Uncategorized
Why it is all too easy to become a cybercriminal
February 19, 2010
The disclosure of Operation Aurora last month and the outing of the Kneber botnet gang’s stolen booty this week have much in common.
Both involved nothing-out-of-the-ordinary cyberattacks that quixotically rose above the din to grab international headlines.
The mainstream attention is welcomed. It helps to underscore how the Internet underground has advanced to the point where a plethora of powerful hacking tools and services is readily available to …More
American Bankers Association’s warning to small firms comes as a surprise
January 6, 2010
My editors were not the only ones surprised that the very conservative American Bankers Association has come out with a warning for small and mid-sized businesses cautioning them to only use a dedicated PC for online banking.
Jennifer Bayuk was also shocked. Bayuk is the former chief information security officer at Bear Stearns. She is well-known and well-respected as a security consultant, speaker and author on tech security …More
Apple iPhone worm turns phones into bots
November 23, 2009
A malicious Apple iPhone worm — designed to turn jail-broken iPhones into bots — proves, yet again, that cybercriminal are as predictable as Seattle rain.
This iPhone worm appeared over the weekend, arriving less than two weeks after a 21-year-old Australian researcher, Ashley Towns, released the Ikee worm — the prototype for this new type of attack.
You may recall Towns cleverly changed the wall paper of iPhones he …More
Finally — a solid measurement of the scale and scope of cyber attacks
September 16, 2009
Metrics precisely quantifying the scale and scope of cybercrime activity have historically been hard to pin down. But now comes a milestone survey, buttressed by another report, that defines the degree to which the Web is infested with malicious code.
The SANS Institute’s report on Top Cyber Risks is by far the most comprehensive accounting of ongoing cyber attacks ever made public. SANS is the well-respected Washington D.C.-based tech security …More
SMB2 zero-day flaw could expose Vista PCs to Conficker-like worm attack
September 9, 2009
Microsoft has just disclosed that the SMB2 zero day vulnerability — for which no patch exists — is remotely exploitable.
The software giant is raising a bright red flag because this affects all Windows Vista and certain Windows Server 2008 PCs.
I’ve begun polling some top security researchers and analysts about the go-forward implications of advisory no. 975497 just issued by Microsoft.
The backdrop: Independent researcher Laurent Gaffie earlier this week took credit for discovering — and publicly disclosing — the …More
Cybercrime experts keep close watch on Internet worm
January 27, 2009
By Byron Acohido, USA TODAY
Find original copy of this article here.
The world’s top virus hunters are watching every move made by the attacker in control of a nasty new Internet worm – referred to as “downadup” or “conficker.”
What worries them most is that the person, or group, controlling the worm could at any time direct the PCs to carry out criminal activities on an unprecedented scale. And there’s not much anyone can do to stop them.
The attackers could use …More
W32.downadup: old-school network worm
January 12, 2009
Symantec is reporting more than 3 million Windows PCs have been infected by the self-propagating “Downadup” worm. This Symantec graphic shows infections densely saturated in the USA, Brazil, and especially India.
This is an old school worm folks. It’s on auto pilot in the wild, searching out Windows PCs unpatched for the latest RPC-DCOM security hole. Ironically, home PC users are much better protected by Windows Auto Update, than corporate …More