Category: Trends

The creators of these kits openly boast how well their code evades anti-virus scanners, and advertise exploits of both long-patched and unpatched vulnerabilities in browsers, particularly Microsoft’s Internet Explorer.

One group, for instance, was the first to exploit the late-2005 WMF (Windows Metafile) bug, while the WebAttacker makers jumped on the VML (Vector Markup Language) vulnerability last month.

Nuclear Grabber, on the other hand, is often paired with WebAttacker — the latter is used to install a rootkit of browser helper object on a vulnerable PC — and then sends any information typed into a Web form to not only the real (and legitimate) destination, but also to the criminal.

There’s even a kit for phishing thugs, dubbed “Rock Phish Kit,” that targets cyber-crooks who don’t know how to craft a fake Web site. The kit, which Websense first spotted in November 2005, only offered 2 or three bogus branded sites when it started to sell, but now packages as many as 15 or 20, all of which can be hosted on a single server. The result of kit selling has been to boost the volume of malicious sites and the speed with which unpatched, or “zero-day” vulnerabilities, are put to work by a large number of cyber-criminals, said Hubbard.

http://www.darkreading.com/document.asp?doc_id=105163&WT.svl=cmpnews1_1

Customers want to have a smaller set of vendors accountable if their technology fails to keep information secure and in compliance with regulations–and large systems and storage companies have the financial clout to act as consolidators. “They have the ability to do the potential M&A (mergers and acquisition) deals in cash, or are large enough to do them with stock, or a combination of both,” MacLeod said.

Prior to their acquisition announcements, ISS and RSA Security, for example, had long been rumored to be potential buyout candidates. Other names analysts point to on a short list of potential targets include Trend Micro, Check Point Software Technologies, McAfee and Secure Computing.

“On one side, you have companies like Cisco (Systems) and Microsoft that will discount the price they charge for security, and on the other side, you have the best-of-breed (niche security) companies,” Kuper said.

Buyers don’t want the consumer side, so maybe it could take the consumer piece private and sell the enterprise business,” said one security analyst, who requested anonymity.

http://news.com.com/Security+firms+jump+in+the+acquisition+pool/2100-7350_3-6121403.html?tag=nefd.lede

“Organisations and the individuals they employ have to take mobile security seriously while still ensuring that they can take advantage of the benefits,” said the report.

However, the study concluded that if security is managed properly, the risks are acceptable given the possible gains for a company.

http://www.vnunet.com/vnunet/news/2165203/managers-snub-mobile-security

They are no longer just executed by hackers for hobby or cybervandilism, but by professionals with a targeted aim at one person, one company or one industry,” said Amrit Williams, research director at Gartner. “For example, we have recently seen several companies hiring private investigators to spy on their competitors.”

Gartner said that social engineering and viruses will remain an everyday nuisance for chief information security officers through 2009.

Gartner urged organisations to incorporate penetration testing into vulnerability management processes and investigate more-aggressive intrusion detection and protection approaches that move beyond threat-signature-based approaches.

It also advised companies to evaluate managed security services when internal capabilities are not available or sufficient for advanced security activities.

Identity theft refers to the theft of an individual’s personal or financial information for the purpose of stealing money or committing other types of crimes. This continues to be a disruption as it can be used to send confidential information to unauthorised persons without the knowledge or consent of an e-mail user.

Gartner advised organisations to ask their existing desktop security vendor to provide an integrated anti-spyware solution.

They should also use their gateway and network security devices to provide anti-spyware capabilities in the network, a strategy that has proved effective in the fight against viruses and spam.

Defence against social engineering relies on deploying consistent security policies and practices that include; educational and clear reporting programmes as well as appropriate technology management. For example, to minimise the risk of sending confidential corporate documents or trade secrets to inappropriate recipients, organisations should use content monitoring and filtering tools.

More than 1,900 information technologies and trends across more than 75 industries, technology markets, and topics are evaluated by more than 300 Gartner analysts in the most comprehensive assessment of technology maturity in the IT industry. It highlights the progression of an emerging technology from market over enthusiasm through a period of disillusionment to an eventual understanding of the technology’s relevance and role in a market or domain.

http://www.gartner.com/it/page.jsp?id=496247

http://www.securityfocus.com/brief/299?ref=rss

“We’ve seen criminals hack into hospital systems just to get the Social Security numbers of the newborns. There’s no one, obvious group of organizations that hackers are targeting.”

There are still plenty of independent hackers out on the Web — just look at the recent Black Hat and Defcon conferences — who might sell vulnerabilities or stolen data by putting them up for auction.

Worms and viruses invented by independent hackers still make up a huge portion of the damage done to corporations each year, Pierson notes.

But the visibility of these individuals and their exploits sometimes belies the growing, but largely unpublicized threat from organized criminals who buy data from hackers or insiders and sometimes contract with them to collect data from a specific corporation, experts agree.

Pierson gives the example of stolen customer credit card data, which is sometimes handled by multiple individuals in a joint effort. While credit card information might be collected through the collaboration of phishers and spammers, that data might then be passed to “cashers” who forge credit cards that use the numbers. Then those cards will be passed out to a network of “mules” who use the cards for small purchases — the kind that might not be immediately detected by the victim — and thrown away. Then the syndicate of players might sell the account information to another buyer, just as the parts of a stolen car might be resold. A similar sort of “syndicate” might be formed to fence stolen business secrets or customer lists to competitors, or to other nations or terrorist groups, he says.

External hackers may be paid off; insiders may be disciplined or dismissed; and in some cases, the crime is never detected. Although there are cases in which external hackers break into an enterprise they find attractive, most targeted attacks involve some help from an insider, experts say.

http://www.darkreading.com/document.asp?doc_id=103198&WT.svl=news2_1