TechBlog

Today we are going to take a closer look at bots and botnets. On the black market, selling bots and botnets is quite profitable, which makes creating them a popular activity for criminals. It helps that bot sources and creation kits are available on the Internet, allowing even script kiddies to create their own botnets. Another reason bots get created is that some people who get bored in their daily lives tend to do things that in their opinion might earn them respect or admiration in front of their peers or in various Internet chat rooms. ...

— 7.68 Terabits/s for growing Asian market — $300 million cost (from consortium of six companies) — 10,000 km length (Chikura in Japan to Los Angeles) — Increases capacity across Pacific by 20 percent — Dense Wavelength Division Multiplexing technology (960Gbps per fibre-optic pair with a maximum of eight fiber pairs) — construction time: two years Story here.

Charlie Miller, Principal Analyst at Baltimore, Md.-based security firm ISE, has made news in the last two days saying that he found 20 perviously-unknown security vulnerabilities in Apple’s OS X operating system. News stories seem to anticipate that he will reveal them at the CanSec West conference next week in his talk “Babysitting an Army of Monkeys: An Analysis of Fuzzing 4 Products with 5 Lines of Python.” However, Miller tweeted: “To be clear, I’m not revealing 20 apple bugs at #cansec, I’m revealing how I found 20 apple bugs.” ...

The DarkReading site is carrying a story about brand-protection firm MarkMonitor’s finding that phishing increased 62 percent in 2009 with 565,502 attacks in the year. MarkMonitor is based in San Francisco. Other conclusions in MarkMonitor’s 2009 BrandJacking Index report: The huge increase can probably be attributed to the use of botnets and the large amount of personal information that can be scraped from social network sources. 2009 saw the all-time high average of 600 phishing attacks per organization only 33 percent of victims were first-time targets. Social networks suffered 11,240 attacks – two percent of the year’s total. The U.S. hosted 44.7 percent of phishing attacks, up from 36.5 in 2008. DarkReading story Here.

The underlying structure of a typical website is made up of different folders and sub-folders, much like the ones that are on your computer. A webmaster (is this term still used often lol?) transfers files back and forth using an FTP client in order to update the website. In most cases, specific folders are created for a specific reason. For instance the ‘pub’ folder is usually a public repository that allows anybody access to. ...

I won’t abuse it, I promise…. cross my heart… spit into the wind… etc. Hi folks, Yesterday, I received this SPIM (Instant message spam) … usnews3.com sounds kind of official, doesn’t it? and the page looks impressive… There are lots of links on the page, but unfortunately, a mouse-over of each link reveals that they all go to the same place… That’s not a good sign for a legitimate webpage. Moreover, a whois shows that it was registered just on 7th December 2009, and that the ownership is hidden behind a privacy protector service. ...

Today there’s a phishing run underway in Twitter, using Direct Messages (“DMs”). These are private one-to-one Tweets inside Twitter. The messages look like these: If you follow the link, you end up to a fake Twitter page: If you mistakenly give out your credentials, the attackers will start sending similar Direct Messages to your contacts, posing as you. The ultimate goal of the attackers is to gain access to a large amount of valid Twitter accounts, then use these account to post Tweets with URLs pointing to malicious websites which will take over users computers when clicked. ...

With Windows 7 becoming increasingly popular, more and more software companies have begun to upgrade their interface for the latest Microsoft operating system. Manufacturers seem to understand the need for a beautiful user interface for their products. However, not all software behaves as good as it looks. Today, I saw a Fake Antivirus program with a newer, more jazzed up interface, which we detect as Troj/FakeAle-RK. This malware specifically targets users of Windows 7 and appears in the form of a pop-up dialogue box, which attempts to tell you that your Windows 7 PC has many serious threats. When a user clicks “Remove all Threats immediately”, another pop-up will be generated asking them to download a file called win_protection_update.exe. ...

The internet is rife with free tools from anything to everything (almost) – from free HTML web editors to free applications to free games and so on. We’ve been in this situation before. Sometimes out of curiosity or “affluenza” (also known as “I-GOTTA-HAVE-IT-NOW-NO-MATTER-WHAT”), we are tempted to install some of these free tools and applications from the web. The unfortunate problem with freebies is that unless you know the source of where you download the tools from and whether the software author who created the application is credible, you are literally at the whim and mercy of the author should you choose to download and install the application. ...

At age five most kids can hop, skip and tie their shoes without help. Google Code turns five this week, and while they’re still working on the shoelaces thing, they’ve grown from a simple site for hosting a couple of APIs into a destination for developers to prototype their ideas in a Code Playground, host all kinds of open source projects and find out about our growing family of APIs and products like App Engine, Google Web Toolkit and Android. ...