admini – Page 68 – CyberSecurity Institute

Malware fight goes public on the web

Posted on May 23, 2013December 30, 2021 by admini

Formed in 2005 to help address the problem of compromised computers – sometimes referred to as bots, or drones – connected to the internet, AISI collects data from various sources on devices exhibiting odd bot-like behaviour on Australian IP addresses.

The detailed statistics on malware infections show that on average during this financial year about 16,500 malware reports have been provided to AISI participants each day – representing what the authority says is a “significant level of malware” affecting Australians.

“Once infected with malware, a user’s personal identity information can be stolen and their infected computing device used to harm and infect other internet users,” said Richard Bean, the authority’s deputy chairman. “Just as the internet increasingly provides rapid access to information about news, events and the activities of friends and family, it should also enable Australians to quickly get information about online risks and threats such as malware infections.”

The authority said the most prevalent infection type currently being reported are numerous variants of Zeus, which is primarily used for banking fraud, and, among other things, can intercept and modify an infected user’s online banking transactions.

Link: http://www.smh.com.au/it-pro/security-it/malware-fight-goes-public-on-the-web-20130522-2k036.html

Twitter steps up security with two-factor authentication option

Posted on May 23, 2013December 30, 2021 by admini

Jim O’Leary from Twitter’s product security team acknowledged in a blog post on Wednesday that “even with this new security option turned on, it’s still important for you to use a strong password and follow the rest of our advice for keeping your account secure.”

Some of the more recent and widely-reported attacks have hit targets ranging from The White House to the Associated Press to more than 250,000 users at large earlier this year.

At the end of April, the San Francisco-based private company penned a memo to news media outlets warning that such cyber attacks would continue.

In regards to the media, Twitter added at the time that most of the security breaches appeared to be “spear phishing attacks” targeting corporate email.

Link: http://www.zdnet.com/twitter-steps-up-security-with-two-factor-authentication-option-7000015762/?s_cid=e589&ttag=e589

New Citadel malware variant targets Payza online payment platform

Posted on May 23, 2013December 30, 2021 by admini

“The Payza transaction PIN is used every time a user wants to send funds, add funds, withdraw funds or make a payment,” Trusteer researcher Etay Maor said Tuesday in a blog post.

These stem from the wide use of public computers in locations such as Internet cafes and the generally low level of online security awareness, he said.

“Public computers are typically at higher risk for malware infections and when used by an unsuspecting user, the chances of a successful fraudulent transfer are much higher.”

Link: http://www.pcworld.com/article/2039502/new-citadel-malware-variant-targets-payza-online-payment-platform.html

Telling the FBI Your Company Has Been Hacked

Posted on May 23, 2013December 30, 2021 by admini

For this, we turn to Galligan’s afternoon panel on cyber crime, where she was accompanied by attorneys in private practice, a law professor, the head of a computer forensics firm, and the chief of the Manhattan District Attorney’s investigations division.

First, as Ed Stroz, of the investigative firm Stroz Friedberg, explained, it’s important to recognize that you could be attacked by different categories of attackers, including state-sponsored actors, organized criminal groups, individual hackers or “hacktivists,” and company insiders. “What happens with the FBI is right now, approximately 60 percent of the time, we are going out and telling a company that they have been intruded upon,” says Galligan. Well, either they’re getting the information from another FBI investigation, “or we’re getting it from our partners in the government,” Galligan says, which includes all 16 of the U.S. intelligence agencies.

Whether you call them or they call you, Galligan and her FBI team are going to hope your company has already contemplated the possibility of a cyber attack, that you have a response plan, and that your general counsel is involved in it.

“Because we say over and over—and I have seen it over and over—that unless the general counsels and/or your outside counsel are involved in these issues from the beginning, are part of your plan, it becomes very, very difficult for the government to help you,” Galligan says,

The bureau also pointed out to the banks that a DDoS can serve as an opportunity for criminal actors to “come in and commit crime in your system.”

“It’s a discussion where we say, ‘We recognize you need to make a business decision,” she says, “and that business decision is going to be a very complicated one.’

“You have to really figure out what exactly you’re going to be willing to do,” says DeVore & DeMarco partner Joseph DeMarco, who specialized in cyber crime as an assistant U.S.

Link: http://www.law.com/corporatecounsel/PubArticleCC.jsp?id=1202601094171&Telling_the_FBI_Your_Company_Has_Been_Hacked

Keeping Up With the Andromeda Botnet

Posted on May 22, 2013December 30, 2021 by admini

The Andromeda spam botnet is a good example of this trend, this time with aid of the Blackhole Exploit kits (BHEK) and some new neat tricks. This threat arrives as a spammed message containing a malicious attachment (GAMARUE variants) or links leading to certain sites, which now include those compromised by the notorious Blackhole Exploit kit. Some of the commands the malware can execute include downloading other malware onto the system, most notably info-stealing threats like ZeuS/ZBOT variants.

Because some Andromeda-related spam messages eerily looks like legitimate email notification from commercial services (flight, hotel, courier services etc.), the usual criteria for determining a spam are not sufficient. Since BHEK is known to exploit software vulnerabilities like Java, you must always update your system with the latest security patch or re-consider your use of Java. For better protection, install antimalware software like Trend Micro, which protects your system from spam, malicious URLs, and malware.

Link: http://blog.trendmicro.com/trendlabs-security-intelligence/keeping-up-with-the-andromeda-botnet/?utm_source=feedburner&utm_medium=feed&utm_campaign=Feed%3A+Anti-MalwareBlog+%28Trendlabs+Security+Intelligence+Blog%29

Cyber crime ‘costs small companies £800m a year’

Posted on May 21, 2013December 30, 2021 by admini

The lobby group is concerned that the cost to the wider economy could be much greater, as small businesses refuse to trade online because they believe the security framework does not give them adequate protection.

Mike Cherry, FSB chairman, said: “Cyber crime poses a growing threat for small firms and it isn’t something that should be ignored. “While we want to see clear action from the Government and the wider public sector, there are clear actions that businesses can take to help themselves.”

The FSB issued 10 tips to help businesses protect themselves, including a combination of standard security protection steps (e.g. putting up a firewall and using antivirus and anti-spam software); carrying out regular security updates on all software and devices; and ensuring there is a resilient IT system and email password policy. The Government has urged small companies to spend more on security to address the rise in cyber crime and meet the terms of a tough EU directive.

Link: http://www.telegraph.co.uk/finance/yourbusiness/10069374/Cyber-crime-costs-small-companies-800m-a-year.html