- 31 August 2007 -
Wireless technology is a growing concern for most companies, according to an international survey.
The study was carried out by Cisco, which polled 700 decision makers in the U.S., the U.K., Germany, China, India, South Korea, and Singapore on their spending plans in the next year. Three quarters of respondents said that security spending was going to rise because of wireless and mobile technology, with half figuring this as a rise of 10 percent, and a further 10 percent predicting a dizzying 20 percent rise in costs.
It appears that the use of wireless technology has evolved according to the rapacious need for connectivity, with security being an afterthought. Companies now face a period of catch-up. "Many mobile employees say they access unauthorized wireless networks in public places and in their neighborhoods. Many say they don't encrypt data on their wireless devices or set passwords to prevent physical access to their information", the report says.
Increased use of mobile and wireless devices adds up to more chance of loss and theft, with 25 percent of respondents in the U.S. saying their budget would have to increase to replace such losses.
(Source: Computerworld)
- 30 August 2007 -
So far instant messaging (IM) networks, such as those of MSN and Yahoo, have suffered 38 attacks in August.
According to a recent report, the number of malicious code attacks on instant messaging networks has already doubled since July. IM worms with such bizarre names as Delf, Mimbot, MSNHorm and MSNPoopy have emerged this month, proving that IM networks are becoming a popular vehicle for hackers to attempt to break into corporate networks.
Instant-messaging threats work much like e-mail ones, where malware is launched when the recipient clicks on a link or a download option included in the message. Many corporations still don't secure IM traffic, and the networks (like MSN, Yahoo and AOL) can be joined easily by employees. Experts warn that such companies open themselves up to threats.
(Source: Network World)
- 28 August 2007 - According to a magazine report, Chinese hackers attacked German government computers. China promised to investigate.
Chinese premier Wen Jiabao described reports of Chinese hackers breaking into German computers as a matter of "grave concern" and said that his country will cooperate with Germany to resolve the matter. Jiabao's comments, made during a press conference with German Chancellor Angela Merkel in Beijing, were prompted by a report published in the German news magazine Der Spiegel claiming that Chinese hackers had been able to infect German government computers with spyware.
Merkel said that for Chinese relations with industrialized countries to move ahead, everyone needs to "respect a set of game rules" and "protect intellectual property rights."
Security experts from Germany's Federal Office for Information Security (BSI) and Federal Data Protection Office discovered Trojan horse programs in computers used in several ministries, including the Foreign Ministry, the Ministry of Economics and the Research and Development Ministry, as well as Merkel's office, the report said. Although the first Trojan horse software was detected in May, there are continued attempts to sneak spyware into government computers, according to Der Spiegel.
A spokesman at the Federal Ministry of the Interior, while declining to comment on the magazine story specifically, said, "We are making a huge effort to ensure that government systems remain protected from outside attacks. So far, we've been able to avoid any damage."
(Source: Network World)
- 27 August 2007 - For 19 hours over the weekend, Microsoft's validation system did not recognize legitimate copies of Vista and XP
Microsoft has blamed an unspecified server problem for a 19-hour stretch during which paying users of Windows XP and Vista were accused by the company's "Windows Genuine Advantage" validation system of running pirated software. Although copies of both Windows XP and Vista were being tagged as counterfeit during the meltdown, users of the latter were especially incandescent. The WGA anti-piracy scheme for that OS disables several features when it thinks the copy is bogus, among them the Aero graphical user interface and ReadyBoost.
"Customers who received an incorrect validation response can fix their system by revalidating on our site," wrote Alex Kochis, senior product manager of Windows Genuine Advantage (WGA) in a blog posting. The site Kochis referred to is the Genuine Microsoft Software home page, which includes links to validation tests for Windows and Microsoft Office. "After successfully revalidating any affected system should be rebooted to ensure the genuine-only features are restored," Kochis continued.
(Source: Computerworld)
- 25 August 2007 - At many European SMEs, IT managers believe that employees are responsible for most security breaches.
Nearly a third of IT managers at European medium and small enterprises (SMEs) rated "employee behaviour" as the leading cause of job frustration when it comes to implementing and maintaining IT security, according to a new survey. The study analyses data obtained from 750 IT managers and employees at companies with 100-250 employees in the UK, Germany, France, Italy and The Netherlands.
The vast majority (71%) of the IT managers felt that all companies should have equal levels of protection irrespective of their size. Still, just under half of the respondents use web filtering software, and 16% admitted to having no internet usage policy at all, saying that trust in their employees was sufficient to prevent abuse.
On the other hand, employees acknowledged that they spend an average of 2.5 hours a week surfing the web for pleasure, and two-thirds trust their company to protect them from internet-based security threats. Only 31% of employees who have used a personal credit card at work have questioned the IT department about whether their PC is protected against identity theft.
(Source: VNUnet.com)
- 23 August 2007 - Job hunting service Monster.com shut down the server, which stored personal data stolen in a massive attack.
Hundreds of thousands of people who posted their resumes on online job hunting service Monster.com lost their personal data, including names, addresses, phone numbers, and e-mail addresses, to hackers. The large amount of data collected in the attack was discovered a few days ago. Now Monster reached out to shut down a rogue server, which had been used to gather the personal details of job seekers.
Hackers obtained the log-in credentials for companies seeking employees and used the credentials to access Monster.com's database of job seekers. An automated Trojan then transmitted the personal information to the rogue server. In a multi-step attack, the job-seekers were then sent e-mails with links to at least two kinds of malicious software. One tries to collect log-in details for financial sites, and the other is designed to encrypt data on a PC, asking for a ransom to decode the data.
The Monster incident is one of a growing number of prominent data breaches highlighting continuing difficulties with internet security. The company said it will contact the people believed to have been affected by the attacks. It also posted an example of what a phishing e-mail looks like on its web site.
(Source: InfoWorld)
- 22 August 2007 - Back-to-school time is a perfect opportunity for hackers, warn experts
Following the recent, already dramatic rise of spam levels, researchers are forecasting a 40% surge in junk email during September as spammers target students returning after the summer break.
Hackers often target back-to-school students, many of whom will unwittingly bring in laptops already infected with malware which will spread when they connect to communal networks. Experts warn that, due to the typically careless surfing habits of students, lots of their machines get back to campus as botnet members.
In addition, a range of new types of spam have started to circulate in recent months as spammers try to find ways to circumvent filters. Many spammers now embed messages into various document formats including PDFs, Word and Excel files. There has also been a significant rise in e-card spam, where users receive an email containing a link to an e-card purporting to come from a friend or family member.
(Source: VNUnet.com)
- 18 August 2007 -
Yahoo Messenger bug confirmed
The company is working on a fix for the problem which allows remote code execution.
First it surfaced on a Chinese language security forum, then it was confirmed by researchers: There is a serious vulnerability in the most recent version of the Yahoo chat client. Relying on a heap overflow, it allows bad guys to own a machine simply by getting an unsuspecting Joe to accept a webcam invite.
The vulnerability is reminiscent of another bug Yahoo squashed in June that also allowed the remote execution of code on machines using the chat client. That flaw resided in the program's ActiveX control.
A Yahoo representative confirmed the vulnerability and said company software developers are scrambling to fix it.
In the meantime, Yahoo Messenger users may want to block outgoing traffic on port 5100. And whatever you do, resist the temptation to accept invitations from people confessing to be lonely women out for a little webcam fun.
(Source: The Register)
- 16 August 2007 - PDF spam leads the charge into inboxes, and may set a new record
Reports from spam watchers are bordering on the hysterical as new data emerges daily regarding just how bad the spam epidemic has become. A group of experts detected 17% more spam on Thursday, August 16 than the previous day. PDF spam, the latest trick, is leading the charge and is destined to become this year's version of image spam that fooled filters and clogged inboxes for a good part of 2006.
According to estimates, spam currently accounts for 88% of all e-mail traffic and PDF spam makes up 11% of that figure. With current spam levels close to the all-time high of 90%, experts predict that that record will be matched or broken in the next 30 days.
After a few years of spam volumes on the decline, e-mail users were hit with a sharp rise in spam last fall, when spammers figured out that by embedding text inside an image file they could fool content filters. At the same time there was a significant rise in spammers' use of botnets. Those tricks combined accounted for as much as an 80% rise in spam levels last October. Now, as antispam filters have been updated to catch image spam, spammers have moved on.
As spammers come up with one new trick after the next, some question whether scanning an e-mail message's content is still an effective way of detecting unwanted messages. For them, a better way would be to consider the source of the message - the IP address of the mail server attempting to deliver it.
(Source: Network World)
- 14 August 2007 - Malware authors are targeting parked domains to create a wider network of zombie machines.
Experts discovered nearly 130 domains parked at NameDrive pointed to a fake "ad server", which, in fact, was serving Trojan downloader malware. Most infected ads were detected on .de and .nl domains.
NameDrive, one of the top 200 websites in the world, offers a service that allows domain owners to park inactive domains. Targeted ads are placed on these parked domains, allowing owners to rake in a percentage whenever visitors click on the ads. Delivering malware via an infected ad or compromised ad server is not new, but using parked domains represents an evolution in this tactic.
(Source: The Register)
- 10 August 2007 -
Microsoft to release 9 patches
Microsoft plans to issue nine security updates on Tuesday, August 14, affecting Windows, Office, IE, Virtual PC and XML Core Services.
Windows, including Vista will be among the software being updated according to the advance notification the software maker published on its TechNet site. Other fixes will target security holes in Office, Internet Explorer, Visual Basic, Virtual PC and Virtual Server.
Six of the updates will address critical vulnerabilities attackers could exploit remotely to run malicious code on targeted machines. The remaining three updates have been termed "important".
The software giant will also release several non-security, high-priority updates on Microsoft Update (MU) and Windows Server Update Services (WSUS); and two non-security, high-priority updates for Windows on Windows Update (WU) and Software Update Services (SUS). And, as it does every month, the company will update its malicious software removal tool.
Resources:
> Microsoft Security Bulletin Advance Notification for August 2007
(Source: Microsoft, SearchSecurity.com)
- 09 August 2007 -
Vulnerabilities in Cisco IOS, CUCM
The bugs could allow, among others, remote code execution.
Cisco issued four security advisories for multiple vulnerabilities. The flaws affect the company's Internetwork Operating System (IOS) and the Cisco Unified Communications Manager (CUCM). IOS is used on most of the vendor's routers and network switches, while CUCM is a call processing component in Cisco's IP telephony solution.
Experts warned that the bugs could enable an attacker to overwrite or retrieve arbitrary files, cause a denial-of-service (DoS) condition, or remotely execute arbitrary code on an affected system. Therefore, anyone doing VoIP with Cisco hardware should take care of the flaws as soon as possible. Researchers have even found publicly available exploit code for one of the vulnerabilities.
(Source: InformationWeek)
- 07 August 2007 -
Billions of dollars to phishers
A million US victims lost billions of dollars to phishing scams in the past 2 years.
According to Consumer Reports' latest State of the Net survey, American consumers lost more than billion over the last two years to viruses, spyware, and phishing scams. Additionally, the study shows that consumers face a one in four chance of succumbing to an online threat, a number that has slightly decreased since last year. The number of consumers responding to email phishing scams has remained constant at eight per cent. Their loss is estimated at billions of dollars during the past two years.
Researchers warn that many underage youngsters are at risk on social networks such as MySpace and Facebook. In households surveyed with minors online, 13 per cent of the children registered on MySpace were younger than 14, the minimum age the site officially allows, and three per cent were under 10. And those were just the ones the parents knew about.
Based on te poll conducted among 2,000 US households with internet access, Consumer Reports projects that problems caused by viruses and spyware resulted in damages of at least billion over the past two years. Virus infections prompted an estimated 1.8 million households to replace their computers in the past two years. 850,000 households replaced their computers due to spyware infections in the past six months.
Additionally, 33 per cent of survey respondents did not use software to block or remove spyware. Researchers estimate that 3.7 million US households with broadband remain unprotected by a firewall.
(Source: VNUnet)
- 03 August 2007 - A troublesome milestone rests on the horizon, as McAfee expects to record the 300,000th unique piece of malware very soon.
Worms, viruses, and Trojans, oh my.
The number of malicious pieces of software floating around the Internet has escalated over the years. Security firm McAfee said in 2000 they had detected over 50,000 items.
That number grew to 100,000 in 2003, then to 200,000 in August 2006. Criminals have continued developing and releasing malware at faster rates. McAfee now estimates malware number 300,000 will hit its books soon.
"Bots, adware, spyware and other attacks make up an over $100 billion global market for cybercrime - surpassing drug trafficking as a global issue from a monetary perspective," said Dave Marcus, security research and communications manager for McAfee Avert Labs.
He has also called for new policy in online security legislation in the United States. It's a well-meaning point of view, but doesn't address the real problem children when it comes to malware for espionage (China) or profit (Russia). Criminal attackers in those countries reside outside our reach.
I asked Marcus about this, and he said, "it's imperative for the United States to continue to build upon our existing legislation to curb the alarming trends of malware and spam." That's fine for the US, but it isn't going to put an end to Russian spamming rings.
As far as China goes, the excitement over that country's bust of a major software counterfeiting ring should be tempered a little. Microsoft now sells Windows in China, official copies of it, for $3. Yes, three dollars, for copies of XP aimed at the Chinese education market.
We have to wonder if this bust even takes place if Microsoft weren't giving up a massive amount of revenue in software sales. The timing of the investigation, which took place over several months leading to the bust, parallels Microsoft's operating system price cutting in China.
Our laws seem to be functional againsts cybercrime, and if legislators can tighten any potential loopholes against criminal spammers we're all in favor of that. But much of the problem rests outside US borders, and until that's addressed we can expect to see McAfee's malware count continue to rise.
Source : securitypronews.com
- >> July 2007 Updates >>
- >> June 2007 Updates >>
- >> May 2007 Updates >>
|
More Quick Links