Live Search Updates Webmaster Center With Malware Sniffer
Worried about the possibility part of your website has been hijacked by malicious hackers without you knowing it? It happens sometimes, and sometimes a webmaster can link out to a site with undiscovered malicious code.
Post McColo, Spam On The Rise Again
It seemed from the beginning something that would only be temporary as spammers regrouped. Though spam levels dropped by as much 75 percent in the hours following McColo Corp.'s now infamous booting, spam's already making a comeback.
Underground Economy Booming
There's good news and bad news regarding Symantic's underground Internet economy report, released today. The good news is that the bad guys have steely eyes upon them at all times. The bad news is that the bad guys' business is booming.
75 Percent Of World’s Spam Knocked Offline
Score one for the security industry-a big one, a massively ginormous and temporary strike against spam. A slew of security companies and the Washington Post tracked massive amounts of spam back to one San Jose-based hosting company, now offline, and 75 percent of the world's spam went offline with it-for about 12 hours.
Zombies, How to Fight Them
Just so you're warned: If the zombies come back it could be your fault. "It is only a matter of time until the next W32/ZMist heads our way," premonishes McAfee's Vinoo Thomas. And it could all be because of something stupid.
AVG Update Labeled Windows File As Trojan
File this one under super embarrassing: Some users of the latest two versions of AVG's free virus scanner ended up with a computer in eternal boot mode. The antivirus software had falsely identified a critical Windows XP file as a Trojan virus.
Spam Alert: Obama In Sex Tape Scandal (Again)
Malicious spammers/hackers are continuing their efforts via shocking Obama-related subject lines. And why not? With a success rate of 1 in 12.5 million, that's at least 30 dopes in the US who might fall for it.
Express Scripts Reports Massive Data Breach
Pharmacy benefit management company Express Scripts sent out warning that millions of patient records could be exposed by extortionists following a data breach.
Beware of Presidential Malware
As the United States celebrates, or for about 46% of the population-mourns, the election of Barack Obama and the world continues its keen interest in this particular race, malware developers are in full attack mode trying to capitalize on a patriotic meme.
Campaigns Hacked, Obama Spam Commences
In case it's possible you're not sick of political news yet, here's the tidbit to set you over: Both Obama's and McCain's computer systems were hacked during the presidential campaign by foreign agents.
Clickjacking Is Scary, Real, And Kinda Hypothetical
The new boogieman of the security world is the practice of "clickjacking," or slipping an invisible link over a legitimate link to trick surfers into clicking it. Prevalence: unknown. Alert level: high, because only Firefox and Adobe can stop it.
Microsoft Blames Apps For Security Vulnerabilities
Microsoft, typically the darling of security vulnerability coverage, says targeting the operating system is old school. These days, the bad guys are targeting third-party applications.
ICANN Scrubs Net Of Malware Haven
Too little too late for EstDomains, and if you're too late to do anything before ICANN gets you then you're pretty darn slow. The quasi-private overseer of the Internet sent a shattering blow to the registrar via contractual technicality, shutting the company down and sending malware agents scattering.
Spammers Break CAPTCHAs, Exploit Social Networks
Spammers have evolved to perpetrate some pretty complicated schemes to get their wares (and warez) to large audiences. Recently they've shown sophistication beyond simple mailings by breaking CAPTCHA codes, enlisting decoy social networking sites and blogs, and even some search engine optimization.
Malicious Spam Up Eight Fold In 3Q
The number of malicious attachments increased eight-fold in the third quarter of 2008 over the previous quarter, according to Sophos. Between July and September, one in every 416 email messages contained a malicious attachment, up from one in every 3,333.
Your Keyboard Is Telling On You
Here's some news likely to make you a little queasy: Researchers have discovered a way to intercept keystrokes on a wired keyboard by intercepting electromagnetic waves emanating from the keyboard's connector wire.
Google And Yahoo Tout Secure Searching
Google's blog post about its "This site may harm your computer" warning in the search results and how webmasters can have Google check their sites for infections comes at an interesting time considering these aren't new features. Could it have something to do with Yahoo's multimedia campaign about its deal with McAfee?
Cyber Security As Worrisome As Drunk Driving To Moms
Since over half of moms surveyed by McAfee and Harris Interactive feel the government isn't doing enough to keep their kids safe online, they're taking matters into their own hands. Kids, of course, are offended.
Phishers Step Up Ops During Banking Crisis
Spammers and phishers are going about it all wrong. If they want a really big payoff they should have gotten into mortgage lending-even if you suck at it the government gives you money! Maybe online scammers are reconsidering, because there's been a huge spike in banking crisis-related attacks lately.
Sarkozy Gets Pwned
Google Translate says the French word for pwned is pwned, which is no fun at all. Let's say instead French President Nicolas Sarkozy's cybersecurity gets a big red l'échec épique (epic fail). Le président's bank account was hacked.
Spam Down As Scammers Save Up For Christmas
In general, malware and spam declined a bit in September. Don't get your hopes up. With the holiday season approaching, digital ne'er-do-wells will be ramping up production.
Careful, YouTube Can Be a Puper
A Trojan horse Puper isn't what it sounds like-if you're like me, you thought Of course that's how they got out! When security researchers start using phrases like "porn-spewing malware," they don't make it sound much better.
Security Expert Warns Of Rigged Election
Security vulnerabilities in electronic voting machines threaten to skew results in the upcoming national election, says a Republican security expert. Stephen Spoonamore has come forward as a whistleblower willing to testify in an Ohio court case stemming from the 2004 Presidential elections.
P2P Sites Spreading Obama/McCain Malware
Beware of downloading campaign videos via peer-to-peer networks like LimeWire and FrostWire. A large percentage of them may be carrying something worse than mudslinging.
EvilFingers Srike Again At Google’s Chrome
Security researchers at EvilFingers.com, who identified the first security vulnerabilities in Google's beta web browser, Chrome, have delivered a proof of concept demonstrating malicious agents could exploit a memory exhaustion denial-of-service attack.
Brad Pitt Most Dangerous Man On Internet
Brad Pitt may be pretty, but he's also the guy most likely to give you something…on your computer. He and Justin Timberlake are considered the most dangerous men on the Internet, according to a recent McAfee report.
Study Shows People Too Hasty With Popup Warnings
Student behavior in a study on popup warnings at North Carolina State University bodes ill for the rest of the population: most were so eager to remove popup obstacles to their tasks, they didn't care how they got rid of it. If in the wild, such impulsive behavior could have earned them some malware.
Update: Palin’s Hacker Identified
Well, that didn't take long. The Anonymous hacker who broke into Sarah Palin's Yahoo email address has been identified as the son of a Tennessee state representative. And as postulated earlier, he gained access via the "forgot my password" security function.
What Palin’s Email Hack Means To You
Regardless of how you feel about Alaska Governor and John McCain's running mate Sarah Palin using a Yahoo email account to conduct official state business, you likely joined many in gasping at the audacity of a team of anonymous hacker vigilantes.
Spies Caught Spying On Spies Via Spyware
There's been a bit of an uproar in Hungary over some spyware installed on computers at the country's national security office.
Back To School Malware Botnets
Back to school season carries its own traditions: shopping, homework, decreased social networking, and now botnet malware attacks on US schools and government organizations.
Greek Hackers Aim To Teach CERN a Lesson
At the rate they're going they could end the world next week. So mark your calendars. But please-please oh please-stop trying to hack their systems. Only they know how to prevent a black hole from sucking us into oblivion, and messing with their junk is just a bad idea, right?
Google’s Having Fun With Numbers
Nobody's going to challenge Google's skill with math-its algorithm is currently on the path toward world domination-and the company's banking on those mad skills dizzy privacy and security experts and, more importantly, regulators to push their new anonymizing standards proffered to the EU. In addition to better ads and search results, Google justifies its need for such data by efforts to fight search worms.
London Is Too In Canada, Obama’s Not In Ukrainian Blue
Sophos is reporting two sensationalist, malware-carrying emails circulating cyberspace, one involving an explosion at a London nuclear facility and the other purporting to have a dirty Barack Obama video. As you might guess, both are bogus and carrying nasty surprises.
McAfee Takes Security To The Clouds
McAfee unveiled its new Artemis Technology, which utilizes cloud computing technology to address security threats in real time. The company claims Artemis "dramatically increases the level of computer security."
Germany Shrieks At Google Datenkrake!
There's nothing more entertaining than a bunch of ticked off Germans. The melodrama, the propaganda, the beer-fueled outrage spilling into their lederhosen; the last time Germany sounded this upset they…oh, never mind. Maybe the chants of "Datenkrake!" spawning from Google's beta release of Chrome should be taken seriously after all.
Microsoft Gives Advance Notice Of Critical Updates
Microsoft plans to issue a security bulletin next Tuesday, September 9, about critical vulnerabilities affecting various Windows-based systems.
Botnets Increase Four Fold Over Summer
Both the number of botnets and the size of individual botnets have quadrupled in the past 90 days, according to security researchers. Despite the sudden influx, spam and malware has not increased correspondingly, making the case more mysterious.
Word To The Wise: Don’t Fire Your IT Guy
In case you didn't know, it's kind of important to be nice to your IT staff. You know why? Yeah, you know why; they have access to everything and can sink or expose your entire system. And guess what? A recent survey pegs 88 percent or 300 IT security pros as willing to take you down with them in a blaze of data.
Next Malware Breeding Ground: Online Games?
You know the bad guys are after your money and identity via traditional methods already. Did you know security experts are warning against attackers going after your or your kids' virtual currency?
BGP Exploit Is Big Uh-Oh For Internet
As far as possible security exploits this sounds pretty bad. Well, not just "possible" and not just "bad." A demonstrated exploit of the internet routing protocol BGP (Border Gateway Protocol) is potentially catastrophic to the Internet.
No, Hackers Didn't Hijack Your Baby
The somewhat romantic myth about honor among thieves is hereby debunked. The latest attempt at wriggling into your system comes in the form of a ransom note.
Best Western Hack Worst Exaggeration In History?
Best Western says rumors of its pwning are greatly exaggerated. That's likely true, given the heaps of superlatives weighting down a Sunday Herald exclusive claiming an Indian hacker helped the Russian cyber mafia make off with $5 billion of guest money. We're guessing the hacker didn't get nearly a fair enough cut.
Madonna Lust Could Lead To Infection
Not that you would, but don't get all excited about an email from MSN about has-been pop starlet Madonna in a new sex tape. The link leads to (whodathunkit?) the wrong kind of Trojan.
Scientists Prove Uncrackable Quantum Concept
Some mind-blowingly smart scientists from the University of Michigan, US Naval Research Lab, and the University of California at San Diego, have figured out how to use lasers to trap an electron in a dark state. That means lots of things, but from a security standpoint, it also means computers based on quantum technology would be uncrackable by conventional machines.
Judge Overturns Injunction Against MIT Researchers
IT pros shouldn't rely on discoverers of security flaws to keep quiet about it; sometimes glory (or competition) outweighs etiquette. They shouldn't rely on the courts to keep researchers quiet about it either-a Massachusetts judge just overruled a gag order against some crafty MIT researchers.
Competitor Tells Paper, Not Rival, About Security Flaw
Used to be you just had to worry about hackers, journalists, and security firms exploiting and making public any security flaws in your system. Now you have to worry about competitors.
Mac Spyware Hijacks Clipboard
The recent increase in Mac popularity has made it more of a target. The most recent attack comes in the form of spyware and operates by hijacking users' clipboards to spread links to malicious sites.
Holidays Are Good For Phishing
All the online holiday shopping is fertile ground for online scammers looking to fence a few ill-gotten dollars from unsuspecting consumers.
Half of Chinese Malware Seeks Gamer/IM Passwords
If the malware originated in China, then chances are it was designed to swipe your username and password. And most of those are targeting gamers.
Wikipedia Page Hijacked By Worm Creators
The German version of Wikipedia became a target for malicious hackers who created an article about how to vaccinate against bogus new worm. The link to the supposed fix within the article was actually a link to malicious code.
Malware Gets t.A.T.u'd
Security company Sophos is reporting that an email Trojan is circulating via an attachment promising photos of the Russian school girl lesbian pop duo t.AT.u.
The Happy Hacker Goes To Google
Google's newly launched Code Search is proving useful for finding website vulnerabilities, but also for locating potty-mouth coder insertions.
Would You Like McSpyware With That?
We'll give McDonald's the benefit of the doubt and call this a colossal blunder rather than a sinister plot. Not very good options are they? Details are sketchy so far, but apparently 10,000 lucky Japanese winners got a Trojan virus along with their new McMP3 Players.
McAfee Acquires Citadel
McAfee, Inc. announced it will acquire all of the assets of Citadel Security Software Inc. for approximately $56 million in cash, plus an estimated $4 million in working capital reimbursement.
Everybody Failed The Spam Quiz
McAfee says that though consumers may be more Internet-savvy than ever, they're still highly susceptible to spam. The security company unveiled the results of its first-ever "spam quiz," showing that consumers misjudge whether a Website will keep email addresses private.
New Strain of Stration Worm Targets VML Flaw
Sophos reports that a new version of the Stration worm, called the W32/Stratio-AN worm, is "aggressively" spreading via email systems.
Let Us Spam You, Please
One of the e-commerce buzz phrases is "permission based marketing," and spammers are latching on to the concept in a sneaky way. In a ploy to collect email addresses, this band of spammers offers a Steve Irwin video tribute. Price of admission: your email address and an agreement to let them spam you.
ID Theft Task Force Nearer To Resolution
President Bush's Identity Theft Task Force, formed by Executive Order in May of this year, announced the unit's interim recommendations for cracking down on the problem. The final plan will be presented to the President in November.
EMC Secures Storage Through RSA, Network Intel
EMC Corp. finalized a pair of acquisitions last week, a shopping spree that adds RSA Security and Network Intelligence to its subsidiary list, as well as both companies' information security capabilities.
Elite Torrents Pirate Convicted
A Pennsylvania man pleaded guilty in federal court to copyright infringement charges for his involvement with the peer-to-peer site Elite Torrent, a service that made Star Wars Episode III: Revenge of the Sith available for download six hours before its theatrical release.
Spammers Invoke "Research Project" For Email Addies
Sophos reports a new tactic being used by spammers to harvest email addresses. The scam begins with an email asking for recipients to forward email chain letters to the sender as part of an email chain letter study.
Phishers Target Barclays Clients
Panda Software has issued an "orange alert" warning against a large scale phishing attack targeting clients of Barclays Bank's online services, with at least 61 variants of a spoof email. The company estimates that the number of emails in circulation is several million.
Software Pirate Downloads Seven Years
The owner of a "massive" software piracy site was sentenced in federal court on Friday to 87 months in prison, following prosecution by the U.S. Department of Justice.
Spammers Promise Nude Gambling
It's not that it's not interesting, it's just illegal. Australian security firm Sophos is sending out the warning of online casinos spamming inboxes with promises of live nude dealers.
Dozens of Vulnerabilities in Firefox?
Security software company Klocwork's Adam Harrison claims to have uncovered 655 defects and 71 potential security vulnerabilities in Mozilla's Firefox web browser. A Mozilla developer fired back, calling the analysis bogus.
Symantec Opens Vault Of Compliance Services
Symantec unveiled its Enterprise Vault Discovery Accelerator 6.0 (EVDA), an extension of the company's Vault e-mail and file archiving software. The company says the product was updated for compliance with e-discovery requirements as dictated by the Federal Rules of Civil Procedure (FRCP). The new rules are scheduled to take effect in December.
Spammers Enlist Subliminal Messaging
The spam includes an embedded multi-framed GIF graphic, which is new technique used to bypass spam filters, recommending recipients buy stock in a company called Trimax. Every 15 seconds, the word BUY!!! flashes briefly (but not really briefly enough to be intended for the subconscious level).
Pump-And-Dump Spam Invites Companies to Join Up
A new spamscam is making the rounds inviting recipients into organized crime. Sophos calls it a "pump-and-dump" stock spam campaign offering the chance, for a percentage fee, to manipulate stock prices.
You Don't Know Where That Girl's Been
Vicky Willington, a newly arrived college student, is looking to hook up while in Australia, and is marketing herself via email. A word to the gullible, Internet romance doesn't work that way, and Vicky has a much different Trojan in mind.
New Zombie King Gets 3 Years
The latest "zombie king," or botnet hacker succeeding the jailed zombie king before him, was sentenced to three years in prison by a US District judge in California.
AOL 9.0 Labeled As Badware
You'd think AOL'd be doing everything in its power to ensure its reputation doesn't take any more damage. If you had thought that, you were wrong. An investigation into the company's latest free software offering, AOL 9.0, has it labeled as "badware" for a laundry list of anti-user behavior.
iPod Email Is Trojan Horse
Security company Sophos sent out the warning this morning of a Trojan virus accompanying email spam claiming to have charged recipients' accounts for an iPod.
Students Expose Themselves On Education Site
During what it called a routine software upgrade, the U.S. Department of Education said a glitch may have exposed the personal information of some 21,000 students looking to make payments on their student loans.
College Students ID Theft Targets
The National Crime Prevention Council (NCPC) is warning college students that credit card companies aren't the only ones looking to take advantage of post-adolescent ignorance and irresponsibility. They should also be on the look out for identity thieves on campus.
Pirate Gets Six Years; DOJ Gets His Stuff
A software pirate received one of the longest sentences ever imposed for piracy in the United States, and got community service to boot. Of course, the only thing the Department of Justice hates more than theft, is flaunting your score.
Phishers Want To Be Your iFriend
SophosLabs is warning Web surfers that email phishers have added adult web cam users to their usual target of online bankers.
UK Teen Gets Grounded For Spamming
A 19-year-old revenge spammer was sent to his room for two whole months by a British court this week. David Lennon will be monitored via an electronic monitoring device while under curfew, or risk a stiffer sentence - like taking his Xbox and TV away.
Sophos Releases Free Anti-Rootkit Tool
Sophos announced this week the availability of free downloadable rootkit detection and removal software. The program also warns if removal of certain rootkits will negatively impact the infected PC. The offering is intended for use on Windows NT/2000/XP/2003 operating systems.
DOJ To Launch Online Predator PSA Campaign
The US Department of Justice, headed by Attorney General Alberto Gonzales, announced this week it will launch a campaign aimed at educating teen girls about the dangers of online predators.
Judge Rules Wiretapping Prog. Unconstitutional
A federal judge ruled the Bush Administration's wiretapping policy unconstitutional on Thursday, as a violation of free speech, privacy, and provisions for separation of powers as listed in the Constitution.
Parents Take Responsibility For Kid Safety Online
The vast majority of parents polled believe responsibility for ensuring kids' Internet safety rests with themselves and schools, but not the government. The poll, commissioned by Cable in the Classroom and conducted by Harris Interactive, was released at the Back-to-School Media Briefing held at the New York City Public Library.
BlackBerry Hack Attack Scheduled For Next Week
Secure Computing Corporation issued a warning that organizations that have installed their BlackBerry server behind their gateway security devices could be subject to a hacking attack when security researcher Jesse D'Aguanno is scheduled to release the code for his BlackBerry hack next week.
AOL Offers Free Anti-Virus Download
Amid the drama associated with AOL's accidentally-intentional release of hundreds of thousands of users' search histories, the nearly simultaneous release of the company's free anti-virus offering may have been overlooked.
Netscape Responds To Hacker's Claims
The hacker that cracked Netscape's cross-site scripting (XSS) vulnerability and used it to deface the company's answer to Digg.com maintains that he tried incessantly to contact Netscape about the problem to warn them before hand. Netscape thinks he didn't try hard enough.
Did Netscape Ignore XSS Flaw?
Hackers claim to live by codes. No matter what people think of "D," who hacked the new Digg-style Netscape, he insists it was done for good, not evil. Besides, says D, they had it coming. He gave them ample warning about their security problem.
Microsoft Finishes Swallowing Whale
Microsoft announced that its acquisition of Whale Communications Ltd. is complete and will offer a discount immediately on incorporated Whale products. This includes Whale Intelligent Application Gateway, Connectivity Modules and Application Optimizers.
Netscape Hacked, Professor Denies Sexiness Claims
Some apparent Digg.com fans hacked into Netscape.com using a Cross Site Scripting vulnerability (XSS), creating snarky popup messages directing Netscapers to go elsewhere.
Symantec Warns VARs About Limiting Prospects
The sales team at Symantec, taking a hard look at opportunities within the value added reseller (VAR) market, indicated that its security partners need to be more aggressive in looking for opportunities to expand their offerings.
FBI Wants To Tap Your Internet
Were you aware that American citizens had elected the FBI to Congress? Did you know the FBI could draft legislation? Apparently the law enforcement agency can and has produced a bill that will expand wiretapping initiatives to Internet service providers and network builders in order to make it easier to eaves drop.
Watchdogs Join Up To Fight ID Theft
Identity theft prevention company LifeLock has joined forces with the National Crime Prevention Center (NCPC) to raise awareness of and promote the prevention of ID theft through the United States.
Data Security Replacing Malware as Top Concern
Guarding sensitive data has become top priority among IT professionals, replacing concerns about malware, according to a recent study sponsored by Apani Networks.
AOL Releases PC Security Babysitter
AOL has released a free downloadable program that checks the status of a computer's security programs, like anti-virus, firewall, and spyware protection, to see if they are up to date. Called Active Security Monitor, the program assigns a "security score" to PCs scanned and suggests a course of action.
Google Pharmacy Email A Fake
Imagine a Google logo, the O's replaced with little blue pills. If you received an email promoting the new Google Pharmacy, delete it right away. It's an attempt to phish through your pockets in a few different ways.
VoIP Hacker Raises Security Concerns
A man who operated an intricate scam to hack Internet VoIP services and resell the connections made at least one major mistake; he flaunted his riches in the state/country in which he orchestrated it.
|
|
RSS
Archive
Contact Us
Advertise
