«
»

Safenetting Infomanager 1104.25

User Group Network UGN Safenetting and Cybercrime report The news over the past two weeks has revealed some pretty telling info on the state or the cybercrime world. I cannot believe the statistics that as many as 72% of internet users can STILL be fooled by phishing! Amazing
This week’s notes:
[] AVG Warns About ‘Blackhole’ Attack Tool
[] Report Says Android Phone Apps Face Soaring Software Attacks
[] E-mail security: Back on the front burner
[] Tool Shows Vulnerability of Email Addresses
[] Malware Bypasses Security On 64-Bit Windows OS
[] Android Has ‘Huge’ Malware Problem
[] Gold-themed spam fishing for personal information
[] Internet Crime Fighters To Gather in Kuala Lumpur
[] Internet users still fooled by scammers
[] Web Called Vulnerable to Hacks, Malware, and Attacks
. . . and more

AVG Warns About ‘Blackhole’ Attack Tool

Security vendor AVG was warning of an explosion of an online attack tool known as Blackhole that is being used for large-scale attacks.
      V3.co.uk reports that Blackhole made up 44 percent of malware detections in the first quarter, and for more than 86 percent of attack toolkit deployments. AVG says most of those detections came from a combination of ad networks and adult sites.
READ THIS REPORT Full story : IT Business Edge (blog)

Report Says Android Phone Apps Face Soaring Software Attacks

Google’s Android mobile-phone platform faces soaring software attacks and has little control over the applications, according to security firm Kaspersky Lab.
      The Google operating system is being infiltrated by malware at a faster rate than was seen with personal computers at the same development stage, according to the report. Kaspersky Lab noted 70 different types of malware in March, an increase from just …
READ THIS REPORT Full story : Bloomberg (blog)

E-mail security: Back on the front burner

Malware purveyors may not need to hack a company’s server to get their hands on your e-mail address. Security researcher Samy Kamkar–he of the infamous Samy MySpace worm from several years back–recently disclosed a technique for discerning the business e-mail address of almost anyone, whether or not they’ve made it public.
      Jennifer Valentino-DeVries described the program in a recent post on the Wall Street Journal’s Digits blog.
READ THIS REPORT Full story : CNET

Tool Shows Vulnerability of Email Addresses

Hacker and security researcher Samy Kamkar has a new tool out — one that can find working email accounts for people at businesses, even if the address hasn’t been published online.
      The tool, called Peepmail, promises to deliver email addresses for everyone from Apple’s Steve Jobs and Microsoft’s Steve Ballmer to the random guy whose business card you lost. It takes advantage of the fact that many email servers will tell the sender whether the address is valid, even before the message is actually sent.
READ THIS REPORT Full story : Jennifer Valentino-DeVries – Wall Street Journal

Malware Bypasses Security On 64-Bit Windows OS

The latest TDL rookit family contains malware that evades security mechanisms built into the latest x64 operating systems, including Microsoft’s Windows Vista and Windows 7.
      The fourth version of the TDL malware first appeared in August 2010 and contained sophisticated new techniques for defeating security measures. “The most radical were those made to its mechanisms for self-embedding into the system and surviving reboot,” said Aleksandr Matrosov, a senior malware researcher at ESET, in an analysis of TDL4 published by Infosec Institute.
READ THIS REPORT Full story : InformationWeek

Android Has ‘Huge’ Malware Problem

Google’s Android mobile-phone platform faces soaring software attacks and has little control over the applications, according to security firm Kaspersky Lab.
      Applications loaded with malicious software are infiltrating the Google operating system at a faster rate than hackers did with personal computers at the same stage in development, said Nikolay Grebennikov, chief technology officer for Kaspersky. The company identified 70 different types of malware in March, up from two categories in September.
READ THIS REPORT Full story : www.sfgate.com

Gold-themed spam fishing for personal information

It is almost a rule of thumb that everything that might interest a large number of people makes for a good lure for spammers and scammers.
      From news regarding natural disasters and celebrities to offers that promise to change the user’s dire economic situation, scammers keep a good eye on any recent developments and are known to react quickly, and the latest example of their fast reaction times has been spotted by Symantec.
READ THIS REPORT Full story : Help Net Security

Internet Crime Fighters To Gather in Kuala Lumpur

World leaders from business Relevant Products/Services, technology, law enforcement, communications and research sectors are gathering in Kuala Lumpur, next week to plan the next stages in the critical war on cybercrime.
      CeCOS V, produced by the Anti-Phishing Working Group and major tech sponsors including Google, Microsoft Relevant Products/Services, McAfee, and others on April 27-29, will provide a unique forum for uniting leading analysts, technologists, and thought leaders, in addition to law enforcement and national CERTs around critical questions of coordinating the world’s response to the growing cybercrime threat.
READ THIS REPORT Full story : NewsFactor Network

Internet users still fooled by scammers

Trusteer the security company recently conducted an experiment according to which, a phishing scam can fool even an extremely wary Internet-user. Taking a sample of 100 individuals who had accounts on LinkedIn the social-networking website, Trusteer dispatched e-mails to them quite like the regular messages received from LinkedIn. The result – almost 70% of the individuals got deceived and conned.
      Actually, despite constant explanations of phishing assaults and warnings against them, people continue to become victims. Generally, security professionals are capable of elucidating the safe stuff that users require seeking as also the ways for avoiding getting victimized, still victims get made.
READ THIS REPORT Full story : SPAMfighter News

Web Called Vulnerable to Hacks, Malware, and Attacks

There has been a “dramatic” increase in cyberattacks on critical infrastructure but organizations remain unprepared, according to McAfee research. The research found that 80 percent of critical infrastructure organizations had experienced a “large-scale” attack, while 25 percent had been victims of extortion attempts.
      The joint research from McAfee and the Center for Strategic and International Studies (CSIS) looked at the threats to the likes of power grids, oil, gas and water. The survey of 200 IT security executives in the critical infrastructure field across 14 countries, including the UK, found that 40 percent of executives believed their industry’s vulnerability had increased.
READ THIS REPORT Full story : Antony Savvas, Computerworld-UK

Net Safety InfoManager 1104.11

DO NOT CLICKThanks for reading…

Fred Showker

You can also keep up with the efforts to curb spam and cybercrime by reading the news at
GO Knujon and
GO HostExploit.com. And, you should
GO switch to SpamCop and take a stand against spam.

Share this | Post to Twitter Tweet this
Posted by Fred, April 24, 2011
Tags: , , , , , , ,