PrivacyChoice Opt-Out

PrivacyChoice Opt-Out protects your privacy by opting out of privacy-invading ad networks. Ad networks and Web sites constantly track your behavior as you surf the Web, recording what sites you visit, what pages you visit on sites, and what kind of content you like to view. If you’d like to keep your personal Web preferences to yourself, get the free Firefox addon PrivacyChoice Opt-Out, which lets you stop more than 100 companies from tracking your behavior.[…] Privacychoice.org also makes another Firefox add-in, TrackerWatcher, which lets you get similar privacy information about sites you visit as you surf the Web. Using … Continue reading PrivacyChoice Opt-Out

Chinese ISP hosts 1 in 7 Conficker infections

Security experts have known for months that some countries have had a harder time battling the Conficker worm than others. But thanks to data released Wednesday by Shadowserver, a volunteer-run organization, they now have a better idea of which Internet Service Providers have the biggest problem. In terms of the total number of infected computers, China Telecom’s Chinanet seems to have been hardest hit by the worm, which began spreading late last year. http://www.networkworld.com/news/2009/121709-chinese-isp-hosts-1-in.html

China jails Trojan virus authors in cybercrime crackdown

Arrests and jail time for cybercriminals are increasingly common in China A Chinese court Wednesday sentenced 11 members of a malware ring for writing and distributing Trojan horse viruses meant to steal online game account passwords, according to state media. The people, who stole login information for more than 5 million game accounts, were given prison sentences of up to three years and were fined a total of 830,000 Chinese yuan (US$120,000), China’s Xinhua news agency said. Dozens of other members of the ring, which is suspected of 30 million yuan ($4.4 million) in crime, are expected to be sentenced … Continue reading China jails Trojan virus authors in cybercrime crackdown

2 million Secunia PSI users

Yesterday the Secunia PSI was installed on system number 2,000,000. The 2,000,000 users have been achieved on a 0 dollar marketing budget. Only word-of-mouth, articles, endorsements, and the loyal support of the community around the PSI and Secunia has spread the important message about the need for patching. Patching your programs to protect against criminals exploiting the security related errors which exists in almost all of the programs you are using, have never been more important than now. During the past 3 years there has been a significant change, in the programs criminals exploit to break in to PC systems. … Continue reading 2 million Secunia PSI users

Botnet Operators Infecting Servers, Not Just PCs

Botnet operators have always been able to easily infect and convert PCs into bots, but they also are increasingly going after servers — even building networks of compromised servers. Web servers, FTP servers, and even SSL servers are becoming prime targets for botnet operators, not as command and control servers or as pure zombies, but more as a place to host their malicious code and files, or in some cases to execute high-powered spam runs. "FTP servers are a hot commodity in the underground. They are regularly used by drive-by download malware as well as a downloading component for regular … Continue reading Botnet Operators Infecting Servers, Not Just PCs

Rogue AV raising the stakes

From Kaspersky’s Viruslist blog: A couple of months I blogged about how the creators of rogue AV solutions are keeping a close eye on developments in the antivirus market. And my colleague Vyacheslav recently wrote a whole article about rogue AV which highlighted, among other things, the huge increase in this type of malware. Last week I looked at some samples which showed that the bad guys behind this stuff are ratcheting their efforts up a notch. There are two points which attracted my attention: The interface of the rogue AV is a very close copy of the genuine solution … Continue reading Rogue AV raising the stakes

Conficker Again in the News;McAfee Labs Report on VoIP Vulnerabilities

From McAfee Labs Blog: Our good friends at Shadowserver have recently added some excellent graphs and stats that highlight the continued infections and propagation by the Conficker worm. Conficker, although it actually does very little, continues to be a major annoyance worldwide, so let’s use these excellent charts and graphs as a reason to revisit two important points: Update your systems to current patch levels Use up-to-date and properly configured security software. Deploy these at a variety of levels whenever possible. (Layers of defense work better than a single solution.) http://www.avertlabs.com/research/blog/index.php/2009/12/16/conficker-again-in-the-news/ McAfee Labs Report on VoIP Vulnerabilities Voice over Internet … Continue reading Conficker Again in the News;McAfee Labs Report on VoIP Vulnerabilities

Spam for the visually impaired

Starting at ~3:20pm GMT today, Canadian Pharmacy spammers began using attached MP3 files as the call-to-action for their latest campaign. The message had no subject, no "text" body content, just an attached "audio/mpeg" file with a random lower case file name. Upon playing the attached mp3 file, you find out why I called it the "call-to-action". A robotic sounding woman’s voice reads off the URL they would like recipients to browse to (letter by letter), with porn-like moaning as background noise. I guess they are going for the often used spam tactic of tying ED pills (Viagra, Cialis, etc..) to … Continue reading Spam for the visually impaired

How KOOBFACE Makes Money

Everything exists for a purpose. Malware, for all the crazy things they do, exist because their creators want them to. Malware can be the product of a bored mind, of an experiment, of inspiration, or, as it is becoming increasingly common nowadays, as a means for profit.[…] In the third (and hopefully last) installment of our KOOBFACE research papers, we examined the various mechanisms KOOBFACE employed to monetize its botnet, offering a peek at the ways modern cybercriminals operate and the challenges these pose. For those interested, "Show Me the Money! The Monetization of KOOBFACE" can be downloaded here. http://blog.trendmicro.com/how-koobface-makes-money/

Google Scam Kits

"Making easy money with Google" scams and frauds have been circulating in the Web realm for quite some time now. In the last weeks, a new wave of such scams has emerged using Google’s reputation to sell ‘working from home’ kits that claim Google is hiring people. Those false claims have upset Google, which is looking to sue the group/company behind the campaign and also some related individuals. The Web site marketing the ‘Google kit’ has the name and look-and-feel of a featured article from a legitimate online newspaper. More research into this reveals a network of hundreds of template … Continue reading Google Scam Kits