While much of the computer security world, as well as this blog right here, focuses primarily on threats against computers and networks, Mikko Hypponen, director of antivirus research for Helsinki-based F-Secure Corp., directs his attention at malware and virus exploits directed at cell phones.

In this interview at Information Security, Mikko mentions that although the threats are still relatively small, they are growing. And one would imagine that if just the right wireless virus was created, it could possibly spread like wildfire.

So far, most of the problems have occurred with cell phones in Europe and Southeast Asia. Also, none of the malware created to this point actually does all that much damage. Mikko concludes that must of the cell phone hacks have been pulled off by what he calls “hobbyists” who have limited skills and resources.

Cabir and Commwarrier are the worms that have infected the most cell phonesmostly because they can spread using Bluetooth or MMS. And while many thought the mobile phones running Windows would be most effected, in fact it’s Symbian OS-based devices, especially the Symbian Series 60 Second edition, that are most affected.

The good news is bot nets have not yet shown up on mobile phones. But that’s not to say they never will, as cell phone’s increasing power and speed make it all that much more likely. Also, I have heard from many friends in Europe that text message spam has grown into quite a nuisance.

Here’s what Hypponen had to say about how one type of mobile malware spreads: "SymbOS.Cardtrap installs Windows malware on the infected phone's memory card. It tries to fool users into investigating the phone problems with a PC and a memory card reader, making it possible for Windows malware to spread."

To keep your cell phone from going wild simply requires common sense. Said Hypponene, “install security software both to your PC as well as to your smart phones. Don't accept or install any software from untrusted sources. Don't swap memory cards between phones. Keep your Bluetooth in hidden mode to prevent unwanted interruptions. I'd like to emphasize that the solution is not to avoid smart phones. We have tons of Windows malware, too, and people still seem to be happily buying PCs.”

Tags: Cell Phone, Malware, Viruses

Posted by pschooff in Better Protection | Permalink | Comments (0) | TrackBacks (0)

Apple released 31 patches yesterday for exploitable flaws in the Mac OS X operating system. The free updates can be downloaded using OS X’s software update feature, or directly from Apple.

Brain Kreb’s Security Fix reported that the first patch corrects a flaw found in the wireless cards on certain Mac systems which HD Moore, a researcher, first uncovered earlier this month, and which attackers can use to install malware. Apple said the vulnerability is present in eMac, iBook, iMac, PowerBook G3, PowerBook G4, and Power Mac G4 systems equipped with an original AirPort card; systems with the AirPort Extreme card are not affected.

The remainder of the patches correct easily exploitable flaws, such as malware that can be installed when a computer simply visits a specific website. Other flaws corrected include a fix for ClamAV, which is an antivirus program used by OS X, as well as a whole hacker’s dozen of vulnerabilities with how OS X unzips compressed files.

Tags: Apple, OS X Patches

Posted by pschooff in Apple • Patches | Permalink | Comments (0) | TrackBacks (0)

Using the argument that phishing is damaging Microsoft’s image, the company has started fighting phishing in court. A report at ARS Technica says that Microsoft has filed 129 lawsuits against phishers across Europe and the Middle East.

As most of the defendants in these suits are young, mostly teenagers, Microsoft has proved willing to settle for payments between 1,000 to 2,000 euros (and I bet they keep pretty close tabs on them thereafter). But a recent criminal suit involving phishing did send a Turkish man to prison for two and half years. Other criminal suits have been filed in Germany and France and Britain.

This represents a new front in the attack on phishing for Microsoft, which so far has mostly centered on improving the Internet Explorer phishing filter (which some have declared all but useless in stopping phishing). The first lawsuit against phishing was filed by the FTC in January of 2004 against a California teen. The teen was banished from sending spam for life and fined $3,500 Dollars.

Tags: Microsoft, Phishing

Posted by pschooff in Microsoft • Phishing | Permalink | Comments (0) | TrackBacks (0)

While many expect Moore’s law, which states that data storage will double every 18 months, to hold fast for another couple of decades or so, there is no law that tells you what to do with your old and inadequate storage. And as this report from SearchSecurity indicates, when firms hire companies to upgrade their computers, they often have no idea what’s being done with the old storage devices.

Simon L. Garfinkel, a computer forensics expert and postdoc fellow at the Center for Research on Computation and Society at Harvard University, recommends physical destruction, which makes accessing the information impossible. After an extensive investigation, Garfinkel found a wealth of hard drives with volumes of sensitive information intact. Many hard drives are repurposed or sold, and some even end up on Ebay.

"Since 1998, I have purchased 1,000-plus hard drives on the secondary market and had them delivered by FedEx," Garfinkel said. Still on the hard drives he found thousands of credit-card numbers, financial records, medical information, trade secrets and other highly personal information. "You name it, we found it," Garfinkel said.

The main problem is, all down the line, each person trusted that someone else would take care of it, essentially a “buck-stops-nowhere” dilemma. Also, very few IT employees were properly trained in proper data destruction.

This is another good example of why companies need to firmly establish their data controls for the entire life-cycle of the information. And if the company hired to upgrade your memory storage does not have an appropriate plan for disposing of old hard drives (selling the old drives on Ebay is not considered an appropriate plan), a couple of hard shots with a baseball bat should do the trick.

Tags: Moore's Law, Hard Drive Disposal

Posted by pschooff in Better Protection • Small Medium Enterprise | Permalink | Comments (0) | TrackBacks (0)

It’s been a long year for computer viruses, as malware and spam bots continue to increase at alarming rates. And, as my blog pointed out in the 5 Most Common Security Mistakes, it pays to, in so many words, know thine enemy.

With that said, anti-virus specialists Sophos recently announced the top two viruses of the year. And the top two are: Klez.h and Bugbear, the former accounting for 24.1% of reports to the firm, and the latter behind with 17.5%.

Hopefully, all of your computer’s have had their antivirus shots this year, and it includes defenses against those two different strains. Now if I could just convince the virus writers to come pick up their Virus-of-the-Year awards at the local prison.

This is my last blog for the week, and I hope everyone has a happy and healthy Thanksgiving.

Tags: Virus of the Year

Posted by pschooff in Hackers | Permalink | Comments (0) | TrackBacks (0)

According to the always reliable Brian Kreb’s Security Fix, the "Month of Kernel Bugs" strikes again. A security researcher known as LMH decided to start pointing out unpatched flaws that were serious enough to completely disable the security of vulnerable computers.

On Monday, the project’s curator issued instructions for a bug found in how OS X processes certain types of files. Specifically, they were files ending in DMG, a file typically encountered when Mac owners download a software installer. According to Krebs, “Clicking on the proof-of-concept DMG file listed on the MoKB homepage with a brand new Mac OS X 10.4.8 installation caused the system to throw up a prompt telling me that I needed to restart my computer by holding down the power button or restarting the machine.”

Sounds innocent enough, but the crash report revealed a “kernel panic,” which in most cases means that if someone wanted in install malicious code on the computer, they could have done so regardless of the security. As the Matasano Security Blog commented, “What is interesting about DMG [files] is that they allow non-privileged users to mount a filesystem. This poses a number of unique threats to OS X.”

Beware, this exploit also worked with an older system running PowerPC. While there is no existing patch for this vulnerability, OS X users can disable this bug by “changing the Preferences and deactivating the functionality for opening ‘safe’ files after downloading.”

Tags: Mac OS X, Kernel Bugs

Posted by pschooff in | Permalink | Comments (0) | TrackBacks (0)

Found the following list at TaoSecurity and found it insightful. The 5 most common security mistakes follow:

1. Failure to maintain a complete physical asset inventory.
2. Failure to maintain a complete logical connectivity and data flow diagram.
3. Failure to maintain a complete digital asset/intellectual property inventory.
4. Failure to maintain digital situational awareness.
5. Failure to prepare for incidents.

The first three concern knowing your environment. If you don’t know where you data is, how it is transported, and what data you are actually trying to protect, this makes it difficult to protect and just about impossible to recover if the system ever gets breached.

Once you know the ins and outs of your environment, the next step, which is harder and more open ended, is to try and understand who as trying to exploit your vulnerabilities and how.

Finally, once an incident occurs, a company should have clear policies, techniques, and trained personnel ready to respond and recover.

And as I recently read a report from Symantec that found that for-profit hacking is here to stay for the foreseeable future, a data breach is no longer a matter of if, but when.

Tags: Security Mistakes, Symantec

Posted by pschooff in Better Protection • Hackers • Small Medium Enterprise | Permalink | Comments (0) | TrackBacks (0)

According to Eweek, the recent surge of penny stock and pharmaceutical come-on spam mails are originating from a highly sophisticated group of Russian spammers. Internet security researches and law enforcement officials have been tracking a well-organized botnet operation that apparently controls over 70,000 peer-to-peer computers.

Joe Stewart, the senior security researcher at SecureWorks, said the gang functions with a level of sophistication rarely seen in the hacking underworld. First, the botnet Trojan comes with it’s own virus scanner, a pirated copy of Kaspersky’s security software, that removes other malware that might compete with them. Second, once a Windows machine is infected, it joins a vast peer-to-peer botnet controlled by a single control server. And if that single control server is disabled by botnet hunters, the hackers simply have to activate another infected computer in the 70,000 strong network to regain control of the whole system.

Stewart, a reverse engineering expert, gained access to files from a SpamThru and found the attackers are meticulous and keeping stats on bot infections throughout the world. Stewart found that computers in 166 countries were part of the botnet, with the U.S. comprising over half of all infections.

The botnet stats tracker even logs the Windows version of the infected client down to the service pack level. Stewart found that the Windows XP SP2 (Service Pack 2) dominate the botnet, an indication that Microsoft’s latest version of its operating system is clearly being infected.

Another sign of the complexity is that the people must likely to become victims of stock pump-and-dump scams, which are those that engaged in online trading, were those must likely to be targeted for the spam mails. Stewart also calculated that with a botnet network of 70,000 computers, the group can possibly mail out a billion spam mails a day (which only assumes one recipient per message, so in actuality could be much higher).

In better news, my company, Message Partners, released its Message Processing Platform (MPP) version 3 this week. I'm thrilled that MPPv3 introduces the first integrated pre and post-queue spam filter for Postfix. Postfix is the leading open source email server, and is used by many large service providers and enterprises for their email filtering proxies. When combined with MPPv3, this creates the ideal email filtering platform perfect for the most demanding environments, and represents a crucial addition to the fight against the rising tide of spam that threatens to cripple email servers.

Tags: Botnet, Spam, Malware, Russian Hackers

Posted by pschooff in Spam | Permalink | Comments (0) | TrackBacks (0)

While zero day attacks have grabbed many of the recent headlines, it seems a newer and much more insidious type of attack stands to become a much bigger problem. As I've blogged here before, zero day attacks are attacks that seek to exploit the most recent software weakness on or before the day users are alerted to the problem.

As this article from Computer Weekly reports, the new malware is actually much more dangerous, as it’s never meant to be detected. This new type of hack is no longer just some kid trying to show off their hacking skills to the world, but is instead created entirely with criminal intent. The new malware is meant to sit on a computer and disrupt nothing so as to stay deeply undercover, and this allows it to slowly leak out the user's vital information.

Mikko Hyppönen, chief research officer at security firm F-Secure, said “They send the malware as an attachment in an e-mail spoofed to look like an internal e-mail coming from a real colleague with an address that actually exists within the company. The e-mail message is even written in the local language, and the attachment, which is actually malware, is disguised as something innocent, like a Word document. When opened, it even looks like an internal document with company headers and footers.”

The extent of these stealth attacks are hard to measure as so few have been uncovered. Once installed on a machine, these Trojans can catch passwords, scan networks, export information and serve as a base for further attacks.

One reason there is scant protection against these type of attacks is that they are precision targeted, meaning only a few victims are chosen, and the malware is so specific to the target that they never even show up on Microsoft’s or some other software company’s radar as something that needs to be patched.

Jay Heiser, research vice-president at Gartner, said, “Security is still down to good hygiene and carefully managed information security that is effective against entire classes of threats. Various forms of host attack prevention systems still have a lot of potential for protecting code that is not addressed by anti-virus software. But the main message remains: if you don’t recognise it, don’t let it run.”

Also, rather than concentrating on stopping incoming threats, companies need to look for inconsistencies on their network – high levels of e-mail activity, large movements of data, and packet inspection to see if data is being bled in small broadcasts to unknown IP addresses.

Others say that this simply reveals that the life-span of our current virus software has just about run out, and the next generation of malware protection will have to be more comprehensive and much more closely tied to a computer’s operating system.

Tags: Malware, Zero Day Attacks, Stealth Attacks

Posted by pschooff in Better Protection • Hackers | Permalink | Comments (0) | TrackBacks (0)

Yesterday, Microsoft issued patches to correct nine vulnerabilities in the Windows operating systems and Internet Explorer as well as other software. 3 of the patches fixed security holes in Internet Explorer that could install malware onto a computer just by visiting a specially built website. Another exploit with IE can occur if someone merely views a tainted HTML message in an email preview pane.

Microsoft said the IE flaws are much less a problem on Window Server 2003 systems or with IE7, as their default settings won’t allow those flaws to activate.

Other security patches fixed a flaw in Windows “Microsoft Agent” that again could be exploited simply by visiting a site, while another corrected serious flaws in Adobe’s Macromedia Flash player that comes bundled with Windows XP.

Microsoft also patched a critical bug in their “workstation service” Windows XP and Windows 2000. This problem is more of a problem for businesses, as it’s most likely to be exploited by someone with access to a company’s internal network.

Finally, two critical flaws in “XML Core Services” and “Client Service for Netware” were corrected, but neither are automatically installed by default on Windows machines. Users can download and install the patches via Microsoft or with the company’s Automatic Update service.

Tags: Microsoft, Patch Tuesday

Posted by pschooff in Microsoft • Patches | Permalink | Comments (0) | TrackBacks (0)

While Gmail’s popularity may be positively viral, the email software remains emphatically antivirus. But Microsoft’s new Windows Live OneCare recently started incorrectly flagging Gmail as a threat.

According to an article at ZDNet, when OneCare users tried to access their Gmail accounts last week, a warning popped up telling them that their systems were infected with a virus called "BAT/BWG.A".

Obviously this was a clear case of, and clear example of, a false positive. While this one was fairly harmless, as once Microsoft was informed of the problem, they released a new antivirus signature that quickly resolved the issue, false positives have been known to cause much more havoc.

In terms of my own experience with false positives, a certain V.I.P. email incorrectly identified as spam once nearly cost me a job. You can bet I checked my junk mail folders much more judiciously after that.

Apparently, Microsoft’s OneCare problem with Google began when Google made some changes to its Gmail website. Google is currently reviewing its processes and procedures to make sure this doesn’t happen again.

And I guess in terms of Microsoft versus Google, if you can’t beat ‘em, flag ‘em.

Tags: Google, Microsoft, False Positive,

Posted by pschooff in Google • Spam | Permalink | Comments (0) | TrackBacks (0)

I came across this interesting article at DarkReading.com regarding how, even with all the recent news about security mishaps and hacker misdeeds, corporate decision makers still view computer security as something non-strategic, as something more akin to an operational expense like building maintenance. But the fact that a serious security breech can undermine an entire company means that the folks working in security need to upgrade their approach.

The trouble with the old approach is that most IT departments tend to operate as silos, or wholly separate departments that tend to stay outside corporate politics. This is understandable, as in survey after survey, IT people continually rate office politics as the least desirable aspect of their job.

Compounding the problem, the folks in IT who focus on technology and security have a tendency to look at their vital work as above office politics. And the problem only grows from the fact that, on the other side, it is those executives who are least supportive of IT security that typically have the most boardroom influence.

Thus, the big bosses aren't shown how good security can directly impact customer confidence, buyer loyalty, and the value of the brand. All they are shown is how security can protect a business, not how it can help build a business.

The best way to change this is for an IT department to make sure that security matters are mapped alongside the company's business plan. This will enable top executives to see how their decisions affect security policy and vice versa, and therefore allow them to factor in security issues before new programs are undertaken.

Regrettably, the only way to do this is through office politics. And basically, in today’s corporate environment, an unwillingness to play politics simply translates into a willingness not to be heard.

Tags: Computer Security,

Posted by pschooff in Better Protection • Small Medium Enterprise | Permalink | Comments (0) | TrackBacks (0)

With study after study reporting that spam is growing out of control, including this one at Search Security, one wonders that if trying to find an email ever becomes akin to trying to find a needle in a haystack, will there ever come a time when some companies simply decide to chuck out the whole email haystack.

Studies have reported an increase in spam from 60 to 120 percent in the past year. Kaye Vivian recently blogged about this recent surge, writing “My spam level is up to about 60 per day that get through my ISP, which blocks about twice that many more, and that doesn't include the 50-60 spams I get on the blog here and manually delete.”

The explosion of spam can be directly linked to outbreaks in malware, meaning that as certain viruses spread around the internet and start infecting computers, those infected computers quickly join other infected computers, typically without the owner’s knowledge, to form a vast and effective spam network.

And where spam was once the providence of fairly harmless internet marketers trying to sell you something, spam has now become one of the main focuses of organized crime, and their motives are much more disreputable. Also, the economics of spam heavily favors the spammers, as while it still costs next-to-nothing to flood email accounts with spam, for the other side, in terms of system resources and time wasted, businesses bear most of the cost.

While I believe that email is far too important a tool ever to be rendered irrelevant, I do think companies need to be especially selective about which spam engines they utilize. At Message Partners, we have found that the only way to fight back against this growing bot threat is by copying them. By that I mean as this new type of spam continuously recruits a growing army of computers to serve as spam bots, Message Partners’ believes you need to use a growing army of spam filters to thwart them. That’s why we have built a powerful email policy engine that allows you to employ any number of spam filters (from commercial to open source), and in that way utilize their different methods of finding and destroying spam.

And with spam showing no signs of slowing down, I don’t see how the war can be won any other way.

Tags: Spam, Spam Bots

Posted by pschooff in Better Protection • Hackers • Spam | Permalink | Comments (0) | TrackBacks (0)

Mozilla has patched flaws in Firefox, Seamonkey and Thunderbird that hackers could use to bypass security restrictions, crash computers and run malware on machines. It is important to note, though, that these flaws do not affect the recently launched Firefox (which also features new security tweaks and an anti-phishing tool).

Below are the three advisories released by Mozilla and excerpted from SearchSecurity:

• Attackers could exploit several unspecified glitches to corrupt system memory, crash machines and possibly run malicious code. Mozilla noted that Thunderbird shares the browser engine with Firefox and could be vulnerable if JavaScript were enabled in mail.

• RSA digital signatures with a low exponent could be forged. The flaw was corrected in the Mozilla Network Security Services (NSS) library version 3.11.3 used by Firefox 2.0 and current development versions of Mozilla clients, but Firefox 1.5.0.7 was still vulnerable to attack.

• Attackers could modify a script object while it is executing and launch malicious JavaScript code as a result.

All of these patches are deemed critical, and are fixed by Firefox 1.5.0.8, Thunderbird 1.5.0.8 and SeaMonkey 1.0.6.

Tags: Mozilla Firefox, Patches

Posted by pschooff in Better Protection • Patches | Permalink | Comments (0) | TrackBacks (0)

Today I came across an article at Security Fix that seems to me the most common sense approach to counter what is quickly becoming one of the most malicious threats on the internet: phishing. Phishing is a counterfeit website that tries to pass itself of as a well known and legitimate site, usually to get access to your financial or credit card data. I actually almost fell for the scam once myself.

Where old solutions tried to track known phishers and their scams, this new approach goes to the very root of the problem: what about a browser that simply tells you whether the site you are at is who they say they are.

The new solution, originated by CA/Browserforum, involves the companies who sell and verify security certificates. Any company today can purchase an SSL, or secure sockets layer, which attempts to show that the website you are at takes their security seriously. But while clicking on the padlock icon in the browser that comes with SSL certified sites gives you information about the site you are at, most users simply don't know to do it, and many certificates are hard to make sense of. Also, SSL’s can now be easily acquired by anyone and the site legitimizing process is largely automated and therefore easy to fool.

CA/Browserforum intends to create a “supercert” known as an “extended validation” SSL certificate, or an EVSSL. EVSSL’s would cost more money, but would also be more rigorously verified. And by working with the different internet browsers, they could develop a standardized and easy-to-see method of site identity verification.

You ask me, I say get it done yesterday.

Tags: Phishing, SSL

Posted by pschooff in Better Protection • Phishing | Permalink | Comments (0) | TrackBacks (0)

The Macintosh has become a tantalizing challenge for hackers precisely because it is seen as somewhat unimpenetrable. A report from TechNewsWorld also indicates that, although the virus free image of the Mac is a big feature in Apple’s advertising, that perception may not be altogether accurate.

This past May Internet Security Systems, a security vendor, found that there were three times as many vulnerabilities for the Macintosh then there were for Windows. Some have referred to this trend as Mac becoming the Apple of hackers’ eyes.

As you would expect, this growing interest has translated into the discovery of even more Mac vulnerabilities. McAfee found that vulnerabilities for Mac went up 228 percent, while for Windows they only increased 78 percent. Of course some of this percentage can be explained by the fact that Mac also starts with a much lower number of vulnerabilities (there are 2,000 known viruses for the Mac, compared to 70,000 for the PC).

It was in February 2006 that the first worm created for Mac OS X was discovered, named OSX/Leap.A, which is an instant messaging worm capable of infecting the Mac.

This increase is party due to the Mac’s success, as the Mac has seen double digit growth, as well as the growth in iPod and iTunes. The increase can also be attributed to sheer boredom, as hackers have been focusing on Windows for so long, Apple simply presents a new challenge.

There is good news in all this, for both platforms. The fact is, the number of serious problems resulting form virus attacks have dropped considerably. In 2004, McAfee counted 48 virus outbreaks of at least moderate severity, and in 2005 that number dropped to 12, and this year stands at zero. Let’s hope it stays that way.

Tags: Macintosh, Hackers

Posted by pschooff in Apple • Hackers • McAfee • Microsoft | Permalink | Comments (0) | TrackBacks (0)

This list comes from CNN Money.

1. Patch early and often. With zero day attacks growing along with the number of patches being issued, test and install security patches ASAP.

2. Enforce password policies. While it’s well established that passwords should mix letters and numbers, uppercase as well as lowercase, do not let the desire for perfect passwords get in the way of good security – as the more employees are required to change their passwords, the more they are apt to write them on Post-Its.

3. Mind your VPN. Telecommuters can collect nasty viruses and malware which can then migrate to the corporate network, therefore limit virtual private network access only to company issued laptops configured to your security policies.

4. Watch your wireless. Securing Wi-Fi is only the beginning. The newest trick is the “evil twin” attack, which creates a similarly named fake wireless network in the hopes that an employee will log on and not notice the discrepancy, thereby revealing user name and password.

5. Only make promises you can keep. When the FTC investigates a company, it’s usually because the company exaggerated their claims, as in falsely claiming that customer data is only stored in encrypted form. Therefore, make sure you walk the talk.

6. Hack yourself. Hire an outside auditor to breach your network just to get a hackers eye-view of your weaknesses.

7. Sequester sensitive data. Treat customer credit card and Social Security data as top secret and keep it on compartmentalized servers and limit accessibility.

8. Encrypt it. Use strong cryptography to protect sensitive data. An encrypted database left on a city street is more secure than an unencrypted one hidden in a bank vault.

9. Collect only what you need. Delete what you don’t. More than a few companies have been embarrassed after being successfully hacked for credit card numbers years past the actual transactions. Evaluate the inherent risk, and not the potential value, of the data you collect.

10. Phear phishers. Phishing has become so profitable it is no longer just a problem for Fortune 500 companies. Set up a responsive e-mail contact for customers who’ve received messages pretending to come from you, issue website warnings about fresh attacks, and train customers not to click e-mailed login links - by not sending any yourself.

Tags: Computer Security, Phishing, Patches

Posted by pschooff in Better Protection • Hackers • Phishing | Permalink | Comments (0) | TrackBacks (0)

While it is always tempting to go out and buy the latest technological bells and whistles to protect the all-important corporate network, a recent study by Symantec indicates that, in the eyes of the on-line outlaw, they still see the end user as the weakest link in corporate security and will stop at nothing to target them in an effort to extract illegal profits from your bottom line.

Though most large businesses have the money to cover all the ins-and-outs of system security, smaller enterprises who are looking for the biggest bang for their buck might consider first investing in security awareness training. Of course that doesn't mean you can ignore or overlook security software, and it remains of the utmost to always keep that software current and up-to-date.

But as I've pointed out in this column before, and as this article in Computer World points out, with even the best and newest security solutions employed, companies have to remain ever diligent on teaching their employees the dos and don'ts of computer security.

While Symantec's report focused mostly on the security threats and needs of the home user, it still holds true for businesses and government.

A company embarking on a security awareness program should focus on: acceptable-use policies, computer and network security, physical security, protected health information as well as remote security. This training should include both the corporate employees and outside consultants, as if is often the consultants, and their remote access devices, that pose the biggest threat.

Tags: Corporate Security, Security Awareness Training

Posted by pschooff in Better Protection • Small Medium Enterprise | Permalink | Comments (0) | TrackBacks (0)

As video use grows more dominant on the internet, it seems that videos have become the newest Trojan horse for hackers to install unwanted software on computers.

From an article at Yahoo News, security firms have reported an increase in the use of rogue Windows codecs, which are file compressors usually used to play clips, but are now being used for pop-up ads, or, even worse, to install keyloggers to secretly record confidential data.

Sunbelt Software, an anti-spyware firm, found malicious code hidden in a codec that, when executed, stated the computer had security problems and then demanded money for repair.

Security experts believe it is only a matter of time before these tricks find their way into the videos on video sharing websites such as Youtube. If and when they do, it will give them an near unlimited supply of computers to infect.

Tags: Windows, codecs

Posted by pschooff in | Permalink | Comments (0) | TrackBacks (0)

A report from Akonix System Inc. tracked 88 IM attacks this past October, which is the highest number this year. Also, attacks using P2P network like Kazaa and eDonkey increased 62% compared to the month before.

“As predicted, IM attacks are continuing to grow at a rapid rate, with the October threats breaking last month's high for the year by nearly 40%," said Don Montgomery, vice president of marketing at Akonix. "With adoption of IM in the workplace growing at 22% per year … it's now imperative that companies address the risk of having their networks compromised by the growing number of IM threats.”

New IM-based worms Akonix identified this month include SOHANAD, Imaut, Pepa, Yaautoit and QUATIM. SOHANAD was the most common with six variants, followed by Imaut, with five.

Tags: Instant Messaging

Posted by pschooff in | Permalink | Comments (0) | TrackBacks (0)