Information Security Forum

Last year security vendors were warning that botnets were not only not dead, but bouncing back in a big way. One suggested that [URL="http://www.daniweb.com/news/post1080975.html"]botnets would become autonomous and intelligent[/URL], with each node containing inbuilt self-sufficient coding in order to coordinate and extend its own survival, during the course of 2010. …

Rather amazingly, just one crime syndicate stands accused of being responsible for some two thirds of all detected phishing attacks carried out during the last six months of 2009. The so-called Avalanche gang, according to a new report by the Anti-Phishing Working Group (APWG), used highly sophisticated malware to target …

Apparently, the besieged, [URL="http://www.mcafee.com"]McAfee[/URL] antivirus-protected world saw little relief in the past 24 hours with McAfee engineers still scrambling to come forth with an answer. I guess the Executive VP, Barry McPherson, doesn't use his own product because he was able to post to his [URL="http://siblog.mcafee.com/support/a-long-day-at-mcafee/"]blog[/URL] a couple of times …

There's no news yet on McAfee's [URL="http://www.mcafee.com"]website[/URL] about what happened today when their famed antivirus program went bonkers and froze computers by misidentifying a common Windows file as a virus. If it's an actual virus hack, it's a pretty darn clever one--to make the antivirus program think a system file …

While, for the average end user, spam has become less of a problem over recent years as spam filters get better at what they do and simply remove much of it from sight, that doesn't mean that spam volumes are actually reducing. In fact, the opposite is true and the …

On Thursday, notorious computer hacker [URL="http://en.wikipedia.org/wiki/Albert_Gonzalez"]Albert Gonzalez (aka SoupNazi)[/URL] was sentenced to 20 years in prison. That is the longest sentence ever to be slapped on someone for hacking. He was accused of targeting a bunch of retail stores in the U.S. including Barnes & Noble, BJ's Wholesale Club, OfficeMax, …

Today the cyber security experts at [URL="http://www.symantec.com/about/news/release/article.jsp?prid=20100322_01"]Norton announced the top 10 riskiest U.S. cities for cybercrime[/URL]. The next time you pay a bill or update your status on Facebook you might want to look over your shoulder [virtually]. It seems Seattle, Boston, San Francisco and Washington D.C. are the riskiest …

A new survey has revealed that while 78 percent of them agree that it is wrong, a quarter of the kids asked admitted that hacking really is child's play. The survey of more than 1000 children discovered that the boy hacker stereotype no longer holds true, with 47 percent of …

If it were not bad enough that the Iowa Division of Homeland Security official website was hacked, defaced and forced to close down temporarily it appears that another Iowa state government resource was also compromised a few weeks before. At the end of January the Iowa Racing and Gaming Commission …

According to figures revealed with the publication of the [URL="http://www.ibm.com/security/xforce"]IBM X-Force 2009 Trend and Risk Report[/URL], not only do web application vulnerabilities remain the largest category of security disclosure for the last year but, worryingly when you consider that the number of such vulnerabilities found by organisations has not decreased …

Those of us who can remember when Internet access meant slow dial-up modems connecting via pay per minute service providers will also be all too familiar with the concept of the porn dialler. For the youngsters out there, these took advantage of the fact that most punters had no idea …

Chip and PIN credit card attack leaves banks on shaky ground according to one analyst, although oddly enough the banks appear to disagree. Researchers at the University of Cambridge Computer Laboratory have revealed how the Chip and PIN credit card security system is flawed and left vulnerable to fraud. Steven …

Botnets are bad for business, and that's the bottom line. The news that a botnet called Kneber has infected 75,000 computers including government and business machines has been spreading online. But while many, if not most, of these reports are claiming that Kneber is a new botnet the truth is …

As Safer Internet Day comes to a close, one expert in the field warns that there can be no safety without security. John Colley is managing director of [URL="http://www.isc2.org/"](ISC)2[/URL], a non profit organisation which runs a program helping volunteers visit schools, clubs and parent evenings. They also support council appointed …

Three men have been arrested, and what is thought to be a training site for hackers closed down, as Chinese officials get tough in the wake of the [URL="http://www.daniweb.com/news/story252590.html"]Google Gmail human rights hacking scandal[/URL]. While China has something of a history of being [URL="http://www.daniweb.com/blogs/entry4434.html"]tough on political activists[/URL], online [URL="http://www.daniweb.com/news/story235672.html"]multi-player gaming[/URL] …

I have a lot of passwords to get me onto various online sites and services, but I only need to remember one: the complex and hard to crack one that unlocks my encrypted password store. Not everyone is as paranoid as I am it seems, and many fall neatly into …

Some might argue that it has been a bad year for encryption. After all, just as the last decade was ending came reports that the algorithm that is used to encrypt GSM mobile phone calls (as used by some 4 billion people around the world) had been cracked wide open. …

Thought that 2009 was [URL="http://www.daniweb.com/news/post975935.html"]the year that botnets died[/URL], well think again Batman, it was actually the year they bounced back. Compromised computers were responsible for distributing 83.4% of the 107 billion spam messages sent around the world, every single day, during 2009 according to a new Symantec report. Indeed, …

Still using Adobe Acrobat or Adobe Reader? Maybe it is time to switch to something that's not glowing red on the bad guy radar, or which is more securely coded depending upon how you look at these things. Yes, Adobe has admitted that there is yet another possible zero-day vulnerability …

I just had a Jaws moment. You know, you think it is safe to go back in the water and then a bloody great shark bites your legs off. Except in this case you can replace the sea with the Internet and the shark with the [URL="http://www.daniweb.com/blogs/entry4339.html"]equally dangerous Gumblar[/URL]. According …

Botnets are, without any shadow of a doubt, one of the [URL="http://www.itpro.co.uk/blogs/daveyw/2009/09/30/death-taxes-and-botnets/"]biggest scourges[/URL] of IT security today. From sending spam to [URL="http://www.daniweb.com/news/story238033.html"]launching DDoS attacks[/URL] and distributing malware, botnets can be found [URL="http://www.daniweb.com/blogs/showentry.php?entryid=1021"]at the centre[/URL] of most of the security problems facing computer users right now. So wouldn't it be fun …

According to the latest McAfee Labs [URL="http://www.mcafee.com/us/local_content/reports/7315rpt_threat_1009.pdf"]Third Quarter Threats Report 2009[/URL] instances of Distributed Denial of Service attacks are growing in popularity. In the last quarter the McAfee Labs observed many new attacks demanding ransom money including those aimed at sports betting companies which were taken out of action during …

You probably call it Halloween, for myself and other pagans it is [URL="http://en.wikipedia.org/wiki/Samhain"]Samhain[/URL], but for the cyber-gangs it is phishing time. Seasonally-themed spam is on the up at this time of the year, Halloween related messages accounting for 0.5% of the daily spam traffic by volume in mid-October according to …

The European Commission has called on EU member countries to do more, and do better, in fighting spam and other online privacy threats. In a newly published [URL="http://ec.europa.eu/information_society/policy/ecomm/doc/library/ext_studies/privacy_trust_policies/spam_spyware_legal_study2009final.pdf"]study[/URL], commissioned by the EC, it was revealed that almost all EU countries have at least one spam, spyware or malware reporting site …

No, I'm not talking about a Linux vs. Microsoft or Apple vs Microsoft but rather a prediction by UN Telecommunications Agency Chief Hamadoun Toure'. Apparently, the U.S. Homeland Security and other U.S.-based paranoia groups agree since US Secretary for Homeland Security Janet Napolitano said that she received the green light …

It seems that Google searches on terms that are related to iPhone SMS information are being used to return results that direct unsuspecting users to rogue AV sites. According to the Websense Security Labs ThreatSeeker Network [URL="http://securitylabs.websense.com/content/blogs.aspx"]blog[/URL] malicious URLs related to Apple iPhone SMS/MMS searches are ranking as high as …

According to a new report, published today by SANS, the overwhelming majority of all cyber-security risks can be laid at the door of just two areas: unpatched client-side software and vulnerable Internet facing web sites. The report was compiled by Rohit Dhamankar, Mike Dausin, Marc Eisenbarth and James King of …

Remember Conficker, the virulent worm which caused such havoc at the start of the year? No, well maybe news headlines such as '[URL="http://www.itwire.com/content/view/22716/53/"]Virus sinks Royal Navy fleet comms[/URL]' and '[URL="http://www.daniweb.com/news/story220128.html"]Windows worm infects millions[/URL]' might help jog your memory. Well hold onto your hats people, Conficker is back. And this time …

Facebook LLC has received a lot of publicity lately, understandably so. I unfortunately, have to say the publicity isn’t positive; in fact it is very negative. Rumors have been spreading throughout the internet about a virus called fan check supposedly infecting Facebook user’s computers with a virus. According to all …

According to the latest [URL="http://www.messagelabs.com/mlireport/MLIReport_2009.07_July_FINAL.pdf"]MessageLabs Intelligence Report[/URL] from Symantec, things are looking good as web malware writers have taken a sabbatical. Unfortunately the spammers have gone multi-lingual in a lazy-ass automated kind of a way with great effect. Spam levels have, say Symantec, stayed at their highest level for two …

Scared that students taking an exam might cheat, teachers at the posh Harrow School in England took the unusual step of banning them from using the Internet and re-routing their email so it could be read by the headmaster. The irony of the exam being concerned with Nazi foreign policy …

If you are a Windows user and have not installed the [URL="http://www.microsoft.com/technet/security/Bulletin/MS08-067.mspx"]MS08-067 patch[/URL] from last October, then perhaps you had better pull your finger out. Of course, it could well be too late, and you could well be one of the nine million or so users who have already fallen …

The United States holds many titles, some of them causes for joy while others are reason for shame. The latter category has long included 'King of Spam' being the country from which the majority of the spam on the planet originates. However, thanks to the [URL="http://www.itpro.co.uk/blogs/daveyw/2008/11/20/spammers-are-in-a-world-of-hurt/"]closure of just one spam …

What a difference a day makes. In the 12 hours following the take down of McColo Corp, a web hosting service that stands accused of being responsible for enabling as much as 75 percent of the world's email spam, the volume of said junk mail recorded by specialists at MessageLabs …

We all knew it was going to happen, and that there was nothing we could do to stop it. In fact, it was only a matter of time until the polls had closed and Barack Obama had officially become the President-elect of the United States of America. It is not …

This is just what we needed to make us comfortable as the recession (I think we can stop calling it the credit crunch as we've been doing in the UK) starts to bite uncomfortably. Mobile devices are becoming vulnerable to malware attacks. It must be true, I've read it on …

I was privileged to attend the 5th [URL="http://www.kaspersky.com/"]Kaspersky[/URL] Lab forum, held in the city of London, yesterday. It was actually a Cybercrime Forum (I have no idea if the other forums were as well, as this was my first), and so the main focus was – yeah, you guessed it …

Now I'm not usually one who advocates the use of spyware of any sort. As a parent myself, I like to think that trust works better than software when it comes to controlling access to questionable content online. However, in the case of the British parents who spied on their …

According to [URL="http://www.sophos.com/blogs/gc/g/2008/09/02/sex-spyware"]Sophos[/URL] it seems that cyber-tension between North and South Korea is increasing of late. Not least thanks to allegations from the South that officers of the military command and control centre have been targeted by the North in a spyware attack on the orders of the infamous electronic …

According to [URL="http://www.theregister.co.uk/2008/04/29/gta_spyware_scam/"]The Register[/URL] gamers who are desperate to get hold of the latest entry in the Grand Theft Auto franchise, and let's face it that has to be just about every hardcore gamer who did not get a copy today, are the latest target of drive-by spyware scammers. Spam …

Controversial media company and alleged spreader of adware Zango, formerly 180solutions, has been forced to back down from its legal attempts to get both Kaspersky Lab and PC Tools to reclassify its applications as non-threatening and prevent security software from blocking them. Kaspersky Lab [URL="http://www.kaspersky.com/news?id=207575556"]reports[/URL] that the US District Court …

As if Microsoft did not have enough on its security plate, what with the launch of Vista followed by the chorus of ‘it is not quite as secure as you would have us believe is it’ from the worlds media, things only go from bad to worse for the Seattle …

The bad news for the US is that it is now responsible for more than a fifth of the world’s spam. That is 21.6 percent if you prefer, although whichever way you say it there is no escaping the nasty smell it leaves behind. The team of experts at IT …

I was in a pub in Manchester recently for my friend Chris's leaving do (he's got a job in Spain :p ). Somehow a brief discussion about Mac OS X got started (yes, OK I started it). Most people I've met who've used it seem to think it's great because: …

Earlier this year [URL="http://www.mcafee.com"]McAfee [/URL]sponsored a rather interesting survey of search engine safety. Safety, that is, from the ‘how safe are the links they deliver and you click’ angle. Now, for the longest time, I have harbored a passing suspicion that the dodgiest links you can follow from any search …