Internet Security

Koobface command and control servers silent

by certifiedbug on January 19, 2012

in Internet Security

H Security

The Koobface network is apparently down, according to Facebook. Ryan McGeehan, Facebook security official, told Reuters that the company’s decision to expose the five men alleged to be behind the malware had had an effect within 24 hours: “The thing that we are most excited about is that the botnet is down.” Yesterday, Facebook decided to publish the names of alleged gang members based on details of research carried out in 2009-2010 by two German researchers. One of the researchers works for Security company Sophos, which pre-empted Facebook’s announcement by publishing the report.

http://www.h-online.com/security/news/item/Koobface-C-C-goes-silent-after-alleged-controllers-exposed-1416869.html

{ 0 comments }

Koobface malware gang exposed

by certifiedbug on January 17, 2012

in Internet Security

H Security

The five men behind the Koobface worm, which spreads over Facebook and other social networks, hide in plain sight, living comfortably in St Petersberg, Russia, according to Facebook investigators and other security researchers.

http://www.h-online.com/security/news/item/Koobface-gang-to-be-exposed-by-Facebook-1414813.html

IDG News Service -
http://www.computerworld.com/s/article/9223484/Facebook_researchers_turn_up_heat_on_Koobface_gang

{ 0 comments }

Zappos hack exposes personal information

by certifiedbug on January 16, 2012

in Internet Security

Beta News
By Ed Oswald

Data on up to 24 million customers of online shoe retailer Zappos was compromised according to an email sent by its CEO Tony Hsieh on Sunday. While Hsieh says that full credit card information is safe, hackers may have the last four digits of the cards.

Hackers accessed names, email addresses, physical addresses, and phone numbers. Passwords were also compromised, however in encrypted form. As a result, the company sent out an email to all its customers, advising them to change their passwords as a protective measure. Zappos is also asking customers to reset their passwords elsewhere where it may be the same.

http://betanews.com/2012/01/16/zappos-hack-exposes-personal-information-of-24-million-customers/

{ 0 comments }

10 years after Bill Gates’ Trustworthy Computing memo

by certifiedbug on January 16, 2012

in Internet Security

Beta News
By Christopher Budd

I joined the Microsoft Security Response Center (MSRC) in April 2001 and left the company in December 2010. During that time I was involved in security and privacy at Microsoft, culminating in my role handling worldwide crisis communications for security and privacy incidents. I am one of a handful of people who knows what the security world was like at Microsoft before Chairman Bill Gates’ Trustworthy Computing memo on Jan. 15, 2002. I was also part of the growth and transformation that memo brought about over the years.

As Microsoft marks the tenth year anniversary of that memo, it seems a good time to share a former insider’s view of what it really meant and accomplished. As well, I’ll share thoughts on why, in the next 10 years, it’s critical that other technology companies follow Gates’ lead.

Memos from Gates were viewed as rare pronouncements from on high, and that was the case with this memo. In a single movement, Gates enshrined security, privacy and reliability as central, aspirational ideals.

http://betanews.com/2012/01/16/10-years-after-bill-gates-trustworthy-computing-memo-what-it-meant-for-microsoft-and-why-every-tech-company-needs-one/

{ 0 comments }

Advanced Bootkit attacks in 2011

January 4, 2012

ESET Threat Blog The year 2011 could be referred to as a year of growth in complex threats. Over the course of this year we witnessed an increase in the number of threats targeting the Microsoft Windows 64-bit platform, and bootkits in particular. Here is a self-explanatory diagram depicting the evolution of bootkit threats over [...]

Read the full article →

PC Magazine’s top five security predictions for 2012

December 29, 2011

First Android worm Your personal data will get stolen from a social network. Political Theater (using this theme for malware attacks) SMBs Are No Longer Immune Mac Malware Will Continue to Rise http://securitywatch.pcmag.com/none/291879-top-5-security-predictions-for-2012

Read the full article →

Fake “Important Account Information from Verizon” carries Zbot

December 8, 2011

Heads up from the Microsoft Malware Protection Center. Friendly spam carries Zbot This morning I spotted a few messages from my mobile carrier in my email inbox. This was not surprising as, only a few hours prior, I had logged into the carrier’s website to pay the monthly bill. The standard mode of operation for [...]

Read the full article →

U.S. Attorney Charges Seven Individuals in massive click-fraud scheme

November 10, 2011

FBI Press Release Manhattan U.S. Attorney Charges Seven Individuals for Engineering Sophisticated Internet Fraud Scheme That Infected Millions of Computers Worldwide and Manipulated Internet Advertising Business Malware Secretly Re-Routed More Than 4 Million Computers, Generating at Least $14 Million in Fraudulent Advertising Fees for the Defendants In conjunction with the arrests yesterday, authorities in the [...]

Read the full article →

AOL Administration Center & Uniform Traffic Ticket Spammed Scams

November 8, 2011

“AOL Administration Center” spam comes from a spoofed email address this is a classic example of Canadian Pharmacy spam. Full text of the bogus email, the # in the subject line changes. From: “AOL Administration Center (R)” To: Subject: AOL Administration Center Notification #73916 Hi, You have 1 notification (#73916) from AOL Administration Center Please [...]

Read the full article →

NHS staff breach the Data Protection Act

October 31, 2011

Healthcare Network Figures released to the privacy campaign group Big Brother Watch show that 806 separate incidents involving patient medical records being compromised took place at 152 NHS trusts between July 2008 and July 2011. The group, which obtained data from the majority of NHS organisations in the UK, found that breaches included 23 incidents [...]

Read the full article →

← Previous Entries