Cyber Security Institute

Thursday, June 30, 2011

‘Indestructible’ rootkit enslaves 4.5m PCs in 3 months

One of the world’s stealthiest pieces of malware infected more than 4.5 million PCs in just three months, making it possible for its authors to force keyloggers, adware, and other malicious programs on the compromised machines at any time.  The latest TDL-4 version of the rootkit, which is used as a persistent backdoor to install other types of malware, infected 4.52 million machines in the first three months of this year, according to a detailed technical analysis published Wednesday by antivirus firm Kaspersky Lab.

MORE...

Tuesday, June 28, 2011

Cyber attacks are escalating

Today, that highway is starting to resemble the route Mad Max traveled in The Road Warrior.  Hardly a week goes by without seeing news reports about another corporation being sabotaged by hackers.  This month on The Digital Future, Strategic News Service publisher Mark Anderson looks at the huge increase in Advanced Persistent Threats: efforts by nation-states to steal information and technology.

MORE...

Microsoft patents spy tech for Skype

A newly patented Microsoft technology called Legal Intercept that would allow the company to secretly intercept, monitor and record Skype calls is stoking privacy concerns.  Microsoft’s patent application for Legal Intercept was filed in 2009, well before the company’s $8.5 billion purchase of Skype in May.  From Microsoft’s description of the technology in its patent application, Legal Intercept appears similar to tools used by telecommunication companies and equipment makers to comply with government wiretap and surveillance requests.

MORE...

Federal agency issues new security rules for financial institutions

The federal agency that regulates banks today issued new rules for online security for financial institutions, instructing them to use minimal types of “layered security” and fraud monitoring to better protect against cybercrime.  It’s the first time the Federal Financial Institutions Examination Council (FFIEC) has updated its rules since 2005, and the instructions to regulated financial services today focus on protecting high-dollar Automated Clearinghouse (ACH) transactions that have been targeted by sophisticated cybercrime groups that hijack business PCs in order to initiate fraudulent transactions.

MORE...