IT Security Highlights March 11 2010
By Kelli Tarala | March 11, 2010
It’s official: Adobe Reader is world’s most-exploited application
Adobe’s ubiquitous Reader application has replaced Microsoft Word as the program that’s most often targeted in malware campaigns, according to figures compiled by F-Secure. Files based on Reader were exploited in almost 49 percent of the targeted attacks of 2009, compared with about 39 percent that took aim at Microsoft Word. Underscoring the surge of Reader attacks, online miscreants recently unleashed a new malware campaign that exploits vulnerabilities patched three weeks ago in the widely-used program. The attacks target financial institutions with a PDF file with a name that refers to the so-called Group of 20 most influential economic powers. When victims click on the file with unpatched versions of Reader, the file installs a backdoor that causes their system to connect to a server at tiantian.ninth.biz.
Full Story:
http://www.theregister.co.uk/2010/03/09/adobe_reader_attacks/
Human exploit attacks surpass the software flaw approach
As millions of users flocked to Twitter, criminals followed. Twitter experienced a number of attacks involving phishing, spam, worms, DDoS, compromised DNS records and site defacement. Barracuda Labs released its annual report for 2009, and the shift towards human exploits was obvious - 69 percent of attacks were perpetrated using social engineering (FakeAV and phishing) and search result poisoning, compared to 39 percent carried out using software exploits.
Full Story:
http://www.net-security.org/secworld.php?id=8997
Twitter to begin screening some links for phishing
Twitter launched a new link-screening service on March 8 aimed at preventing phishing and other malicious attacks against users of the popular microblogging service. Part of the new service is a new Twitter tool to shorten URLs, so users will see some links in e-mail notifications and direct messages from other users written as twt.tl.
Full Story:
http://www.computerworld.com/s/article/9168378/
Phishing update: ‘No brand is safe’
Online fraud schemes and malware are casting an even wider net, far beyond the large national banks and well-known retailers, as phishers seek new victims. This is the word from the Anti-Phishing Working Group (APWG), No brand, no matter how small or obscure, is safe from online fraud says the APWG’s secretary general. “Once, only the largest banks were targeted,” he says. “Now every kind of enterprise from banks and credit unions of all sizes to charities to, in a recent case, a hardware manufacturer, are seeing their brands exploited in all manner of fraud schemes.”
Full Story:
http://www.bankinfosecurity.com/articles.php?art_id=2277
Half of network solutions only stop one in four network attacks.
Almost one in five participants at the RSA conference last week believe that their companies’ security policies are being effectively enforced, according to figures released by data center fabric company Brocade. That said, at least half of them seem to be unhappy with their companies’ security technology solutions. Brocade, which interviewed 144 RSA Conference attendees from a wide variety of different sectors, found that 18 percent of respondents believed company security policies were being totally enforced. Forty-eight percent of them said that their network security stopped one in four or fewer network attacks against their organizations.
New Internet Explorer code-execution attacks go wild
miscreants are exploiting a security bug in earlier versions of Internet Explorer that allows them to remotely execute malicious code, Microsoft warned on March 9. The vulnerability in IE versions 6 and 7 allows remote attackers to gain the same access to the affected PC as the local user. The bug, which stems from an invalid pointer reference, either doesn’t exist in IE 8 or can’t be exploited in that version, providing users with yet another strong reason to upgrade to Microsoft’s latest browser.
Full Story:
http://www.theregister.co.uk/2010/03/09/internet_explorer_attacks/
Read the Full DHS Infrastructure Report:
www.enclavesecurity.com/blogresources/cdr_031110.pdf
Topics: Assurance | No Comments »
IT Security Highlights March 10 2010
By Kelli Tarala | March 10, 2010
Ford Motor rolls out new security features to prevent car-hacking
Ford Motor will debut vehicles with built-in WiFi — along with enhanced security features to prevent data breaches via its new cars. Ford has offered the Sync technology service it co-developed with Microsoft in most of its Ford, Lincoln, and Mercury vehicles since 2008. The WiFi network is set by default to WiFi Protected Access 2 (WPA2) encryption for secured access to the wireless network. It also will provide anti-malware protection for the MyFordTouch system.
Full Story:
http://www.darkreading.com/vulnerability_management/
Thrill Ride- The Cyber ‘wilderness of mirrors’
Within the European Union and NATO, security professionals have been circulating dire warnings to colleagues regarding the growing cyber espionage threat from China. In recent months, the Chinese have appeared to more aggressively target NATO, EU, and US networks in an effort to steal intelligence secrets. With the anonymity and easy access provided by cyberspace, espionage work is increasingly moving towards utilizing the cyber domain to steal secrets. Cyberspace has become the new “wilderness of mirrors.”
Full Story:
http://www.thenewnewinternet.com/2010/03/08/buckle-in-for-the-cyber-hall-of-mirrors/
Interest in primetime TV shows has a favorite lure for cyber criminals
The Academy Awards and the upcoming premieres of new television shows are being targeted in search engine optimization attacks. Security firm Sophos said that malware writers had loaded web pages with keywords relating to the Awards in order to achieve higher placement in search results. Users visiting what they believe to be news sites about the awards are then subjected to an anti-virus scam that attempts to trick them into purchasing fake security software.
Full Story:
http://www.v3.co.uk/v3/news/2259130/web-malware-scams-prime
Vodafone ships Magic Android smartphones with Malware
Vodafone has been blamed for shipping Mariposa botnet malware and other malware on HTC Magic Android smartphones it supplied. Vodafone acknowledged the problem but said that the incident was an isolated and local problem, which came to light because the customer affected works for Spanish anti-virus firm Panda Security. The same mobile phone was also infected by Confiker and a Lineage password-stealing code, according to Panda.
Full Story:
http://www.theregister.co.uk/2010/03/09/vodafone_mariposa/
Intel investigating fake processor shipments
The company is looking into claims that a shipment of 300 fake Core i7-920 processors had been sent to respected parts seller Newegg from a partner. “Newegg is currently conducting a thorough investigation surrounding recent shipments of questionable Intel Core i7-920 CPUs purchased from Newegg.com,” said the company in a statement.
Full Story:
http://www.v3.co.uk/v3/news/2259135/intel-investigating-fake
Serious Apache vulnerability disclosed
A vulnerability in Apache’s HTTP web server that enables the attacker to gain remote access to the server and total control of a database, has been discovered by a researcher and consultant with Sense of Security Labs. The bug is localized in the Apache’s core “mod_isapi” module, and can be exploited to give access and system privileges to the attacker, which means that data can be manipulated, deleted or stolen.
Full Story:
http://www.net-security.org/secworld.php?id=8988
Ubisoft hit by a DDoS attack over the weekend
The fierce attack left some customers unable to play its games for much of March 7th and appears to be a protest at controversial new DRM controls. The introduction of Ubisoft’s Online Services Platform technology last month means it’s impossible to play a game or save progress while playing a game if an internet connection is lost. This means customers have to be online in order to play its latest PC games such as Assassin’s Creed II and Silent Hunter 5.
Full Story:
http://www.theregister.co.uk/2010/03/08/ubisoft_anti_drm_hack_attack/
Read the Full DHS Infrastructure Report:
www.enclavesecurity.com/blogresources/cdr_031010.pdf
Topics: DHS Infrastructure Reports | No Comments »
IT Security Highlights March 9 2010
By Kelli Tarala | March 9, 2010
Energizer Bunny’s software infects PCs
The Energizer Bunny infects PCs with backdoor malware, the Department of Homeland Security’s US-CERT said on March 5. According to researchers at US-CERT, software that accompanies the Energizer DUO USB battery charger contains a Trojan horse that gives hackers total access to a Windows PC. The Energizer DUO, a USB-powered nickel-metal hydride battery recharger, has been discontinued, said Energizer Holdings, which late on March 5 confirmed that the software contains malicious code.
Full Story:
http://www.networkworld.com/news/2010/030810-energizer-bunnys-software-infects.html?hpg1=bn
Wave of ransom malware hits Internet
Criminals reused an attack from 2008 to hit the Internet with a huge wave of ransomware in recent weeks. In the space of only two days, February 8 and 9, the HTML/Goldun.AXT campaign accounted for more than half the total malware detected for February, which gives some indication of its unusual scale. The attack itself takes the form of a spam e-mail with an attachment, report.zip, which if clicked automatically downloads a rogue antivirus product called Security Tool. It is also being distributed using manipulated search engine optimization (SEO) on Google and other providers.
Full Story:
http://www.pcworld.com/article/190967/wave_of_ransom_malware_hits_internet.html
Microsoft gives dates for the end of support for Windows XP Service Pack 2 and Windows 2000.
Microsoft is to address eight vulnerabilities on its monthly Patch Tuesday, with no critical flaws expected to be addressed. The vulnerabilities are in Windows and Microsoft Office and are remote code execution problems. Microsoft confirmed ending support for legacy operating systems in the coming months. Windows XP Service Pack 2 will no longer be supported after July 13, and on the same date extended support for Windows 2000 will finish. Windows Vista RTM will no longer be supported after April 13, although service pack one will still be supported until the July 12th 2011.
Full Story:
http://www.scmagazineuk.com/microsoft-will-cover-eight-important-vulnerabilities/
Opera says bug probably can’t commandeer machines
A security vulnerability identified in Opera can be exploited to crash users’ browsers, but probably can’t lead to the remote execution of malware, a company spokesman said. The buffer overflow bug was disclosed by Vupen Security on Thursday, and the report has since been picked up by others, including Secunia and Sans. The advisories have said the vulnerability is critical because it can be exploited to remotely execute malicious code on end user machines. Users should be sure to enable a security feature known as DEP, or data execution prevention.
Full Story:
http://www.theregister.co.uk/2010/03/05/opera_vulnerability/
Smartphone weather app builds a mobile botnet
A pair of researchers has amassed nearly 8,000 iPhones and Android smartphones in an experimental mobile botnet that demonstrates the ease of spreading potentially malicious applications on these devices. The security researchers with TippingPoint’s Digital Vaccine Group demonstrated how their seemingly innocuous weather app — called WeatherFist — gathers information on the users who downloaded it, including their GPS coordinates and phone numbers. The researchers wrote the app to prove how such an app could steal or modify a user’s contacts, read his files, and access his Facebook and Twitter accounts, as well as email and passwords.
Full Story:
http://www.darkreading.com/insiderthreat/security/client/showArticle.jhtml?articleID=223200001
Phishing reaches record high in January
January marked a record high for phishing attacks, seeing a 21 percent increase over the month before, according to security vendor RSA. The firm’s monthly Online Fraud Report showed that recorded phishing attacks reached 18,820, more than double the figure a year ago. Fast-flux attacks, accounted for 24 percent of phishing incidents in January, up four per cent on December. Standard phishing attacks, meanwhile, showed a 12 percent increase compared with December. The number of attacked brands climbed by just two percent compared to December, but 35 new organizations suffered their first attack in January, more than triple the number reported in December.
Full Story:
http://www.v3.co.uk/v3/news/2259037/january-sees-phishing
RSA Online Fraud Report:
http://www.rsa.com/solutions/Online_Fraud_report_0210.pdf
Read the Full DHS Infrastructure Report:
www.enclavesecurity.com/blogresources/cdr_030910.pdf
Topics: DHS Infrastructure Reports | No Comments »
IT Security Highlights March 8 2010
By Kelli Tarala | March 8, 2010
Tool automates targeted attacks on social network users
A researcher released a free tool that impersonates a Twitter user’s account in order to execute automated targeted attacks on the person’s followers. A security researcher with Core Security Labs, says the group wrote the tool as a way to demonstrate and test for how social networks can be used for spear phishing. The initial version executes attacks on Twitter, but the researcher says it can be extended to work against Facebook and other social networks.
Full Story:
http://www.darkreading.com/insiderthreat/security/client/showArticle.jhtml?articleID=223101626
Glitch prompts VA to shut e-health data exchange with Department of Defense
The Veterans Affairs Department closed off access to the Defense Department’s electronic health record system on March 1 because it found errors in some patients’ medical data. The glitch did not cause harm to any patient, but “the potential exists for decisions regarding patient care to be made using incorrect or incomplete data,” said the director of the Veterans Health Administration’s Information Technology Patient Safety Office, in an alert issued on March 3.
Full Story:
http://www.nextgov.com/nextgov/ng_20100304_9977.php?oref=topstory
Campus urged to beware of new phishing scams
The Office of Campus Information Security (OCIS) is aware of two new phishing emails targeting University of Wisconsin’s NetID login service. If users click the link in the phishing email, they are directed to fake NetID login sites that are very realistic and well replicated. Users could easily be fooled by these phishing attempts.
Full Story:
http://www.news.wisc.edu/17764
Microsoft plans to patch 8 Windows, Office bugs next week.
Microsoft announced it will ship two security updates on March 9th to patch eight vulnerabilities in Windows and Office. In its monthly advance notification, Microsoft spelled out next week’s two updates, a far cry from February’s roll-out of 13 security bulletins that fixed 26 flaws. Both bulletins will be pegged as “important,” Microsoft’s second-highest severity rating in its four step scoring system.
Full Story:
http://www.computerworld.com/s/article/9166158/Microsoft
Chinese attacks like the one against Google are on pace to double this year
Recent Internet attacks from China against Google and other U.S. companies will more than double this year if the pace during the first two months continues, said the chief research officer for F-Secure. This type of attack has been increasing over the past two years. Unlike other malware attacks, these are fashioned for specific targets and are used only once.
Full Story:
http://www.networkworld.com/news/2010/030410-rsa-chinese-attacks.html?hpg1=bn
Researchers dissect ZeuS botnet blueprint
A little knowledge and a few thousand dollars is all it takes to build a fully functional botnet, according to security experts. Cisco researchers told delegates at the 2010 RSA conference that a botnet running the infamous ZeuS malware could be built for $2,500. ZeuS is primarily a data-gathering and botnet control tool. It is dangerous because it directly injects content into pages and intercepts credentials before they are sent to legitimate sites.
Full Story:
http://www.v3.co.uk/v3/news/2258969/rsa-2010-researchers-dissect
Read the Full DHS Infrastructure Report:
www.enclavesecurity.com/blogresources/cdr_030810.pdf
Topics: Assurance | No Comments »
IT Security Highlights March 5 2010
By Kelli Tarala | March 8, 2010
Pennsylvania’s CISO Witnesses Hack like no Other
Pennsylvania’s chief information security officer has seen some strange attempts to hack the commonwealth’s IT systems, but none like the one he witnessed last weekend. At a RSA Conference panel on state cybersecurity on Wednesday:, he explained, “We saw thousands of hits on our Department of Transportation driver license exam scheduling site coming out of Russia, the same thing over and over, scheduling driver license exams. It was encrypted traffic, and we were trying to figure out what the heck is going on.”
Full Story:
http://blogs.bankinfosecurity.com/posts.php?postID=469
Hacking human gullibility with social penetration
Security penetration testers rely plenty on technical attacks that exploit weaknesses in websites and servers, but social penetration techniques are more reliable and easier to use in identifying chinks in fortresses. That’s true even for organizations that place a high premium on security and train their employees to resist the most common attempts to trick them into letting down their guard, according to the principals of Mad Security.
Full Story:
http://www.theregister.co.uk/2010/03/04/social_penetration/
Wi-Fi could lead thieves right to your laptop
Stuffing a company laptop into the car trunk or even a locker, without turning off its Wi-Fi radio, can be an open invitation to thieves, according to Credant Technologies. Thieves with increasingly sophisticated, directional Wi-Fi detectors can home in on the laptop’s radio, tracking it down even when the PC is hidden away.
Full Story:
http://www.pcworld.com/article/190674/wifi_could_lead_thieves_right_to_your_laptop.html
Database security lacking at financial services firms
Sloppy operating practices across the financial services sector leave firms vulnerable to breaches that could expose sensitive data according to a new study from the Ponemon Institute. The report identified several key areas where financial services companies could take a hit from loose data policies, including damage to the corporate brand and the erosion of consumer trust. “One of the most important things a company can do to assure their future success is to plug the holes in their security policies that were demonstrated in this study,” the head of the Ponemon Institute, said in a statement.
RSA 2010 Highlights: Hackers using legitimate cloud services for Dark Ends
Cyber criminal groups are using legitimate cloud offerings such as Amazon Web Services to facilitate malware creation and password cracking, delegates at RSA 2010 were told. The Russian Business Network (RBN), one of the most powerful and extensive malware and hacking organizations, has been buying time on Amazon’s EC2 platform to build malware and attack passwords, according to the founder of security consultancy InGuardians. The RBN, based in northern Russia, is one of the biggest and most professional hacking groups in the world. The organization started in the pornography business, but quickly moved to crime and now offers malware-as-a-service and hosting services, and provides credit card data and false identities. Other security professionals have confirmed the use of mainstream cloud services by the hacking and malware community.
Full Story:
http://www.v3.co.uk/v3/news/2258919/rsa-2010-hackers-legitimate
Source code management a weak spot in Aurora attacks
Companies should take extra steps to secure their source code from the type of targeted attacks that hit Google, Adobe, Intel and others over the past few months, according to security vendor McAfee. “We saw targeted attacks against software configuration management products,” said McAfee’s chief technology officer (CTO.) In many of the attacks company engineers and technical staff were targeted with malicious software. And in some cases, source code management systems were accessed and code was downloaded outside of company firewalls, the CTO said.
Full Story:
http://www.computerworld.com/s/article/9165718/
Full DHS Infrastructure Report:
www.enclavesecurity.com/blogresources/cdr_030510.pdf
Topics: DHS Infrastructure Reports | No Comments »
IT Security Highlights March 4th 2010
By Kelli Tarala | March 5, 2010
Microsoft wants to put infected PCs in Rubber Room
A top Microsoft executive is floating the idea of creating mandatory quarantines for computers with malware infections that pose a risk to internet users. Scott Charney is the latest to champion the idea that infected PC users should be put in their own rubber room, so the malware, spam, and other attacks they generate cannot harm others. The logistics of such a plan remain unformed. While many say ISPs should monitor subscribers for infections, there is considerable disagreement about how providers should carry out and pay for such a system.
Full Story:
http://www.theregister.co.uk/2010/03/02/microsoft_charney_rsa/
Spain busts global botnet masterminds
Spanish police have arrested three men accused of masterminding one of the biggest computer crimes to date — infecting more than 13 million PCs with a virus that stole credit card numbers and other data. The men were suspected of running the Mariposa botnet, named after the Spanish word for butterfly.
Full Story:
http://www.reuters.com/article/idUSTRE6214ST20100303
White House declassifies parts of US Cybersecurity Plan
At the RSA conference in San Francisco on this week, the White House Cyber Advisor declassified parts of the previous U.S. Presidential Administration’s secretive plan to defend the nation’s computer networks. Howard A. Schmidt announced that the current Presidential Administration was partially declassifying the 2008 Comprehensive National Cybersecurity Initiative - 20 - (CNCI) in the name of transparency. The declassified portion of the CNCI includes descriptions of 12 broad initiatives of the CNCI, but few details. The document largely focuses on efforts to secure the federal government’s vast computer networks with the use of its Einstein system to detect unauthorized attempts to access government computers.
Full Story:
http://www.csmonitor.com/USA/2010/0302/White-House-declassifies-parts-of-US-cybersecurity-plan
Microsoft Pushes another Patch linked to Windows Blue Screens
Microsoft on March 2 said it had restarted distribution of a security update that had crippled some Windows PCs last month with reboot problems and Blue Screen of Death error screens. The update, dubbed MS10-015, originally shipped on February 9, but was pulled from Windows Updates’ automatic update two days later after complaints flooded Microsoft’s support forum from users whose machines refused to restart after they had installed the patch.
Full Story:
http://www.computerworld.com/s/article/9164518/
Zombie Tactics threaten to Poison honeypots
Innovations in botnet technology threaten the usefulness of honeypots, one- of the main ways to study how cybercrooks acting as bot herders control networks of zombie PCs. Computer scientists at the University of Central Florida warn that bot herders can now avoid honeypots – which are unprotected computers outfitted with monitoring software. Cybercrooks can program servers to disable or simply ignore honeypots, thus depriving security firms of vital intelligence in how zombie botnets are operating in the real world. The scientists are working on techniques to make stealthier honeypot traps to trick bot herders.
Full Story:
http://www.theregister.co.uk/2010/03/02/
Read the Full DHS Infrastructure Report:
www.enclavesecurity.com/blogresources/cdr_030410.pdf
Topics: DHS Infrastructure Reports | No Comments »
IT Security Highlights March 3rd 2010
By Kelli Tarala | March 4, 2010
Resembling ‘cartels,’ hackers become more industrialized
Hackers are more “industrialized” than ever before and hacking communities now resemble an organized “drug cartel”, according to a report released on March 1. Imperva, a data security company, found that today’s cybercrime industry has transformed and automated itself to mimic the 19th century industrial revolution, which accelerated assembly from single to mass production.
Gmail security enhancements expected this week
Google will roll out a number of security enhancements to Gmail the week of March 1, and perhaps as early as March 2, says a source with knowledge of the new 20 features. The changes are specifically designed to cut down on phishing and hacking attacks on Gmail accounts.
Full Story:
http://techcrunch.com/2010/03/01/gmail-security-enhancements-expected-tuesday/
Microsoft warns of new bug affecting IE users
Steer clear of the F1 key while surfing the Web, at least for a little while. Microsoft warned on March 1 of a new vulnerability that affects Internet Explorer users, saying that it could be exploited by hackers to install malicious software on a victim’s computer.
Full Story:
http://www.networkworld.com/news/2010/030210-microsoft-warns-of-new-bug.html?hpg1=bn
Report: Aurora attack was tested last summer
The attacks on Google and others late last year weren’t as sophisticated as initially believed and appears to have cropped up last summer, according to a report to be released Tuesday by security firm Damballa. Damballa is just the latest company to analyze the attacks and offer an opinion. McAfee dubbed the attacks “Operation Aurora” and said they were highly complex and advanced. While ‘Aurora’ was a very damaging attack that breached some of the most sophisticated networks in the world, it is a ‘garden variety’ botnet and can be traced back to July 2009 when the criminal operators first began testing.
Full Story: http://news.cnet.com/8301-27080_3-10461935-245.html
Word of Warcraft authenticators bypassed by middlemen hackers
Crooks have developed a man-in-the-middle-attack designed to circumvent authentication kit used by dedicated World of Warcraft gamers. World of Warcraft players are reporting that the new infection file is managing to intercept login data (getting around the authenticator) and send it elsewhere, by means of a “Man in the middle attack.” The approach of the gaming fraudsters is broadly similar to man-in-the-middle attacks against online banking accounts, where users are obliged to input a code generated by an authentication device as well as their password.
Full Story:
http://www.theregister.co.uk/2010/03/02/warcraft_account_hack/
Read the Complete DHS Infrastructure Report
www.enclavesecurity.com/blogresources/cdr_030310.pdf
Topics: DHS Infrastructure Reports | No Comments »
IT Security Highlights March 2 2010
By Kelli Tarala | March 3, 2010
Wyndham Hotels hacked again
International hotel group Wyndham Hotels and Resorts has suffered yet another serious data breach after hackers broke into its computer systems and stole customer names and payment card information. An open letter posted on the firm’s site said that the hotel group discovered the attack on one of its data centers in late January.
Full Story: http://www.v3.co.uk/v3/news/2258650/wyndham-hotels-hacked-again
Microsoft warns over rogue Security Essentials
Microsoft has warned Windows users to be on their guard against a piece of rogue antivirus software passing itself off as Microsoft Security Essentials. The fake Security essentials 2010 installs a fake virus scanner on your machine and monitors and blocks processes it doesn’t like. The software will also block access to websites of antivirus and malware companies and flag up a warning message. You can see the list of blocked sites here.
Full Story: http://www.theregister.co.uk/2010/02/26/microsoft_security_essentials_rogue/
State of Application Security: Nearly 60 percent of Apps Fail first security test
Most software applications remain riddled with security holes, according to a new report released today about the actual security quality of all types of software. Around 58 percent of the applications tested by application security testing service provider Veracode in the past year-and-a-half failed to achieve a successful rating in their first round of testing.
Vericode Report: http://www.veracode.com/reports/index.html
New zero-day involves IE, puts Windows XP users at Risk
Microsoft on Sunday confirmed it’s investigating an unpatched bug in VBScript that hackers could exploit to plant malware on Windows XP machines running Internet Explorer (IE). The flaw could be used by attackers to inject malicious code onto victims’ PCs. Users running IE7 or the newer IE8 are at risk.
Full Story:
http://www.networkworld.com/news/2010/030110-new-zero-day-involves-ie-puts.html?hpg1=bn
Grum and Rustock botnets drive spam to new levels
Two highly active botnets have pushed spam levels up by five per cent this month, according to Symantec. The company’s MessageLabs branch, now called Symantec Hosted Services, said in a new report that spam accounted for 89.4 percent of email traffic in February, an increase of 5.5 per cent over last month.
Full Story: http://www.v3.co.uk/v3/news/2258689/pair-botnets-drive-spam-levels
Read the Complete DHS Report
www.enclavesecurity.com/blogsresources/cdr_030210.pdf
Topics: DHS Infrastructure Reports | No Comments »
IT Security Highlights from DHS Report March 1 2010
By Kelli Tarala | March 3, 2010
Attackers improving their aim against top brands
Online criminals are becoming increasingly successful in circumventing enterprise defenses and executing targeted attacks on leading Web brands, according to a study released on February 24. Phishing remains one of the Web’s most popular attack methods, according to Cyveillance’s 2H 2009 Cyber Intelligence Report.
Russian cyber-hackers stopped by local bank
In Eau Claire County, Wisconsin a worker in the treasurer’s office and a local bank prevented computer hackers from stealing almost $800,000. Eau Claire County says the incident happened in late January,via a software attack, but in the end, no money was lost. “The PC got a virus and as a result, the credentials were compromised and that’s how they were able to get in,” said Information Systems Director Dave Hayden.
Scareware scams ride the back of killer whale tragedy
Supposed footage of the February 24 fatal Sea World killer whale attack in Florida points at sites distributing scareware. Search engine manipulation is being used to drive traffic to these sites, by planting links to malware portals in Google results.
http://www.theregister.co.uk/2010/02/25/killer_whale_scareware/
IBM report: Vulnerabilities fell in ‘09, attacks rose
There were 6,601 new vulnerabilities discovered last year, an 11 percent decrease compared to 2008, according to the annual “X-Force Trend and Risk Report. “The computer industry is getting better at building secure software and being responsive to vulnerabilities,” Tom Cross, manager of IBM X-Force Research, told SCMagazineUS.com on Thursday. “But the volume of attack activity is expanding at a very rapid pace.
http://www.scmagazineus.com/ibm-report-vulnerabilities-fell-in-09-attacks-rose/article/164547/
To Read the Complete DHS Report:
http://www.enclavesecurity.com/blogresources/cdr_030110.pdf
Topics: DHS Infrastructure Reports | No Comments »
Checklists a Day: Virtualization Audit Checklists (Week in Review – February 22, 2010)
By James Tarala | March 1, 2010
Welcome back to our weekly archive of audit checklists! We hope these weekly lists will help you as you build your personalized checklist for auditing your own organizations. We know that sometimes it can be difficult to research each of these topics, so hopefully these lists will help save you some time when you are researching your audit scope.
We decided to hit another hot topic this week, so we decided to talk about virtualization. I mean, when you’re not talking about cloud computing security over the family dinner table, you’re probably most likely talking about virtualization security and how it impacts your daily lives (Honey, can you install that new garbage disposal? Of course I can dear, but couldn’t we just virtualize it?). So we’re hoping that these audit checklists will help you as you’re evaluating the controls that protect these environments. You know you’re using them, might as well protect them!
Audit Checklists for Auditing Virtualized Environments:
We hope everyone will enjoy and use these tools this week. If you have suggestions or ideas for future audit checklists or tools, please let us know, we’d love to hear your feedback.
Topics: Audit, Free Audit Checklists | No Comments »
« Previous Entries