Most small business owners have no clue about the threats they face or
the liability they assume when banking online, even as the frequency
and sophistication of attacks appears to be increasing. Read the full article. [KrebsonSecurity]
In need of a fresh example that cybercriminals are actively looking for ways to monetize infected Mac OS X hosts? Early-stage discussions at several web forums, including a PoC (proof of concept, source code included) Mac OS X blocker as well as potential GUIs for the ransomware, offer an insight into the potential to monetize OS X infected hosts using SMS-based ransomware.
Criminals increasingly attempt to camouflage the traces of their malware on the internet to keep control of a hijacked server for as long as possible. However, their paths can be retraced using special tools to identify the vulnerability the malware intends to exploit to enter a system. Read the full article. [The H Security]
Through 2012, 60 percent of virtualized servers will be less secure
than the physical servers they replace, according to Gartner. Although
they expect this figure to fall to 30 percent by the end of 2015,
analysts warned that many virtualization deployment projects are being
undertaken without involving the information security team in the
initial architecture and planning stages. Read the full article. [Help Net Security]
The latest version of the Zeus do-it-yourself crimeware kit goes to
great lengths to thwart would-be pirates by introducing a
hardware-based product activation scheme similar to what’s found in
Microsoft Windows. Read the full article. [The Register]
In this wide ranging interview, cryptographer, Taher Elgamal, chief
security officer of Axway Inc. and initial driving
force behind SSL, explains how applications may be better adapted to
defend against attacks and how cloud computing may alter data
protection and authentication. Read the full article. [TechTarget]
LifeLock, an Arizona company promising
customers protection from identity theft, has agreed to pay $12 million
to settle charges that the company overstated its benefits and used
“scare tactics” to gain subscribers. Read the full article. [Computerworld]
North Carolina state researchers have modified existing speech authentication computer models and have streamlined the process so that it operates more efficiently. Read the full article. [ScienceDaily]
A Thai court has approved the extradition to the U.S. of a Malaysian
man allegedly involved in hacking credit card information, causing
massive losses for victims in the U.S. Read the full article. [Computerworld]
Cisco has released a number of reports on vulnerabilities in its products. It is possible to disrupt the transfer of voice data in the Unified Communications Manager using crafted SIP, SCCP and CTI packets. Read the full article. [The H Security]
Infosec Insider content is written by a trusted community of Threatpost cybersecurity subject matter experts. Each contribution has a goal of bringing a unique voice to important cybersecurity topics. Content strives to be of the highest quality, objective and non-commercial.
Sponsored Content is paid for by an advertiser. Sponsored content is written and edited by members of our sponsor community. This content creates an opportunity for a sponsor to provide insight and commentary from their point-of-view directly to the Threatpost audience. The Threatpost editorial team does not participate in the writing or editing of Sponsored Content.
