Source: TrendLabs Malware Blog
Trend Labs has a short but informative article (including a diagram) on the interaction between different strains of malware. Some act as installers for others, and there is a pay-per-install economy between different malware distributors, the details of which this article elucidates.
Friday, 9 April 2010
Wednesday, 10 March 2010
Cyber Crooks Leave Traditional Bank Robbers in the Dust
Source: Krebs on Security
Brian Krebs has done some comparisons between traditional armed bank hold-ups and cybercriminal account siphoning, based on FBI reports of bank robberies and cybercrime statistics revealed at the recent RSA conference. His conclusion: that cybercriminals are currently taking more than twice as much money as traditional armed robbery in the same time period in the USA.
Brian Krebs has done some comparisons between traditional armed bank hold-ups and cybercriminal account siphoning, based on FBI reports of bank robberies and cybercrime statistics revealed at the recent RSA conference. His conclusion: that cybercriminals are currently taking more than twice as much money as traditional armed robbery in the same time period in the USA.
Thursday, 4 March 2010
Spanish police arrest masterminds of 'massive' botnet
Source: BBC News
Three Spanish men aged from 25 to 31 have been arrested for their alleged part in running the "Mariposa" botnet -- a network of nearly 13 million compromised computers, including machines inside more than half of the Fortune 1000 companies and 40 major banks. The botmasters are not sophisticated security experts, but rather built the botnet using third party black-hat tools.
See also coverage at The Register.
Three Spanish men aged from 25 to 31 have been arrested for their alleged part in running the "Mariposa" botnet -- a network of nearly 13 million compromised computers, including machines inside more than half of the Fortune 1000 companies and 40 major banks. The botmasters are not sophisticated security experts, but rather built the botnet using third party black-hat tools.
See also coverage at The Register.
Monday, 1 March 2010
Targeting scams: Report of the ACCC on scam activity 2009
Source: Australian Competition & Consumer Commission
The ACCC today released its 2009 report on scam activity. This gives an overview of 2009, plus more detailed information on trends, steps taken to educate the public, and law enforcement or disruption actions taken against scammers. The report is available for download as a PDF.
The ACCC today released its 2009 report on scam activity. This gives an overview of 2009, plus more detailed information on trends, steps taken to educate the public, and law enforcement or disruption actions taken against scammers. The report is available for download as a PDF.
Tuesday, 23 February 2010
BLADE: Hacking Away at Drive-By Downloads
Source: Krebs on Security
Brian Krebs has a short piece on upcoming technology called BLADE, designed to specifically address the problem of drive-by downloads. The article includes some interesting data (in pie charts) on the kinds of things most widely exploited, and the most prevalent exploit kits.
Brian Krebs has a short piece on upcoming technology called BLADE, designed to specifically address the problem of drive-by downloads. The article includes some interesting data (in pie charts) on the kinds of things most widely exploited, and the most prevalent exploit kits.
Thursday, 4 February 2010
Climate Crime: Phishing Scam Cripples European Emissions Trading
Source: SPIEGEL ONLINE
Phishers have found a new target in their unending quest for a quick buck: greenhouse gas emissions allowances. I will refrain from further comment on the matter.
Phishers have found a new target in their unending quest for a quick buck: greenhouse gas emissions allowances. I will refrain from further comment on the matter.
Researchers penetrate last bastion of Windows security
Source: The Register
Researchers have found an effective technique called "JIT-spray" to work around the protections offered by ASLR (address space layout randomisation) and DEP (data execution prevention), which give Windows Vista and 7 greater protection against malware than was offered by earlier versions. This is significant, because it means a range of known vulnerabilities which were specific to Windows XP are now likely to work against Windows Vista and 7 machines.
Researchers have found an effective technique called "JIT-spray" to work around the protections offered by ASLR (address space layout randomisation) and DEP (data execution prevention), which give Windows Vista and 7 greater protection against malware than was offered by earlier versions. This is significant, because it means a range of known vulnerabilities which were specific to Windows XP are now likely to work against Windows Vista and 7 machines.
Subscribe to:
Posts (Atom)
