Malware Count Blows Past 1M Mark
http://www.computerworld.com/action/article.do?command= viewArticleBasic&articleId=9075518&source=rss_news50
Symantec Corp.'s malware tally topped 1 million for the first time in the second half of 2007 as the number of new malicious code threats skyrocketed, the company said in its semi-annual report on the state of security. Of the 1.1 million code threats that Symantec has detected since it began writing signatures more than a quarter-century ago, 711,912 were discovered in 2007; 499,811 were picked up in the last six months of the year alone. In other words, nearly two-thirds of all the threats that Symantec has ever uncovered were found last year. Symantec credited the explosion in threats to a shift to specialization by malware makers and the existence of well-oiled, and well-financed, organizations that hire those programmers to write exploits and craft attacks.
Ten Reasons You Should Be Paranoid Each Time You Power Up Your PC http://www.itbusiness.ca/it/client/en/home/News.asp?id= 47782
Although we've adopted a light hearted approach in this feature, concerns about data privacy are not to be taken lightly. Paranoia, as one expert observed, is just a "good way of having a long horizon." So being paranoid about how data practices today is just "being rational about protecting yourself tomorrow." And here are 10 reasons why it is sensible to be paranoid.
Browser Exploits Getting More Intense http://www.networkworld.com/news/2008/041008-rsa-browse r-exploits-intensifying.html?fsrc=rss-security
Threats against browsers are getting more sophisticated and branching out into such exotic areas as gaming, experts told attendees at RSA Conference 2008. New attacks from games and virtual-world Web sites can deliver bot-like control of browsers to attackers, said Ed Skoudis, a security consultant with Intelguardians, speaking at RSA. All that's needed is for the infected image of an avatar to appear. "The character walks into view of the screen, and I take over the box," he said. Compromised browsers can act as a stage to launch further hacking of computers, Skoudis said. An attack could shut off corrupted machines' keyboard and mouse control, making it more difficult to stop.
Phishers Offer Credit Card Discounts to Prospective Marks http://www.theregister.co.uk/2008/04/10/mastercard_secu recode_phish/
Phishing fraudsters are using promises of financial discounts to trick unwary users into handing over their credit card details. Scam emails that form the basis of the fraud claim to be part of MasterCard's SecureCode scheme. Con men are attempting to exploit a lack of familiarity with the recently introduced programme, which ironically promises to offer greater security to credit card transactions. Phishing emails attempt to lure prospective marks into "signing up" to SecureCode, by offering a 16 per cent discount on future purchases made with the card.
Tibet Attack Trojan Identified http://www.vnunet.com/vnunet/news/2214084/tibet-attack- trojan-identified
A new SQL-based Trojan has been connected to the recent attacks on pro-Tibet web sites as well as the outbreak of site infections uncovered last month. A pair of researchers are reporting that the 'Fribet' Trojan has spread among users by embedding itself in pro-Tibet web sites by way of an SQL injection and then exploiting a browser vulnerability to remotely install and execute. McAfee researchers Shinsuke Honjo and Geok Meng Ong reported on a company blog posting that the Trojan not only gives the attacker the ability to remotely control and perform installations on infected PCs, but it also provides the ability to receive SQL instructions. This, the researchers say, can allow the attacker to use infected machines to host other web exploits.
Stolen Military Gear Hawked on eBay http://www.smh.com.au/news/web/stolen-military-gear-haw ked-on-ebay/2008/04/11/1207856785284.html
Stolen and sensitive U.S. military equipment, including fighter jet parts wanted by Iran and nuclear biological protective gear, has been available to the highest bidder on popular internet sales sites, according to congressional investigators. Using undercover identities, investigators purchased a dozen defense-related items on the auction site eBay and the online network Craigslist from January 2007 through last month and received the items "no questions asked." The Defense Department regards much of the stolen equipment to be on the U.S. Munitions List, meaning there are restrictions on their overseas sales, the Government Accountability Office said Thursday.
You cannot post new topics in this forum You cannot reply to topics in this forum You cannot edit your posts in this forum You cannot delete your posts in this forum You cannot vote in polls in this forum You cannot attach files in this forum You can download files in this forum
