Clampi banking trojan misdirects business wire transfers
July 31, 2009
An ultra-sophisticated virus/banking Trojan designed to infect workplace computers and misdirect wire transfers has begun spreading widely across the Internet.
This nasty but elegant piece of malware, called Clampi, has been around since 2006, and secure firm F-Secure has isolated 3,300 variants since then. But this latest variant is a doozy. More on this below. But first consider the context:
Clampi is one of a few dozen major families of “banking Trojans,” each with thousands of variants. Cutting-edge banking Trojans evolve …More
Insider intrusions escalate using very simple attacks methods
July 29, 2009
USA TODAY
See initial version here.
By Byron Acohido, USA TODAY
Marla Suttenberg had a sinking feeling that a corporate spy was shadowing her.
In March 2008, the owner of Woodcliff Lake, N.J.-based Sapphire Marketing was preparing to give a longtime client a generous price cut on $134,000 worth of audio/videoconferencing equipment.
But before her sales rep could extend the offer, her chief rival, David Goldenberg, then regional vice president of sales for AMX, a …More
Michael Jackson spam spike illustrates botnet infrastructure at work
July 29, 2009
The spike in spam campaigns the began within hours after Michael Jackson’s death hit headlines on June 25th really was not much different than spam waves following the election of President Obama, the outbreak of swine flu and the death of numerous celebrities.
My story delineates how botnet controllers of Waledac, Rustock and Pushdo exectued text book attacks. You can see the story here, or read it below:
USA TODAY
July 29, 2009
Spammers …More
New P2P-based technology self-destructs messages after 8 hours
July 27, 2009
A group of professors and grad students at the University of Washington has created some nifty free technology that can make all the emails and social network messages you type disappear after a period of time. The technology is called Vanish. It’s outside-the-box thinking attendees at the Black Hat security conference might want to check out.
“If people understood the implications of where and how their e-mail is …More
Spammers exploit free email, online storage as Black Hat Vegas 2009 kicks off
July 26, 2009
Caesar’s Palace will be crawling this week with CSOs, CIOs, CTOs, CPOs and system admins seeking guidance on how to quell the rising tide of cyber intrusions at the Black Hat Vegas 2009 security conference.
Meanwhile, spammers late last week began inundating home and corporate PCs email systems with a tidal wave of spam that’s particularly difficult to filter, according to this blog posting by messaging security company …More
How to protect yourself from Adobe-enabled cyber attacks
July 24, 2009
Mikkel Winther, managing partner of Danish vulnerability tracking vendor Secunia, is taking Adobe to task because the current free version of Adobe Acrobat Reader, version 9.1.0, does not include the security patches for 14 security vulnerabilities the company has addressed in the last two months.
Adobe counters that that the free PDF reader also comes with Adobe Updater, which will alert the reader about the recent patches the first time …More
Adobe surpasses Microsoft as favorite hacker’s target
July 24, 2009
The ongoing zero-day attacks in which criminals are creating malicious Adobe Flash video clips and embedding them in PDFs and on legitimate Web pages underscores how Adobe has replaced Microsoft as the favorite target of criminal hackers.
This most current assault on Adobe’s ubiquitous Flash video player and Adobe Acrobat Reader serves as a microcosm of the complex balancing act Adobe is facing.
Genesis of a zero-day attack
Hark back to …More