Support our Sponsors


uClip Clipping Path Service



Main Menu
Home
News
Blog
Links
Search
Resources
Windows Software
Mac Software
Hosted Solutions
Server Software
Mobile Solutions
Login



Syndicate
feed-image Feed Entries

BLOG
Amazon, Top Malware-Hosting ISP; Solutionary PDF Print E-mail
Written by Administrator   
Friday, 25 July 2014 07:00

Solutionary recently released its Q2-2014 Threat Intelligence Report through its SERT (Security Engineering Research Team) that located the ten most severe international ISPs (Internet Service Providers) as well as other hosting providers which harbored malicious software. Of the said ten, Amazon Web Services ranked No.1 as a worldwide ISP that hosted malware among the over 21,000 ISPs examined.

Possibly even unfortunate is that Amazon harbored malware amounting 16% during the entire 2013 that increased to a massive volume of 41% by the time it was July 2014 -almost becoming threefold within six months.

Evidently, it isn't that cyber-crooks have abused Amazon in an unprecedented instance to host big malware volumes. For, according to Solutionary, the situation was same as described within its SERT report of Q4-2013, while security experts from Kaspersky, during 2011, found Amazon Web Services supporting the infamous SpyEye Trojan.

The above can be partly attributed to the scale and widespread utilization of Amazon with respect to its cloud facility as well as the low prices it carries. Thus, any attempting Web hacker could purchase server screenshots available underground followed with loading them onto Amazon for constructing network of online sites spreading malware.

Meanwhile, service provider GoDaddy was behind just 2% of malicious programs, an improvement from the high 14% of malware it was behind during Q4-2013.

Solutionary says the situation with GoDaddy is either because it made improved efforts in spotting as also disabling malevolent websites else the assaulters shifted focus onto different ISPs. To cite examples, Website Welcome and Akrino both service providers that previously were behind below 1% of malicious programs currently occupy positions among the ten most prevalent malware-harboring ISPs.

According to Solutionary, the ten most severe ISPs harbor 52% of the malicious programs spotted during Q2-2014.

Moreover, the company's gathered data from honeynets and honeypots indicate that USA hosted 56% of the identified malicious programs, indicating a 12% hike from Q4-2013.

This increase, according to Director of Research Rob Kraus from Solutionary's SERT, is probably because malicious actors used Dropbox and Amazon's cloud structure in an increased manner. Networkworld.com published this dated July 15, 2014.

Read more... - Amazon, Top Malware-...
 
Experts Warned Users of LinkedIn of a New Phishing Email Campaign PDF Print E-mail
Written by Administrator   
Friday, 25 July 2014 07:00

Softpedia.com reported on 14th July, 2014 quoting a warning by experts as "A new phishing email campaign tries to steal credentials of users of LinkedIn."

The credentials of these accounts are more valuable than Facebook users because LinkedIn is a very popular social network for professionals.

The latest phishing campaign sends an email to victim saying that the account has been blocked due to non-usage for a long time.

The victim is asked to click on a link and verify the email address with username and password to activate the LinkedIn service.

The crooks ask for the primary address to ensure for the right information as sometimes multiple ones are available for the LinkedIn account.

However, security experts analyzed the phishing email and comment that LinkedIn never send such emails asking its users to click a link in the message to confirm his/her email address and it's totally fake.

Actually, the email is a phishing scam to trick you to disclose your LinkedIn login details to cybercriminals. If you click on the link, you will be taken to a fake website which resembles a genuine LinkedIn login page and once you 'logged in' to the fake site, you may be automatically redirected to the genuine LinkedIn website.

In the meantime, crooks can collect login credentials of your LinkedIn account to access it and use the service to launch scam campaigns and ongoing spam in your name.

Request for updating the account details is a favorite trick and one should be wary of any such requests through email. If you receive such message, never click on any links or open any attachments which come with such emails.

LinkedIn disassociated itself from the above phishing campaign and gives lot of tips to identify phishing emails. One of the tips is to look at the link and check if it takes you to a valid LinkedIn domain.

LinkedIn also suggests that logging into its service is done in secure manner and if you find HTTPS connection is missing then you can be sure that it is a scam email.

Read more... - Experts Warned Users...
 
Fresh Data-Stealing Trojan, Kronos Identified PDF Print E-mail
Written by Administrator   
Thursday, 24 July 2014 07:00

As per Trusteer, one fresh PC-Trojan, going by the name Kronos, created for seizing login credentials as well as more financial details entered onto Internet banking websites, has become widely known through increased canvassing on secret crime forums.

Senior Fraud Prevention Strategist Etay Maor of Trusteer states that one recent advertisement observed on one Russian cyber-criminals website promotes Kronos. The malware is capable of capturing credentials during Web-browsing activities within Google's Chrome, Mozilla's Firefox and Microsoft's Internet Explorer. For the purpose, it utilizes HTML injection and form-grabbing methodologies, Maor explains. Pcworld.com published this, July 14, 2014.

Kronos, as per the advertisement, matches well with HTML injection scripts developed for the notorious Internet-banking Trojan ZeuS, now not being developed any more. The design choice has been made for letting cyber-criminals who continue to employ Zeus within their activities towards shifting onto Kronos without difficulty.

Alongside the info-stealing abilities, Kronos features one user-mode rootkit that suitably attacks 64-bit and 32-bit Windows computers, while safeguards the Trojan's processes from any other rival malware on the systems.

According to Kronos' creators via certain post on the underground forum, the Trojan carries a license so long as it'll exist for which it's priced $7,000 payable through Perfect Money, Bitcoin, the BTC-E exchange for Bitcoin/Litecoin, or WMZ. It also has bug fixes and updates for free, however, clients will require obtaining freshly-developed modules through separate payments, they explain.

To conduct a promotional campaign for the Trojan, Kronos' sellers further offered buyers 7 days' testing time for $1,000 during when they would get complete access to Kronos' regulatory panel.

Highlighting the most worrying facet about the Trojan, Senior Security Strategist George Tubin of Trusteer pointed to the Kronos tactics of eluding security measures, particularly anti-virus software. SCMagazine.com published this, July 14, 2014.

Moreover, it's anticipated that Kronos will employ one injection method undetectable by anti-virus, along with encrypted command-and-control interactions whose malicious traffic will remain invisible to researchers.

Now, one must wait and see whether this new malware turns out real and if there'll be a widespread adoption of it by cyber-criminals, in the phase of it presently being highly costly malicious software.

Read more... - Fresh Data-Stealing ...
 
Tourism Site of Myrtle Beach Hit by Malware Attack PDF Print E-mail
Written by Administrator   
Thursday, 24 July 2014 07:00

Southcarolinaradionetwork.com reported on 10th July, 2014 quoting a new report as "Myrtle Beach was one of the many North American cities whose tourism websites were attacked by a malware virus during 4th July (2014) holiday weekend."

Proofpoint Inc. provides data security to companies and they said that when travelers visit one of the infected websites, a web exploit kit is run which downloads additional malware into their machine.

However, it's a matter of serious concern that the exploit being used can't be detected easily with conventional antivirus solutions. Proofpoint tested the piece of malware and discovered that it could bypass all 51 antivirus products on Virus Total except four which makes it a dangerous exploit for consumers.

Southcarolinaradionetwork.com published a statement on 10th July, 2014 according to which Brad Dean, President of Chamber of Commerce of Myrtle Beach said that Simpleview which manages VisitMyrtlebeach.com promptly fixed the problem.

Dean added "presently we are not aware of any reports of affected visitors by this situation. However, we will continue to monitor carefully, address and ensure the safety of our website visitors of any cyber-related threats."

Proofpoint said that besides Myrtle Beach other destinations like Boston, Houston, Salt Lake City, Monterey, Victoria, Rochester and Utah Valley were also affected by the malware virus.

Marketwatch published news during first week of July 2014 quoting a response to the discovery by Mike Horn, Vice President , Threat response products of Proofpoint as "This is a good example of how badly protected websites facilitate the distribution of malwares. Users might be directed to these sites by a search engine without having any idea that they can be infected by just visiting these sites. We are also seeing many phishing campaigns which direct people to the legitimate travel sites which are infected with malware by hackers."

Myrtlebeachonline.com published news on 9th July, 2014 quoting Horn as saying "we suspect that websites have been compromised for sometime but attackers were carefully attacking for utmost effect."

Moreover, it is not just tourism websites that are maligned with malware as security firm Websense too observed in the fourth week of June 2014 that a popular men's portal AskMen.com was also tarnished with malware.

Read more... - Tourism Site of Myrt...
 
Cyber-criminals Intercept Keystrokes on PCs Inside Hotel Business Hubs PDF Print E-mail
Written by Administrator   
Wednesday, 23 July 2014 07:00

The United States Secret Service is cautioning hotel operators against malware, which seizes customers' sensitive information by logging keystrokes, after infecting PCs installed at their business hubs, published consumerist.com dated July 14, 2014.

In a report by Brian Krebs, cyber security specialist, it's understadable that the Secret Service along with NCCIC (National CyberSecurity and Communications Integration Center) of the Department of Homeland Security issued a security advisory for industries only, explaining how officials from Texas lately detained suspects who had been tampering with PCs located at business centers within Dallas/Fort Worth.

Apparently, the malware wasn't brought along on a compact disk alternatively USB stick, rather the suspects placed it within the cloud, while just took the same down on the hotels' PCs.

The advisory said that the suspects managed in acquiring huge volumes of data comprising hotel guests' Internet banking credentials, PII (Personally Identifiable Information), personal web-mail as well as retirement accounts. In addition, they filched more sensitive data available on the business hubs' PCs, it stated. Consumerist.com published this dated July 14, 2014.

Reportedly, each and every stroke that guests made on keyboards of the hijacked computers would become readable for the crooks through their e-mail ids. There's little information as to how many hotel visitors actually got impacted due to the criminals' sinister operations.

However, Krebs says many security suggestions are provided to enhance public PCs' safety that such businesses offer.

A particular recommendation is to minimize guests' account privileges in order that they won't be able to remove or add fresh software to any computer they use. While this isn't a complete remedy, still less tech-savvy cyber-crooks may be discouraged from doing the kind of activities they're involved in.

The advisory further cautioned that the cyber-criminals neither deployed sophisticated assaults nor needed highly technical expertise, while also didn't involve in abusing any software, operating system or Web-browser.

Krebs notes that gaining physical access of any computer most simplifies the method for hijacking it, considering there are so many tools with which such a system can be navigated onto another operating system that enables altering the intended system's data.

Read more... - Cyber-criminals Inte...
 
<< Start < Prev 1 2 3 4 5 6 7 8 9 10 Next > End >>

Page 1 of 1165
Polls
The Spamproblem is
 
Who's online
We have 20 guests online
News Flash
How do you fight spam?

Spam is a growing pain. How are you combating spam?

Submit your favorite spam fighting links to us