Microsoft Malware Data Shows Trojans Rampant in USA

One week after the release of its Microsoft Security Essentials utility, Microsoft is sharing some very useful data on malware infections globally.In the first week alone, the tool counted four million detections on 535,752 distinct machines, with ID-theft related Trojans sitting atop the detected category in the US. China has lots of potentially unwanted software threats, and worms (particularly Conficker) are very active in Brazil.

Gartner’s Pescatore: Cybersecurity Complacency Everywhere

ZDNet’s Larry Dignan has an interesting report on Gartner security guru John Pescatore providing his 2010 cyberthreat
assessment, noting that not a lot has changed — other than the complacency
levels of companies that are supposed to be protecting your data.

Eugene Kaspersky: My Thoughts on Internet Anonymity

Guest editorial by Eugene KasperskyThere seems to be quite a loud
response to what I thought was a rather simple idea. In this post, I am
going to go over the main points – somewhere when I have more time I’ll
share my ideas in detail so people could see exactly what I am

An ongoing spam campaign is once again attempting to impersonate Microsoft’s security team by mass mailing Conficker.B Infection Alerts that drop a sample of the Antivirus Pro 2010 scareware scam. Here’s a sample of what the text looks like:

Full-disk encryption is often heralded as a panacea to the huge problems of data breaches and laptop thefts, and with good reason. Making the data on a laptop or other device unreadable makes the machine far less attractive or valuable to a thief. However, researchers are showing that this solution has its share of weaknesses, too.

Remember that Microsoft .NET Framework Assistant add-on that Microsoft sneaked into Firefox without explicit permission from end users?
Well, the code in that add-on has a serious code execution vulnerability that exposes Firefox users to the “browse and you’re owned” attacks that are typically used in drive-by malware downloads.

CNet’s Elinor Mills has the scoop on a Comcast trial of a new automated service that will warn broadband customers of possible virus infections, if the computers are behaving as if they have been compromised by malware.

For instance, a significant overnight spike in traffic being sent from a particular Internet Protocol address could signal that a computer is infected with a virus taking control of the system and using it to send spam as part of a botnet.  Read the full story [CNet]  Also see this call by a Google executive for ISPs to take the lead on botnet cleanup.

Secureworks researcher Kevin Stevens has written a must-read article on the Pay-Per-Install business model (PPI) that is used primarily to spread spyware and malware. 
The article discusses the way the affiliate system works, with layers of files and software programs that power the installation of malware on hijacked Windows computers.

Subscribe to our newsletter, Threatpost Today!

Get the latest breaking news delivered daily to your inbox.