Browsing Category: Malware

Categories: Malware

Security researchers are starting to sound the alarm [avertlabs.com] for e-mail scams related to news stories on the Swine Flu.
According to a notice from US-CERT, the attacks arrive via an unsolicited email message typically containing a subject line related to the Swine Flu. These email messages may contain a link or an attachment. If users click on this link or open the attachment, they may be directed to a phishing website or exposed to malicious code. Read the full advisory [us-cert.gov] for protection advice.

Read more...

Categories: Malware

From ZDNet (Dancho Danchev)
In a recent blog post, the Cyber Secure Institute claims that based on their previous studies into the average cost of suck malware attacks, the economic loss due to the Conficker worm could be as high as $9.1 billion.
Despite that their analysis also considered a much limited infection rate (200,000 infected hosts), they claim that the cost of the virus in this case is still around $200 million. Read the full story [zdnet.com]

Read more...

Categories: Malware

The interdependencies and interconnections of the networks that run the country’s critical infrastructure assets such as water, power and gas have created a dangerously fragile system in which security is just now becoming a priority, experts say. For years the priorities for these networks have been safety, compliance and reliability, while security has only become a factor very recently, a panel of security officers from telecom and utility operators said at the RSA Conference on Thursday.

Read more...

Categories: Malware

From Wired.com (Kim Zetter)

Attackers are becoming more and more organized and efficient in their information-stealing efforts and are using tactics gleaned from security professionals to get better at what they do. In a panel discussion at the RSA Conference, Joe Stewart of SecureWorks said the the trend toward organized, professional groups of attackers is moving to another level now.

Read more...

Categories: Malware

From The Register (Dan Goodin)

One of Brazil’s biggest banks has suffered an attack that redirected its customers to fraudulent websites that attempted to steal passwords and install malware, according to an unconfirmed report.

According to this Google translation of an article penned in Portuguese, the redirection of Bradesco was the result of what’s known as a cache poisoning attack on Brazilian internet service provider NET Virtua. Read the full story [theregister.co.uk]

Read more...

Categories: Malware

By Andrew Storms

Managing IT for a software company has its challenges.  For me, the lines between efficiency, security and innovation are difficult to draw at a company like nCircle where engineers require some freedom to perform their best.  The panelists at the RSA session “Responding to the ignored threat – Macs in the Enterprise” seemed to face the same kind of problems I do.

Read more...

Categories: Malware, Vulnerabilities

Multiple news outlets [ZDNet, CBC, The Register and Washington Post] are reporting on what appears to be the first malicious botnet made up only of machine’s running Apple’s Mac operating system.
The botnet is directly linked to a previously known Trojan that was embedded into pirated copies of Apple’s iWorks program.  It was being used in the past to launch denial-of-service attacks.  The full analysis of the botnet is available at Virus Bulletin [subscription required]

Read more...

Categories: Malware, Web Security

From The Register (John Leyden)
Scareware scammers are trying to game search engines into promoting crudware sites when a surfer searches for information on Ford cars.

The Ford scareware campaign [pandasecurity.com] features around one million links, all targeting the Ford Motor Company, designed to trick search engines into promoting malicious pages towards the top of search results. Malvertised pages are punting a rogue anti-virus product, called MS AntiSpyware 2009. The malicious application attempts the scare users into buying useless software on the basis of fraudulent scan results that report systems are infected, whether they are or not. Read the full story [theregister.co.uk]

Read more...