InfoManager_TM

  Malware, hacking, phishing and cybercrime reports for the end of 2010. Of course we’ll be back in 2011 — it’s forecasted to be the worst year yet for cybercrime. Here’s what we found this week:
* Malware is Eyeing Your Smart Device
* Smartphone users warned of malware threat
* Google adds hacked site notifications to search results
* e-card Malware
* 2011: The Year of Malware Attacks
* Wikileaks DDoS of Spamhaus: Political Activism at Its Dumbest
* 5 Security predictions for 2011
* Cybercriminals Use Amazon Shipping Scam to Deliver Malware
* Pro-WikiLeaks hackers may be hard for U.S. to pursue
* and more

Malware is Eyeing Your Smart Device

It’s happened. Finally. It doesn’t pay to get upset about it. For years, security experts have been saying it’s inevitable. Finally, crackers have almost fully turned their attention from desktop computers to mobile devices.
      Crackers have long dabbled in mobile device attacks, of course. But they are a predictable lot: They go where the money is and where they have the greatest chance for success.
Full story : www.itbusinessedge.com

Smartphone users warned of malware threat

Smartphone users will increasingly be targeted by computer viruses, it has been suggested. Paul Allen, editor of Computeractive, has urged owners of the devices to thoroughly read their manuals to make sure they are aware of the security concerns.
      The comments follow the publication of a new report by the European Network and Information Security Agency,
Full story : www.bcs.org

Google adds hacked site notifications to search results

In an attempt to alert users about the dangers of traveling to a supposedly compromised site, Internet search biggie Google Friday announced that it has added extra notification to search results.
      The move, which comes in the wake of the recent Gawker hacks as well as the `Operation Payback’ denial of service attacks by pro-WikiLeaks activists, will also partly address the challenge caused by black hatsearch engine optimization (SEO), since most attackers use the SEO mechanism to entice
Full story : topnews.us

e-card Malware

Peter Silva for www.sys-con.com writes :
      I’ve gotten some e-cards this holiday season from organizations that I know, and you might even receive one from F5. I just wanted to post a short reminder to be careful of these, especially if you get one from someone you don’t know. This is, and has been for several years, one of cybercriminals favorite ways of distributing malware, infecting your computer and stealing your info. Usually, the e-card arrives in your email with a link to view it online. Once you click that link and visit the purported e-card site, you can become infected. In fact, if you get one and don’t know the sender at all, I’d delete it right away. Often you don’t need to visit a site to get infected since the payload might in the email itself.
Full story : Peter Silva www.sys-con.com

2011: The Year of Malware Attacks

2010 has been the year of cybercrime. From data theft and internal breaches, to WikiLeaks and virus based cyber warfare; businesses and governments around the globe have been affected through stolen intellectual property and illegal transactions. A survey conducted earlier this year found, on average businesses in the U.S spend $3.8 million alone coping with cyber attacks, with some organisations overtly inflicted with costs of up to $52 million.
      TrustDefender predicts 2011 will see a strong increase in cyber activity including malicious malware threats, stolen identities and data infiltration. The move of applications and work environments into the cloud, along with the growing use of mobile devices and online transactions, poses a growing risk to enterprises and makes individuals more vulnerable online. Without adequate attention to online security malware attacks will continue to become more sophisticated and targeted to take advantage of these channels.
Full story : www.prweb.com

Wikileaks DDoS of Spamhaus: Political Activism at Its Dumbest

A week ago, Paul Vixie wrote a thoughtful piece on the morality of DDos, for both sides of the equation of the Wikileaks issues. In it he summarizes things nicely:
      Denial of service is not merely a peaceful protest meant to garner attention for a cause. Denial of service is forcible and it is injurious. It is not like any form of civil disobedience, but rather it is criminal behaviour more like looting.
Full story : Neil Schwartzman – www.circleid.com

5 Security predictions for 2011

The past few years have witnessed a dramatic shift in the cyber threat landscape. Cyber attacks have moved from fame to financial gain, with mass mailer worms replacing malware that steals credit card information and sells phony antivirus products. Malware has emerged as a new business model with billions of dollars at play.
      The year 2010 saw both cyber espionage and cyber sabotage. The world had its first brush with a computer worm attacking physical, real-world infrastructure in Stuxnet. Stuxnet affected industrial control systems used in critical infrastructure in over 155 countries, with India being the third most affected nation. With tremendous growth in mobile computing platforms, cyber criminals have only got further avenues to attack. .
Full story : timesofindia.indiatimes.com

Cybercriminals Use Amazon Shipping Scam to Deliver Malware

Cybercriminals are taking advantage of online shoppers’ last-minute gift buying habits with a new holiday hoax.
      Researchers at the security company Sophos have noticed malware masquerading as legitimate e-mails from Amazon.com alerting users that they have an urgent issue to address regarding a package they ordered. The e-mails, which appear to originate from order-update@amazon.comThis e-mail address is being protected from spambots. You need JavaScript enabled to view it (an address that Amazon actually uses to update customers regarding their orders ), contain the subject “Shipping update for your Amazon.com order” and include an attached .zip file.
Full story : www.securitynewsdaily.com

Pro-WikiLeaks hackers may be hard for U.S. to pursue

Legal hurdles could make it tough for U.S. prosecutors to go after pro-WikiLeaks hackers who waged cyber attacks last week on Visa, MasterCard, PayPal and other companies.
      Typically the federal government prosecutes hacking under the Computer Fraud and Abuse Act, which prohibits the “transmission of a program, information, code, or command” that “intentionally causes damage without authorization, to a protected computer.” It’s a broad, powerful statute that applies even to computer crime committed abroad, and can carry prison sentences and heavy fines. But to use it, authorities will first have to locate the elusive hackers and bring them to the United States.
Full story : www.reuters.com

Previous Safenetting Post

Thanks for reading…

You can also keep up with the efforts to curb spam and cybercrime by reading the news at
Knujon and
HostExploit.com. And, you should
switch to SpamCop and take a stand against spam.