Malware

Malware / Recently Commented

Zeus-Related Charges in NY to Be Announced Today

Garth Bruen writes: "Federal and state authorities have charged more than 60 people in connection with a global cybercrime scheme that relied on Internet viruses to steal millions of dollars from U.S. bank accounts. Federal prosecutors say the defendants are accused of using the Zeus Trojan and other Internet viruses to steal money. Authorities planned to announce the charges at a news conference Thursday afternoon." more»

Researchers Find Russian Spam Domains on the Rise

Jeremy Kirk from IDG News reports: "Researchers are seeing an uptick in the number of spam-related domains from Russian registrars, a sign that cybercriminals are choosing those providers due to lax enforcement. An analysis of spam messages over the last month showed that more than a third of domain names connected with spam are ".ru" ccTLDs (country code Top Level Domains), according to email security vendor M86." more»

Microsoft Releases a Cybersecurity eBook, Free Download

Micorsoft has released a 253 page cybersecurity ebook primarily intended for teens but also serves as a useful resource for adults interested in overall understanding of various Internet security topics. more»

BBC Creates Smartphone Malware to Expose Vulnerabilities

BBC News has shown how straightforward it is to create a malicious application for a smartphone. Over a few weeks, the BBC put together a crude game for a smartphone that also spied on the owner of the handset. The application was built using standard parts from the software toolkits that developers use to create programs for handsets. more»

GlavMed Hacks U.S. Government Website

Garth Bruen writes: A report in LegitScript takes a look at Russian rogue Internet pharmacy hacking US government website. "As rogue Internet pharmacy networks become more sophisticated, even US government websites are at risk. Today, we're taking a look at how a rogue Internet pharmacy linked to a criminal network operating out of Russia and Eastern Europe has hacked into a US government website. The Millennium Challenge Corporation, a US foreign aid agency, utilizes a ".gov" top-level domain, which is assigned to the control of the US government. Domain names ending in .gov are typically administered by the General Services Administration." more»

Vulnerability Broker to Enforce a Six-Month Deadline

Ryan Naraine reporting in ThreatPost: "Looking to put pressure on software vendors who procrastinate on fixing security flaws, the world's biggest broker of vulnerability data is drawing a line in the sand. Starting tomorrow (August 4, 2010), TippingPoint's Zero Day Initiative (ZDI) will enforce a six-month deadline for patches on all vulnerabilities bought from the security research community and reported to software vendors." more»

2010 Data Breach Report from Verizon, US Secret Service

A study conducted by the Verizon Business RISK team in cooperation with the United States Secret Service has found that breaches of electronic records in 2009 involved more insider threats, greater use of social engineering and the continued strong involvement of organized criminal groups. more»

Engaging Consumers in Cyber Security: It's Up to You

In a perfect world, consumers recognize authentic emails from fake, update their operating system, browser and anti-virus software, and have a healthy skepticism about the safety of the Internet. The bad guys hate perfect, so we should be working with consumers to stop them. ... Organizations like mine are joining forces to recruit consumers -- who are also your customers and employees -- in the fight against cybercrime. more»

New Ways Cybercriminals are Thwarting Security

M86 Security today released it's bi-annual security report for the first half of 2010, highlighting the evolution of obfuscation through combined attacks. From the report: "This threat trend is the latest to emerge as cybercriminals seek new ways to limit the effectiveness of many proactive security controls. Because existing techniques for 'covering their tracks' are becoming less effective, cybercriminals have begun using combined attacks, which are more complex and difficult to detect. By splitting the malicious code between Adobe ActionScript language - built into Adobe flash - and JavaScript components on the webpage, they limit the effectiveness of many of the the proactive security detection mechanisms in place today." more»

Clarke and Knake's "Cyberwar"

I just finished reading Richard Clarke and Robert Knake's book Cyberwar. Though the book has flaws, some of them serious, the authors make some important points. They deserve to be taken seriously. I should note that I disagree with some of my friends about whether or not "cyberwar" is a real concept. Earlier, I speculated that perhaps it might be a useful way to conduct disinformation operations, but it need not be so limited. more»

MAAWG Overview of DNS Security - Port 53 Protection

J.D. Falk writes: Last week, MAAWG quietly published a new document titled "Overview of DNS Security - Port 53 Protection." [PDF] The paper discusses cache poisoning and other attacks on the local DNS, including likely effects of such a compromise and what access providers may be able to do to prevent it. more»

Canadian "Fighting Internet and Wireless Spam Act" Introduced Into the House of Commons

Neil Schwartzman writes to report: "The long-anticipated Canadian Anti-spam bill (a re-tabling of ECPA, now entitled FISA), and a bill amending PIPEDA passed first reading in the Canadian House of Commons yesterday. The bill must be read and passed twice, then referred to parliamentary committee to survive the summer recess of parliament (mid-June), it is anticipated that it will do so. The actual text of bills 28 & 29 is yet to be forthcoming, it should be a matter of a day or two until they are published." more»

Study Reveals 76% of Internet Users Vulnerable to Browser History Detection

A recent study reveals a browser history detection method, largely dismissed as an issue with minimal impact, can in fact be used against a vast majority of Internet users with significant malicious potential. Researchers, Artur Janc and Lukasz Olejnik, analyzed real-world results obtained from 271,576 Internet users and have reported the results in a paper titled, "Feasibility and Real-World Implications of Web Browser History Detection"more»

Malware and Search Warrant

A recent decision from a federal district court addresses an issue I hadn't seen before: whether searching malware on the suspect's computer was outside the scope of the search warrant issued for that computer. It seems a narrow issue, and unfortunately the opinion issued in the case doesn't tell us a whole lot about what happened; but I thought the issue was worth writing about, if only to note that it arose. more»

ICANN Security Team Reports on Conficker Post-Discovery Analysis

A paper released today by ICANN provides a chronology of events related to the containment of the Conficker worm. The report, "Conficker Summary and Review," is authored by ICANN's Dave Piscitello, Senior Security Technologist on behalf of the organization's security team. more»