Browsing Category: Malware

[img_assist|nid=1870|title=|desc=|link=none|align=right|width=115|height=115]The Federal Trade Commission has charged those behind the shady online
check service Qchex with contempt, and wants daily fines imposed on
them until they give up the ghost. The group has launched a new site—a
Qchex clone—with the same questionable policies that made Qchex a
“dinner bell for fraudsters.” This has left the FTC fuming, and it
wants the site’s operators to quit helping criminals rip people off—now. Read the full article. [Ars Technica] Read the FTC complaint. 

Read more...

[img_assist|nid=880|title=|desc=|link=none|align=left|width=115|height=115]Online,
the biggest battle these days is against botnets: networks of infected
computers which hackers can use — unbeknownst to the machine’s owner
— for online crimes including sending out spam or launching a denial
of service attack. The black-hat techniques
employed to snare users into a botnet web have evolved to a level that
makes them often undetectable by even the most sophisticated security
products. Combine that with a lack of user knowledge, and the threat of
infection becomes very high. Read the full article. [CSOonline.com]

Read more...

[img_assist|nid=1853|title=|desc=|link=none|align=left|width=115|height=115]Under Fedora 12, users are able to install software from repositories without being prompted for root password. The undocumented change in Fedora 12 has caused consternation amongst Fedora users. The change is part of PolicyKit’s policy for desktop users and was made to make the system easier for desktop users. Read the full article. [The H Security] 

Read more...

[img_assist|nid=1848|title=|desc=|link=none|align=right|width=115|height=115]Health Net Inc. announced Wednesday that it is investigating a
healthcare data security breach that resulted in the loss of patient
data, affecting 1.5 million customers. The healthcare provider
said the lost files, a mixture of medical data, Social Security numbers
and other personally identifiable information, were collected over the
past seven years and contained on a portable external hard drive. The company said the healthcare data was not
encrypted, but was formatted as images and required a specific software
application to be viewed. Read the full article. [TechTarget]

Read more...

[img_assist|nid=1849|title=|desc=|link=none|align=left|width=115|height=115]If the multibillion-dollar e-mail security industry has been built to
prevent information from seeping out through personal communication,
how is social networking in the workplace still going unchecked? After
all, consumer social apps such as Facebook and Twitter provide the same
information-leakage threat as unsecured, personal e-mail–possibly
more, thanks to the viral impact of broadcasting news tidbits to one’s
network of friends in real-time. Read the full article. [Forbes]

Read more...

[img_assist|nid=1846|title=|desc=|link=none|align=right|width=115|height=115]Hackers could one day turn
ordinary smart phones into “rogue” devices to attack major wireless
networks, Research In Motion’s security chief warned. Scott Totzke, RIM’s vice-president of BlackBerry security, said
hackers could use smart phones to target wireless carriers using a
technique similar to one used in assaults that slowed Internet traffic
in the United States and South Korea in July. Read the full article. [The Globe and Mail]

Read more...

[img_assist|nid=1837|title=|desc=|link=none|align=right|width=115|height=115]Authorities in the U.K. have arrested two people in connection with using a notorious Trojan in a scheme to steal online banking information. The man and the woman, both 20, were arrested by the Metropolitan Police Service in Manchester, according to police. The duo is accused of using the Zeus Trojan, also known as Zbot, in a plot to steal information. It is believed the Trojan was configured to record victim’s online bank account information and passwords, as well as credit card numbers and other information. Read the full article. [eWEEK]

Read more...

[img_assist|nid=1829|title=|desc=|link=none|align=right|width=115|height=115]An email which purports to
relate to a recent Apple retail transaction and asks for details of any
recent orders is out there. The email also carries a stuffed file.
This contains an ‘exe’ file which will only launch on a Windows machine. The email reads: “We recorded a payment request from ‘Apple Inc.’ to
enable the charge of $7,548.45 on your account.” Read the full article. [9to5Mac]

Read more...

[img_assist|nid=1821|title=|desc=|link=none|align=right|width=115|height=115]Mozilla will add a new lockdown feature to
Firefox 3.6 that will prevent developers from sneaking add-ons into the
program, the company said. The new feature, which Mozilla dubbed “component directory
lockdown,” will bar access to Firefox’s “components” directory, where
most of the browser’s own code is stored. The company has billed the
move as a way to boost the stability of its browser. Read the full article. [Computerworld]

Read more...

Categories: Malware, Vulnerabilities

[img_assist|nid=1814|title=|desc=|link=none|align=right|width=115|height=115]Kaspersky Lab malware analyst Vyacheslav Zakorzhevsky has written an in-depth article describing the scareware (fake anti-virus) epidemic.  The article touches on the common distribution techniques, the tricks used to scare users into paying fraudsters for a removal tool and the way code generators are being used to create these malicious programs.  It also provides some infection statistics and some practical protection advice.  Read the full article [viruslist.com]

Read more...