Categories
Archives
- September 2008
- August 2008
- July 2008
- May 2008
- April 2008
- March 2008
- December 2007
- November 2007
- October 2007
- September 2007
- August 2007
- July 2007
- June 2007
- May 2007
- April 2007
- February 2007
- January 2007
- December 2006
- November 2006
- October 2006
- September 2006
- August 2006
- July 2006
- June 2006
- May 2006
- April 2006
- March 2006
- February 2006
- January 2006
- December 2005
- November 2005
- October 2005
- September 2005
- July 2005
- June 2005
- May 2005
- April 2005
- March 2005
- February 2005
- January 2005
- December 2004
- November 2004
If you run Safari on your Mac or Firefox on your Fedora box, you are not necessarily immune to attacks. ZDNet reviews recent attacks on platforms other than Windows/IE - and concludes that their frequency is likely to attack.
As you adopt new technology, stop and think about the possible security
pros and cons. Just because someone hasn’t written a devastating worm
to hit the Mac OS platform doesn’t mean it won’t happen. Same with your
Nokia smart phone. Proceed with caution. If we’ve been successful in
frustrating crackers by having antivirus and firewall solutions on our
desktops, I think there’s a chance we’ll also prevail in these other
areas as well.
[Via ZDNet -]
I am not sure of the methodology to reach to this number, but it is certainly good for raising awareness of the problem. There are too many infected PCs out there that pump spam and other cyber-junk onto the Internet.
HoneyNet Project estimates 1 mln Internet-connected computers are used
as zombies to send spam, distribute viruses, launch denial-of-service
attacks, manipulate click-through advertising and online games. Largest
network comprised of 50,000 computers.
[Via IT Facts -]
If someone told you that a large portion of spam and DDoS attacks come from the UK, don’t blame it on the British mafia (although they may be involved) but on the ordinary British Internet user.
Between July and December 2004, Symantec tracked the number of
computers that have been compromised by malicious software. More than a
quarter (25.2 percent) of all compromised computers it discovered were
based in the UK, with the US following closely behind with 24.6
percent, and China in third with 7.8 percent. Symantec says this is
because many high-speed Internet users don’t have sufficiently robust
security.
[Via ZDNet UK, UK -]
The Internet Storm Center is concerned that online
criminals are ‘poisoning’ the domain name system and redirecting Web
users to malicious sites. ZDNet reports on how pharmers (not to be confused with farmers, which are good and healthy to people and economy) use DNS poisoning to install spyware on users’ computers. This is a slight variation of our previous reports of pharming where DNS poisoning is used to serve a different web page and "phish" for user’s username and password.
ZDNet is reporting on new use of DNS poisoning - to trick users into installing spyware which can then track their activity without raising suspicion. This attack is more troublesome than phishing via DNS poisoning because the DNS poisoning attack lasts usually as long as the DNS server’s cache duration is set to. But by sneaking a spyware software during this window, hackers are able to obtain much more information than a pure DNS poison/phish attack.
ZDNet has a good article dissecting the latest Internet Security Threat Report and Symantec’s key findings.
- Rise in Threats to Confidential Information — 44% increase; mostly due to Trojans
- Steady Increase in Phishing Attacks - 366% increase over past year
- Increase in Attacks Against Web Applications - 39% increase
- Rise in Number of Windows Virus/Worm Variants - 64%
Also, among the most interesting trends:
- The use of bots and bot networks for financial gain will likely
increase, especially as the diverse means of acquiring new bots and
developing bot networks become more prevalent. - Attacks hidden in embedded content in audio and video images are
expected to increase. This is worrisome because image files are
ubiquitous, almost universally trusted, and an integral part of modern
day computing. - Symantec expects security risks associated with adware and spyware will
likely increase. Impending legislation to curb these risks is not
expected to be an effective or sufficient deterrent on its own.
[Via ZDNet UK, UK -]
Although worms haven’t made the major headlines recently, every other company has been infected by a worm during the past 12 months.
About 47 percent of all respondents had a worm infect a company network
in the past year, the Mazu [Mazu Networks and the Enterprise Strategy Group] survey found. 12.5 percent of those
businesses had more than 25 percent of their network compromised during
the incident.
While worms haven’t disappeared, maybe companies’ investment in security training and products have resulted in less company-wide outbreaks that cripple major portions of a network, such as the Blaster worm. At the same time, home PC users, who do not have an IT department to force to upgrade or patch their operating system, who do not have the latest antivirus installed, and connect to their broadband connection without a firewall are much likely to be infected. And what is the worst - they may not even realize it. Many users do not realize that the quickly blinking light on their DSL modem when there is no activity on their machine may actually mean that they are sending megabytes of spam, for example.
[Via ZDNet UK, UK -]
The tech community is buzzing today after IBM’s announcement that they have developed a framework of detecting unwanted emails and slowing down the originating computers, and not necessary the originating email which is usually fake.
After identifying a certain machine as an established source of spam,
the software, dubbed FairUCE, bounces back any messages sent by the
device in question with the intent of slowing that computer down and
retarding its ability to produce more unwanted e-mail.
According to IBN’s tech specification suggests that the new tool called FairUCE would use network identification tools to identify whether the message is legitimate by matching email information and the originating email. The system would be able to track originatinig IP addresses and upon determination that message is or might be spam it would redirect messages back to the source thus slowing it down.
Because a large part of the spam comes from "zombie" PCs of ordinary Internet users connected to a broadband Internet network, it is possible that IBM may create some enemies in the large ISPs whose broadband would suffer as result of the system bouncing messages to the "zombie" PCs. In addition, it is unclear what type of matching the system would do, but it is possible that spammers craft the messages fraudulently in a way that provides a match for the FairUCE system.
There is a great discussion on Slashdot on this with useful and some not-so-useful technical analysis.
[Via CNET]
Recent Posts
- Virginia Supreme Court Strikes Down State’s Anti-Spam Law
- Travelers’ Laptops May Be Detained At Border
- File Sharing Data Breach
- No download? Maybe no infringement in another Federal District Court
- CAN-SPAM Rules Modified
- CFAA Damages Calculation Includes Cost of Tracking Hacker
- Courts split on whether making a copyrighted song available for download violates copyright law.
- How to Respond to Data Breach
- Border Agents Can Search Laptops
- What is your return address?
- Proposed FRE 502 is good for electronic discovery, but it is not going to drastically reduce the cost of litigation as the authors are hoping.
- British Authorities: Insult to Injury
- Introduction to James Paulick
- TXJ Costs Continue Increasing
- Proposed Amendments to Section 1030