Browsing Category: Malware

The latest MySpace attac[img_assist|nid=1616|title=|desc=|link=none|align=left|width=115|height=115]k tries to lure recipients into giving up their
MySpace credentials, and then attempts to trick victims into installing
password-stealing malicious software. Attackers began blasting out the junk e-mails early Monday, according to researchers at the University of Alabama, Birmingham, Researchers at the school so far have tracked more than 30 Web site names associated with this attack, each beginning with “accounts.myspace.com” and ending in a United Kingdom country code domain (.uk). Read the full article. [Washington Post] 

Read more...

Categories: Malware

[img_assist|nid=1598|title=|desc=|link=none|align=right|width=100|height=100]Arbor Networks researcher Jose Nazario has spotted a malicious Google AppEngine application being used to control a botnet of infected computers. The Google App Engine is feeding URLs to the zombies (hijacked machines) for them to download, Nazario explained.  Read the full blog post [arbornetworks.com]

Read more...

Categories: Malware

The botnet problem has reached epidemic levels in recent months, with the continued growth of large-scale botnets, as well as the identification of smaller, more targeted networks around the world. But researchers have been taking steps to disrupt botnets of late, with some notable successes, as the recent takedown of the Mega-D botnet shows.

Read more...

Categories: Compliance, Malware

[img_assist|nid=1582|title=|desc=|link=none|align=right|width=115|height=115]Upping its output of spam by nearly 5 percent
in recent weeks, a new botnet called Festi has grabbed the attention of
researchers, cracking the list of top 10 most prolific spamming botnets. The botnet has apparently pumped up the volume
of spam by recruiting more bots, about 60 percent of which are in Asia,
18 percent in Europe, and 9 percent in North America. Read the full article. [Dark Reading]

Read more...

Categories: Malware

A simple, yet effective, worm is now circulating o[img_assist|nid=1577|title=|desc=|link=none|align=left|width=115|height=115]n some jailbroken iPhones, changing settings on the phones and terminating some services. The worm, which was discovered Sunday, doesn’t appear to be too malicious, but is an indicator of what might lie ahead for owners of iPhones and other smartphones.

Read more...

Categories: Malware, Vulnerabilities

In[img_assist|nid=1568|title=|desc=|link=none|align=left|width=115|height=115] the year since the shutdown of notorious Web hosting firm McColo, spammers are growing strong. Part of this is the result of improvements by botnet operators. Like anyone who is successful what they do, the people controlling the most powerful botnets in cyber-space learn from their mistakes. Security researchers discussed how.

Read more...

Categories: Malware, Vulnerabilities

[img_assist|nid=1550|title=|desc=|link=none|align=right|width=115|height=115]Facebook and MySpace have fixed errors that could have allowed data to be given out from its subdomains. A Dutch developer, Yvo Schaap, discovered the flaw and wrote on his blog: “A “more invasive and hidden exploit could harvest all the user’s
personal photos, data and messages to a central server without any
trace, and there is no reason why this wouldn’t be happening already
with both Facebook and MySpace data.” Read the full article. [Computerworld]

Read more...

A flaw i[img_assist|nid=1533|title=|desc=|link=none|align=left|width=115|height=138]n the SSL protocol that could affect company networks, hosting environments and key machines has security researchers scrambling. The flaw, which requires a hack in to a network to launch, has devastating consequences and implications on database and mail servers. Discovered in August by PhoneFactor, the researchers have been working with ICASI to make an industry-wide fix, which is called “Project Mogul.” Researchers Chris Paget and HD Moore are helping to expose the flaw. Read the full article. [Computerworld]

Read more...

The FBI reports it has seen a rise of malware over the past few months targeting small and medium businesses and municipal government entities and school districts. Once a malicious attachment or link is opened, keylogging tactics obtain bank acco[img_assist|nid=1530|title=|desc=|link=none|align=right|width=115|height=115]unt info where criminals then initiate wire transfers or Automated Clearinghouse Transfers (ACH). The report also cites that in some cases individuals have been recruited to unknowingly help criminals with “work at home” jobs that tell them they will be working on sending these fraudulent funds transfers by Western Union or Moneygram. FBI has links to US CERT for help. Read the statement. [FBI]

Read more...