admini – Page 149 – CyberSecurity Institute

Kaspersky Lab: Kaspersky Lab Reports Significant Increase Of In-The-Wild Threats In September 2008 S

Posted on October 4, 2008December 30, 2021 by admini

Gostev comments on other revelations from the top twenty, “A significant amount of the attacks on users’ computers stem from various script downloaders. Such a Trojan downloader -Trojan-Downloader.WMA.Wimad.n – returned to the ranking in second place in September. This multimedia file exploits a vulnerability in Windows Media Player to download various Trojans.

In Kaspersky Lab’s top twenty ranking of the most common malicious programs among all infected objects detectedon users’ computers the changes were minimal compared to August with only four new entries (3rd, 5th, 15th and 20th), however the majority of the programs have file-infection capabilities.

Net-Worm.Win32.Nimda,which unexpectedly claimed first place in August2008, has been replaced by Virus.Win32.Xorer.duat the top of the ranking.

http://www.tmcnet.com/usubmit/-kaspersky-lab-kaspersky-lab-reports-significant-increase-in-/2008/10/03/3684183.htm

Rogue Security Apps Exceed 60 Percent of Reported Malware in September

Posted on October 2, 2008December 30, 2021 by admini

Not surprisingly, with rogue security malware claiming the top four positions in this month’s Top 10 list, it also propelled the RogueSecurity family into the No. 1 position among malware family activities for the entire month.

“When we see unprecedented volume, as in the case of these rogue security applications, it usually indicates that the attacks are working, and that cybercriminals are trying to act fast to take full advantage of the situation… In order to not fall into these traps, consumers should ensure that the source of their security application purchases are legitimate… Consumers should look out for unsolicited system messages which typically claim to find hundreds of infections, followed by purchase requests to cleanse.”

Fortinet’s FortiGuard® Global Security Research Team compiled this report based on intelligence gathered from FortiGate® multi-threat security systems in production worldwide. Customers who use Fortinet’s FortiGuard Subscription Services are already protected against the threats outlined in this report. FortiGuard Subscription Services offer broad security solutions including antivirus, intrusion prevention, Web content filtering and anti-spam capabilities.

FortiGuard Services are updated by the FortiGuard Global Security Research Team, which enables Fortinet to deliver a combination of multi-layered security intelligence and zero-day protection from new and emerging threats.

Fortinet solutions were built from the ground up to integrate multiple levels of security protection–including firewall, antivirus, intrusion prevention, VPN, spyware prevention and anti-spam — designed to help customers protect against network and content level threats.

http://www.linuxworld.com.au/index.php/id;750619918

Second bill tackles laptop border searches

Posted on October 2, 2008December 30, 2021 by admini

The lawmakers decided to propose the legislation after the Department of Homeland Security failed to provide adequate information about the searches or the limitations on the power, Feingold said in a statement.

The legislation is the second bill to tackle the controversial issue of laptop border searches.

http://www.securityfocus.com/brief/832?ref=rss

UK cybercrime overhaul finally comes into effect

Posted on October 2, 2008December 30, 2021 by admini

Scotland has devolved authority in areas such as computer crime law, so measures such as the clear criminalisation of denial of service attacks entered the statue books north of the border a year ago in October 2007. First up, the maximum penalty for unauthorised access to a computer system (the least serious of three hacking offences covered in the original act) has been raised from six months to two years in prison, making the offence serious enough that an extradition request can be filed.

Requests to introduce changes along these lines were made repeatedly by industry representatives during parliamentary hearings on UK computer crime laws, but are nonetheless controversial in some circles.

Spyblog describes the changes as “ill-defined” and duplicated in the Identity Cards Act 2006 as far as attacks on the planned National Identity Register centralised database are concerned.

Politicians initially suggested an outright ban on so-called hacking tools, which would have made possession of dual-use software package such as Nmap a criminal offence.

Following industry lobbying the measures were modified but still include provisions that criminalise the distribution or creation of “hacking tools” where criminal intent can be established, modifications that have failed to satisfy security experts.

http://www.theregister.co.uk/2008/09/30/uk_cybercrime_overhaul/

New Federal Law Targets ID Theft, Cybercrime

Posted on October 2, 2008December 30, 2021 by admini

Under current law, federal courts only have jurisdiction if the thief uses interstate communication to access the victim’s PC.

Some ID theft victims can spend thousands of dollars and months or years dealing with credit bureaus and debtors from accounts fraudulently opened in their names, but the law doesn’t appear to take into account lost opportunities associated with identity theft.

http://voices.washingtonpost.com/securityfix/2008/10/new_federal_law_targets_id_the.html?nav=rss_blog

Secure Computing Unveils Cyber Security Initiative

Posted on October 2, 2008December 30, 2021 by admini

Secure Computing is used by the world’s most demanding customers to virtually eliminate risks from cyber attacks, espionage or sabotage that may cause loss of life, property, economic loss and disruption or create devastating environmental disasters.

Timed in conjunction with the fifth annual National Cyber Security Awareness (NCSA) Month in October, Secure Computing’s Cyber Security Initiative kicks-off an intensive effort to provide corporations with informative research, tools, technologies, solutions and best practices vital for companies and federal agencies evaluating–or re-evaluating–their approach to critical infrastructure protection. Critical infrastructure comprises all computer systems that can be targets of criminal threats, industrial espionage and/or politically motivated sabotage such as the power grid, water supply, railways, nuclear energy plants and more.
Attacks on such networks can cause loss of life, threaten public safety, impact national security, or create economic upheaval or environmental disaster. It is estimated that the destruction from a single wave of cyber attacks on U.S. critical infrastructures can exceed $700 billion USD — the equivalent of 50 major hurricanes hitting U.S. soil at once.

“Even though businesses and government agencies know they need to secure their networks, many don’t have the in-house expertise or time it takes to fully secure systems,” explained Scott Montgomery, vice president of Global Technical Strategy for Secure Computing. “We want to elevate awareness so that they understand how to change behavior to make security a high priority.” In the industries where security is paramount and network-to-network interconnection is the norm, security is not an option…it is a necessity.

With a unique combination of high-speed application layer defenses, reputation scores, geo-location control, and long history of no patches or hacks, Secure Computing can defend critical networks without jeopardizing their core functionality and availability requirements. Security is needed to protect key aspects of the network: the control system assets themselves and information about critical assets. A major urban utility company servicing over 10 million customers purchased Secure Computing’s Secure Firewall (previously known as Sidewinder) 14 years ago to protect their control network.

The data and resulting analysis will be published on the website mid-October.

http://www.ebizq.net/news/10350.html