Trojans being the leading cause of malware infections. In 2008, Panda Security's malware analysis and detection laboratory states that it found an average of 35,000 malware samples each day, 22,000 of which were new infections. By the year's end, the total count of malware threats detected exceeded 15 million. more»
