My initial post on measuring the effectiveness of enterprise malware defenses generated very helpful feedback, which I’d like to share in this note. Good metrics provide an objective way of understanding the extent to which the measured security controls are working. I proposed a number of metrics that would help the organization to keep an [...]
10 February 2011
The open source security community through the auspices of the Open Information Security Foundation (OISF) http://www.openinfosecfoundation.org have released the beta version of the next generation intrusion prevention system, Meerkat. The Suricata Engine will run on multiple platforms, and will change the paradigm in malware detection. Will Metcalf, the maintainer of the Snort Inline project, today [...]
10 February 2011
Microsoft has issued 12 security bulletins making fixes in Windows, Office and Internet explorer. MS11-003 — Cumulative Security Update for Internet Explorer Critical (Remote Code Execution) Microsoft Windows, Internet Explorer MS11-004 — Vulnerability in Internet Information Services (IIS) FTP Service Could Allow Remote Code Execution Important (Remote Code Execution) Microsoft Windows MS11-005 — Vulnerability in [...]
10 February 2011
This post is actually not as much about hacking facebook – or facebook specifically. It is much more about what can happen when you cannot trust the infrastructure, your connection to the Internet, and the implications. Almost a year ago, a group of researchers discovered a botnet that they named after Chuck Norris. This botnet [...]
10 February 2011
The Criminal Behind the Attack Brian Krebs today posted a story on his excellent blog, “Zeus Attack Spoofs NSA, Targets .gov and .mil” (http://www.krebsonsecurity.com/2010/02/zeus-attack-spoofs-nsa-targets-gov-and-mil/) which discusses an attack in which “a relatively large number of recipients were taken in”. “The messages are spoofed so that they appear to have been sent by the National Intelligence [...]
10 February 2011
Irish job website RecruitIreland.com is currently offline after being hit by hackers who breached their systems, and stole the names and email addresses of 400,000 users. A statement elsewhere on the website says that the authorities have been informed, and that some users have received spam emails claiming to offer a job. Although in reality [...]
10 February 2011
As the role that computer-based systems play in our lives continues to evolve, so do the tactics and strategies of computer attackers. While early data breaches seemed to be mostly motivated by curiosity, fun, fame and poor judgement, modern intrusions are dominated by premeditated financial and, sometimes, political goals. The manner in which attackers execute their campaigns [...]
10 February 2011
System administrators and security experts are focusing on Patch Tuesday every month (also known as Microsoft Black Tuesday or MS Tuesday). This time Microsoft patched many important vulnerabilities, but have they fixed all currently known zero days? Let's find out. This time, on February 8th, Microsoft released 12 security bulletins fixing various vulnerabilities, including three critical ones. Possibly the most important is the [...]
10 February 2011
AntiVira AV is a rogue security product in the FakeSpyPro family that pretends to find malicious code on a victim’s machine in order to frighten him or her into purchasing this useless application. VIPRE detection name: Trojan.Win32.Generic.pak!cobra AntiVira AV graphic interface (Click on graphic to enlarge) How to remove AntiVira AV: If AntiVira AV has [...]
10 February 2011
With the globalization of organized crime via the Internet, increasing numbers of people are being subjected to crime. The resources available to local law enforcement organizations to respond to these crimes is often limited. If you would like to report a crime, the following list may be helpful: Computer Crime & Intellectual Property SectionUnited States [...]
10 February 2011
Adobe has issued patches to fix a number of vulnerabilities in: – Adobe Reader X (10.0) for Windows and Macintosh; – Adobe Reader 9.4.1 (and earlier) for Windows, Macintosh and UNIX – Adobe Acrobat X (10.0) and earlier versions for Windows and Macintosh. The vulnerabilities could crash the applications and enable an intruder to take [...]
09 February 2011
Travelling a lot these days and sometimes I encounter really interesting things. Like this ATM – in Austin, Texas. Would you trust it and insert your debit card in it? I would not – but then, maybe I am just too paranoid (AVG Blogs | Karel Obluk)
09 February 2011
Google has updated its Chrome Web browser and fixed nine of the browser’s security vulnerabilities in the process. The updated Chrome version 9 was rolled out last week, and includes patches for nine defects, including faulty PDF software and secure sockets layer (SSL) libraries that left Chrome open to cyberattack. The Chrome update also addressed [...]
09 February 2011
A new malicious Facebook campaign comes with an extra added bonus — the chance to spread your very own scam. Scams advertising applications such as “Profile Creeps” and “Creeper Tracker” are luring in Facebook users interested in finding out who is viewing their profiles. “I just saw who STALKS me on Facebook! You can see [...]
09 February 2011
I don’t know about you, but I really like taking the new avast! 6.0 features – WebRep, for example — for a test drive. With the beta 6.0 installed, I opened Google.com and quickly typed in “Longhotlegs” to see what would pop up. I even forgot to add the spaces. In my top five results, [...]
09 February 2011
The following is spam or scam message that sent via email or a site/blog comment. If you receive this, just ignore it, and please don’t execute the attachment if any. 1. Do you need a loan or funding for any reason such as a) Personal Loan, Business Expansion, b) Business Start-up, Education, c) Debt Consolidation [...]
09 February 2011
Jeffrey Carr at IntelFusion has an interesting article “Imagine if Russia or China announced a formal policy of using non-state actors in cyber deterrence“ He notes that, “Many other nations in the world community see the U.S. in a more negative way already because 20 of the world’s top 50 worst ISPs for serving malware [...]
09 February 2011
Last month Sophos published its annual threat report, looking back over the biggest security stories of 2010 and ahead to some of the challenges companies may face in protecting their systems in the year ahead. I was lucky enough to do an hour long web seminar with the folks from Dark Reading about the threat [...]
09 February 2011
It’s quite depressing to see that Google still contains numerous links to spam pages which lead to fake AV sites. While there are fewer of them, they are still there. This, despite the fact that attackers have not significantly changed their techniques in many months. They still hijack vulnerable sites and create spam pages with [...]
09 February 2011
Among yesterday’s optional software updates from Microsoft was Update for Windows XP/Vista/non-Windows 7 (KB971029). It’s an “important, non-security update” that restricts “AutoRun entries in the AutoPlay dialog to only CD and DVD drives”. Excellent. This could really help curb AutoRun worms. If you’re using an older Windows computer, we highly recommend you go and apply [...]
09 February 2011
Windows Care Tool is a rogue security product in the Privacy Center family that pretends to find system and registry errors on a victim’s machine in order to frighten him or her into purchasing this useless application. Windows Care Tool graphic interface (Click on graphic to enlarge) Windows Care Tool install screen (Click on graphic [...]
09 February 2011
Everyone is talking about the SpyEye Trojan, the info stealer malware that gained all the attention after the author of ZeuS left the underground market and sold ZeuS sources to the SpyEye team. We already wrote about SpyEye last year, when we focused on the threat claiming that it could potentially become one of the [...]
09 February 2011
Hi folks, As the title says, there are many more interesting things today. Firstly, there’s evidently a Mac version of the Koobface trojan circulating. Readers of this blog will recall that I have often said that Mac is not invulnerable, merely un-targeted. As John Dillinger said when asked “Why do you rob banks?”, he replied, [...]
09 February 2011
http://online.wsj.com/article/SB10001424052702304434404575149792396667322.html?mod=WSJ_newsreel_worldObama Rallies Troops in AfghanistanTrip Caps a String of Successes, Gives the President a ‘Hard Pivot’ from Health Care to Foreign and Domestic Issues BY PETER SPIEGEL AND JONATHAN WEISMAN WASHINGTON—President Barack Obama’s unannounced trip to Afghanistan capped the most eventful week of his presidency, a week that saw victory on his signature domestic initiative, [...]
09 February 2011
