Alert

This Black Tuesday was different as anticipated – Microsoft releases only one security bulletin, but other companies “jumped in” and deliver updates now as well. For the windows operating systems, only one Security Bulletin was released. MS10-001 deals with a vulnerability in the decompression routines of the Embeded OpenType Font Engine. This means that especially in Windows 2000, programs like Internet Explorer, Word or PowerPoint for example which render EOT fonts can put the system at risk when viewing manipulated contents. In newer operating systems the flawed code is used differently so that Microsoft assumes that it isn’t exploitable there. ...

McColo (Nov. 08), Torpig (May 09), MegaD (Nov. 09), Lethic (Jan 10) The Darkreading.com site is reporting that researchers with communications security firm Neustar, of Sterling, Va., working with ISPs has taken over the command-and-control servers and shut down the Lethic botnet. The owners of the Lethic network specialized in diploma, pharmaceutical and replica spam. It is believed that Lethic was responsible for 10 percent of spam. Other recent botnet takedowns include: — McColo (Nov. 08), — Torpig (May 09), — MegaD (Nov. 09) ...

The spammers and malware authors profited of the holiday time when a lot of people are at home and sent a large amount of emails just before the official free days. As can be seen in the graphic below, we registered a higher activity in the two days before the holidays and immediately after them. The red bars are either weekend days or holidays (25.12 and 1.1). ...

I received an interesting IM from a friend via BlackBerry Messenger [BBM] this weekend. She was worried that it could do damage to her shiny new BlackBerry and, as she knew I work for [a security company], she forwarded it to me for my opinion. As soon as I read it, I knew it was a hoax and told her just to delete it. ...

Google’s Android mobile operating system has been out for a while and is generating more and more interest. Now there has been some buzz about fraudulent applications being posted on the Android Market. See these postings: Both of these apps were written by an anonymous developer known as 09Droid. In fact, he had a whole collection of online banking applications for sale on the Market: ...

As any reader of this blog knows, cybercriminals can steal your money not just by putting malware on your machine, but by phishing attacks too. Phishing attacks don’t just target online banking and e-payment systems, but almost any site which asks the user to input sensitive data. Sites run by national government agencies are a prime example as they often demand a wealth of personal information which goes far beyond a simple user name or account number + PIN. While filling in a tax return online might seem like a great way to save time and paper, it gives cybercriminals a great opportunity to scoop all your details at once – data which could then be used to steal your identity and/or commit further crimes in your name. ...

It’s the time of year to make predictions. I only have one: in 2010, governments around the world will BEGIN to increase their efforts to do something about the massive malware threat that every Internet user on the planet faces. It’s going to be controversial and difficult legally and technically. It’s going to cost serious tax money, political capital and diplomatic work to counter this crime wave that is like nothing the world has ever known. ...

Jerome Segura, a Security Analyst at ParetoLogic of Victoria, B.C., Canada, just posted a nice piece on computer security practices with a different perspective in his “Malware Diaries” Blog. He begins his list of security tips by considering four classes of users: the pre-baby boomers: These folks rarely touched a computer in their lives and if they did, kudos! Typical use: Work, Solitaire, Printing stuff. the early and late baby boomers: They have been interacting with computers pre-Internet and have good notions but lack the ‘modern day stuff’. Typical use: Work, e-mail, Online searches. the 70’s – 80’s users: These guys are definitely into computers, maybe a bit more gaming and such. They possess quite a good sense of computing. Typical use: Games, Work, E-mail, Online Dating, Forums 90’s to present: Some of them were born with a computer or handheld device. Their lives would not be possible without the MSN, Skype and more recently all the social engineering glitter. Typical use: Twittering, Facebooking, Online shopping. then makes further distinctions by level of security knowledge and awareness: ...

Activities associated with Koobface have increased during the month of December. Often it is for the sending of traffic to compromised servers in order to obtain more servers. Other times the activity centers around using those same compromised servers to proxy users to malicious domains that are then used for further distribution of malware or command and control of the infected machines. I noticed a trend with some of the domain-based locations making use of the holiday theme. This has included everything from “presents for your pets” to “festive holiday trees” – these are domains that appear legitimate but are not. In fact, many of the domains that are being used were legitimate at one point and now are serving a different, more questionable purpose. ...

Hopefully, the holiday season has found you spending a good amount of time offline: enjoying moments spent with friends and family, keeping long-standing traditions or creating new ones to follow for seasons to come, or just relaxing due to some downtime from work or school. It wouldn’t come as much of a surprise, though, if you’ve still found yourself spending a fair share of your time during the holidays online: checking status updates and posting new pictures on Facebook, or sending and checking tweets on Twitter. And, why not? These networking sites are an easy way to connect and share with the people we care about. ...