The Security Detail


July 31, 2011  10:14 PM

Anonymous Hacks FBI Contractor



Posted by: Tony Bradley
Anonymous, FBI, hackers, LulzSec, ManTech

The fun never ends with the AnonyLulz, or Lulzymous..whatever–those hackers that don’t know when to quit and walk away and continue to kick the hornet’s nest.

Now, Anonymous has hacked into ManTech, a government security contractor that works with the FBI. Lest we question the veracity of the claims, the hackers have shared some of the spoils from the attack online.

A PCWorld article explains, “As promised, members of the Anonymous hacking movement have released hundreds of megabytes of documents that they say were stolen from government security contractor ManTech.”

The article also details some of the other hornet’s nests that have been kicked: “But the company is just the latest security contractor to be hit by Anonymous and its sister organization, LulzSec. Contractors HBGeary and Unveillance were also embarrassed by high-profile breaches this year, and LulzSec has targeted the U.S. Central Intelligence Agency, the U.S. Senate and members of the FBI’s InfraGuard information-sharing program, among others.”

July 31, 2011  10:07 PM

Hotmail Beefs Up Security



Posted by: Tony Bradley
hijack, Hotmail, Microsoft, password, phishing, spam

Have you ever gotten a message from a friend that turned out to be spam or a phishing attack–perhaps a message your friend didn’t really send, and probably isn’t even aware of? Of course you have.

Microsoft has added some new features to Hotmail to try and prevent such things. The new Hotmail security works from both ends–one to strengthen Hotmail account security in the first place, and the second to make it easier to identify and flag accounts that have been compromised.

A Microsoft Privacy and Safety blog post explains:

At Hotmail, we know that account hijacking is a big problem, and we continue to work hard to prevent it. We’ve noticed a couple of things about hijacked accounts. First, many accounts have weak passwords that make them easy targets for hijackers. Second, when someone’s account gets hijacked, their friends often find out before they do, because the hijacker uses their account to send spam or phishing email to all their contacts.

These two observations led us to develop a couple of new features that help protect your accounts. The first lets you report a friend’s account as compromised – a feature unique to Hotmail – and the second prevents you from using common passwords that make your account easy to hack.

Click here to read the complete post.


July 31, 2011  9:58 PM

Mac Malware Still Prowling About



Posted by: Tony Bradley
Backdoor Olyx, Mac, malware, Microsoft

I know that the whole MacDefender thing isn’t making headline news everyday anymore, but that doesn’t necessarily mean that attackers are done with Macs. On the contrary, Pandora’s box has been opened, the Mac has made it onto the attacker’s radar, and Mac users probably have a lot more of this to look forward to.

A recent post on the Microsoft Malware Protection Center blog details an examination of a threat called Backdoor Olyx which seems to target Macs. The lack of any purpose or payload suggests that it might be on a reconnaisance mission for future malware efforts.

Check out the details on the Microsoft blog post.


July 31, 2011  9:53 PM

Reward: $250,000 for Information on Rustock



Posted by: Tony Bradley
botnet, Microsoft, reward, Rustock

Microsoft used a combination of technical and legal manuevers to effectively shut down the Rustock botnet earlier this year. Just because the ongoing threat has been stifled doesn’t mean Microsoft is done pursuing it, though.

A post on the Microsoft Privacy and Safety blog states:

Today, we take our pursuit a step further. After publishing notices in two Russian newspapers last month to notify the Rustock operators of the civil lawsuit, we decided to augment our civil discovery efforts to identify those responsible for controlling the notorious Rustock botnet by issuing a monetary reward in the amount of $250,000 for new information that results in the identification, arrest and criminal conviction of such individual(s).

For more details on the ongoing efforts and Microsoft’s reward for Rustock information, click here.


July 28, 2011  6:57 PM

Hackers Nab Info on Virtually Everyone in South Korea



Posted by: Tony Bradley
china, Cyworld, data breach, hackers, personal information, social network, South Korea

Millions of customers had information exposed when Epsilon was hacked. When Heartland was breached it exposed data on over 100 million customers. Massive attacks affecting millions, or even tens of millions of users are so common that we are numb and barely blink anymore.

The latest attack in South Korea is different, though. At a relatively “meager” 35 million compromised accounts it may seem almost trivial by comparison, but in this case the figure of 35 million has a whole different meaning, because it means that basically every user in South Korea who uses the Internet at all is possibly affected.

Authorities are blaming China for the attack against Cyworld–a popular South Korean social networking site. The hackers were able to grab names, phone numbers, email addresses and other sensitive information.


July 28, 2011  1:38 PM

Bitdefender Launches Total Security 2012



Posted by: Tony Bradley
antimalware, Bitdefender, Internet security, malware protection, PC security, Total Security 2012

BUCHAREST, Romania – July 28th 2011 – Bitdefender, an award-winning provider of innovative Internet security solutions, today announced the release of the new Total Security 2012, offering “sleek and silent” defense — proactive protection from threats such as hackers, viruses, and identity theft attacks, without slowing PC performance.

 

Bitdefender Total Security 2012 includes an overhauled user interface and has been designed to meet the demands of computer users that require protection to work 24/7 without interrupting their work and enjoyment. Key new features include social networking protection, an Autopilot mode and scan dispatcher to maintain system performance. BitDefender Total Security 2012 is being launched alongside sister products Bitdefender Internet Security 2012 and Bitdefender Antivirus Plus 2012.

 

“We’ve given the home user product range a striking overhaul, offering sleek, silent defense from today’s e-threats,” said Bogdan Dumitru, Bitdefender CTO. “The new interface is very easy to use, and the addition of the optional Autopilot feature will meet the demands of those users looking for a hassle-free security experience.”

 

”Bitdefender’s technology has been leading the way across independent testing and consumer organization recommendations for some time now, and we’re certain Total Security 2012 will help to further our reputation as the strongest choice for digital defense,” commented Dumitru. 

 

When in Autopilot mode, the product makes intelligent, optimal security-related decisions without input from the user. This means no pop-ups or alerts, and nothing to configure after setup. However, users are still able to easily access the dashboard in order to make their own in-depth decisions.

 

Bitdefender’s new social networking security feature filters and blocks social-networking specific e-threats by scanning the links users receive from friends on Facebook, while also monitoring and advising on privacy settings. Meanwhile, the scan dispatcher finds and uses time-slices when system resource usage falls below a certain threshold to perform recurring scans of the entire system. This way Bitdefender does not interfere with user-initiated actions and does not impact system responsiveness.

 

The range of new and improved features in Bitdefender Total Security 2012 also includes:

New – Safebox – Online Backup and File Synchronization:  Bitdefender Safebox monitors important files and instantly backs them up to a secure remote server whenever a change is detected. Backed up files become available to users’ other computers on which Bitdefender is installed. Bitdefender Total Security 2012 comes with 2GB of free storage.

New – Rescue Mode: If e-threats, such as rootkits, cannot be removed from within the Windows operating system, the computer is re-booted in Rescue Mode—a trusted environment which is then used for cleanup and restoration.

New – Virtualized Browser: Launches the browser in a Bitdefender-provided environment, isolating it from the operating system.  This is done to prevent browser-based e-threats from exploiting vulnerabilities to gain control of the entire system.

Improved – Flexible Interface: Drag and drop modules to get quick access to the actions you perform most often directly from the main window.

Improved – Streamlined Installation: Bitdefender 2012 easily installs with just a few clicks, and in half the time required by the previous version.  

For more information on Bitdefender Total Security 2012, please visit http://www.bitdefender.com

All product and company names mentioned herein are for identification purposes only and are the property of, and may be trademarks of, their respective owners

 

About Bitdefender®

 

Bitdefender is the creator of one of the industry’s fastest and most effective lines of internationally certified internet security software. Since 2001, Bitdefender has been an industry pioneer, introducing and developing award-winning protection technologies. Every day, Bitdefender secures the digital experience of tens of millions of home and corporate users across the globe. Bitdefender solutions are distributed by a global network of value-added distribution and reseller partners in countries across the world.

 

Recently, the company has won a range of key independent recommendations in the US, UK and across Europe, including ConsumerSearch, Which?, Stiftung Warentest and Taenk. Bitdefender antivirus technology has also finished top in leading industry tests from both AV Test and AV-Comparatives. More information about Bitdefender and its products is available from the company’s security solutions press room. Additionally, Bitdefender publishes Malware City providing the latest updates on security threats and helping users stay informed in the everyday battle against malware.


July 27, 2011  3:48 PM

Symantec Report: Rise in Attacks Targeting Mobile Users



Posted by: Tony Bradley
malware, phishing, security, spam, Symantec

The July edition of the Symantec Intelligence report combines research and analysis from the Symantec.cloud MessageLabs Intelligence Report, and the Symantec State of Spam & Phishing Report to provide analysis of cyber security threats, trends and insights from the Symantec Intelligence team concerning malware, spam, and other potentially harmful business risks.

Highlights from the most recent report include:

• Spam – 77.8 percent in July (an increase of 4.9 percentage points since June 2011)

• Phishing – One in 319.3 emails identified as phishing (an increase of 0.01 percentage points since June 2011)

• Malware – One in 280.9 emails in July contained malware (an increase of 0.02 percentage points since June 2011)

• Malicious Web sites – 6,797 Web sites blocked per day (an increase of 25.5 percent since June 2011)

• 35.9 percent of all malicious domains blocked were new in July (an increase of 0.8 percentage points since June 2011)

• 21.1 percent of all Web-based malware blocked was new in July (an increase of 0.8 percentage points since June 2011)

• Aggressively unstable malware leads to a rise in sophisticated socially engineered attacks

• Large scale malware attack using URL shortening services

For more details, download and read the 21-page PDF report for yourself–Symantec Intelligence Report: July 2011.


July 22, 2011  5:21 PM

LulzSec Becomes Wildcard in News Corp Scandal



Posted by: Tony Bradley
emails, LulzSec, News Corp, News of the World, phone hacking

Just about the only thing that has eclipsed the rampage of attacks by the hacking collective known as LulzSec in the news over the past couple of months have been the recent revelations regarding illegal hacking by News Corp. journalists.

The interesting thing is that LulzSec has ostensibly shut down operations in a sort of forced retirement after it poked one too many hornet nests and had law enforcement in a frenzy looking to take them down. After being silent for only a matter of days, the LulzSec team jumped online and hacked into News Corp. servers and allegedly obtained 4GB of archived email–archived email which may very well contain details revealing that News Corp executives were aware of and/or condoned or promoted the illegal activities.

Check out USA Today’s Byron Acohido’sc coverage of this story to learn more: LulzSec Plans to Release Trove of News Corp Emails.


July 10, 2011  10:42 AM

PDF Flaw Puts iOS Devices at Risk



Posted by: Tony Bradley
Apple, flaw, iOS, iPad, iPhone, jailbreak, security risk

One of the persistent claims–in fact, a claim that I myself frequently make–is that iOS is a more secure mobile platform than the rival Android OS by virtue of Apple’s closed environment. The walled garden and the app approval process offer some level of protection for iOS users, right?

Well, that is true to an extent, and I still maintain that iOS is more secure than Android overall, but you can’t ignore the fact that hackers manage to jailbreak iOS–often within a day or two of a new version being released. Jailbreaking, in and of itself, is not malicious. It is designed to break down the Apple walls and give users more open access to work with their iOS devices as they choose without needing permission from Apple. The reality, though, is that if benign hackers can jailbreak iOS and gain full control over the mobile OS, then so can malicious attackers–leaving iPhones and iPads exposed to significant security risk.

The recent JailbreakMe 3.0 tool can wirelessly jailbreak iOS devices–including the iPad 2, using a flaw in the way iOS manages PDF files. Apple is working on a fix, but in the meantime I recommend being very careful about opening PDF files on an iOS device–unless you are intentionally trying to jailbreak the device.


June 30, 2011  10:12 PM

Cisco Report–Email Attacks: This Time It’s Personal



Posted by: Tony Bradley
cisco, email, phishing, security, spam, spear phishing

In the complex and ever-changing landscape of online crime, cybercriminals have made a fundamental shift in strategy, abandoning traditional mass spam attacks in favor of personalized attacks with a greater financial impact on targeted organizations, according to a new security report from Cisco. Research conducted by Cisco® Security Intelligence Operations shows the trend toward increased targeted attacks featuring highly customized threats containing malwarethat are directed at a specific user or group of users for intellectual property theft.

Key Findings – Email Attacks: This Time, It’s Personal

  • Returns from mass email-based attacks declined by more than 50 percent from US$1.1 billion in June 2010 to $500 million in June 2011.
  • Mass spam volumes plummeted from 300 billion daily spam messages to just 40 billion between June 2010 and June 2011.
  • There is an increase in spearphishing and personalized scams and malicious attacks.
  • Spearphishing attacks have increased threefold, while scams and malicious attacks have increased fourfold.
  • The overall cost of targeted attacks to organizations worldwide is $1.29 billion annually.

Like almost all types of cybercrime exploits, the success of targeted attacks relies on technical holes and the all-too-human tendency to misplace trust. Targeted attacks are the most elusive threat to protect against and have the potential to deliver the most potent negative impact. Very low in volume, they focus on a specific individual or group under cover of anonymity provided by specialized botnet distribution channels. Typically, they rely on malware or APTs (Advanced Persistent Threats) to harvest desired data over a period of time. An example of a targeted attack is the infamous Stuxnet worm, which had the potential to severely disrupt industrial computing systems and could traverse non-networked systems, thus placing at risk even systems unconnected to networks or the Internet.

Spearphishing attacks, though more costly to mount and lower in volume than mass spam attacks, also pose serious consequences for today’s enterprises. Many spearphishing attacks ultimately lead to financial theft, making them both highly dangerous to victims and highly valuable to cybercriminals. Spearphishing campaigns, which are a highly customized evolution of the traditional mass attack technique of phishing, can net 10 times the profit of a mass attack.

The global study focuses on perspectives from 361 information technology professionals from 50 countries andwas compiled by Cisco Security Intelligence Operations, which provides real-time threat intelligence to help Cisco stay ahead of the latest cyber threats. Cisco SIO is the world’s largest cloud-based security ecosystem, using SensorBase data of almost 1 million live data feeds from deployed Cisco email, Web, firewall and intrusion prevention system (IPS) solutions.

Download the full report – Email Attacks: This Time It’s Personal


Forgot Password

No problem! Submit your e-mail address below. We'll send you an e-mail containing your password.

Your password has been sent to: