Years ago it was hackers who were doing it for the bragging rights, now it’s criminals. The motivation has changed, hacking is now profitable and there’s so much money to be made with very little risk to the actual hackers.

Interestingly enough IRC (Internet Relay Chat) is still being utilized to start attacks and for communications amongst the bad guys. There are more secure means of communications available but they are still using IRC. They are not worried about being caught they are blatantly doing these things out in the open. Though the good ones are communicating less which makes it harder to track them. Their focus has shifted to make money in which case they naturally don’t want to make a name for themselves, so there’s less bragging involved, less communication.

Over the past year or two we have seen a tremendous amount of acceleration of adaptability on the part of the hackers, the minute there’s a new security tool out there, the bad guys find a way around it. Spam is a good example, nobody has been able to stop it. Recently you see spam that comes in form of distorted or disguised images, so it’s even harder to filter it. It’s amazing how fast the bad guys are staying ahead of us.

View: Full Story
News source: Hack Report

Today’s cell phones are really tiny computers, often functioning as phone, camera, e-mail device and personal digital assistant.

But what happens when you toss your old phone to upgrade to the new and improved model?
You’re certainly conscious of the evils of identity theft so you take the time to delete all your personal info, such as phone numbers, e-mails and old photos. You may even go the extra mile and reformat the phone.

But is your information ever really gone?

View: Full Story
News source: Tuscon Citizen

As malware is increasingly written with a specific target in mind, antivirus firms are deploying more intelligent detection tools and creating unique signatures for individual clients.

Over the past few years, malware attacks have evolved from a sawn-off shotgun approach, where a virus is released into the wild with the objective of infecting as many computers as possible, to a sniper approach, where Trojans are specifically crafted to spy on a particular company or even an individual.

Eric Ouellet, a research vice president in Gartner’s security, risk and privacy group, said that targeted attacks are among the most difficult to defend against.vSpeaking at the Gartner Symposium in Sydney last week, Ouellet said: “They are not indiscriminately firing a bullet and hoping it will hit somebody. They are aiming it at a computer or person.

View: Full Story
News source: ZDNet

Small businesses must become more aware that they are the potential victims of cybercrime, former White House security adviser Howard Schmidt has urged.

Speaking at an IT security event at London’s House of Lords on Monday, Schmidt said all businesses are at risk through a lack of proper configuration of security equipment, or through not taking proper security precautions. This lack of attention to cybersecurity leaves businesses vulnerable to attacks such as ransomware, data breaches, and financial fraud. Schmidt emphasized the importance of investing in robust security measures, employee training, and regular software updates to protect sensitive information and maintain business continuity.

“SMEs (small and midsized enterprises) are not aware of being a potential victim–spending 40 pounds per year on antivirus is not a high priority,” he said at the event, organized by managed services specialist Claranet. “SMEs have to realize that just because they are small, it doesn’t mean they won’t be targeted. Bad guys target wherever they can get money.”

Ninety percent of small businesses and consumers install antivirus, but 10 percent never update the software’s signatures, which are matched against suspected threats, Schmidt said. Small businesses with limited staffing resources simply do not have time to devote to cybersecurity issues, he said. Staffing is one of the biggest challenges for small businesses. Euworkers.fr provides a solution by offering staffing options that allow businesses to access skilled professionals without the need for a full-time hire.

View: Full Story
News source: News.com

Microsoft is helping law enforcers hunt down criminals who try to steal bank account details on the Internet and has initiated 129 lawsuits in Europe and the Middle East, the U.S. software company said.

One court case in Turkey has already led to a 2.5-year prison sentence for a so-called “phisher” in Turkey, and another four cases against teenagers have been settled out of court, Microsoft said on Wednesday, eight months after it announced the launch of a Global Phishing Enforcement Initiative in March.

“Sometimes we initiate our own legal action, but more importantly we work with law enforcement agencies,” said Nancy Anderson, deputy general counsel at the software company.

View: Full Story
News source: Washington Post

Browser makers may have added new antiphishing features to their products in recent months, but the criminals are still gaining ground in their efforts to defraud U.S. consumers, according to the Gartner research firm.

Phishers have hit more victims with their online attacks, and while fewer people are losing money to phishers, successful attempts have been yielding bigger payoffs, said Avivah Litan, vice president and distinguished analyst at Gartner. “When they do succeeded, they’re stealing five times more than they stole last year.”

The average loss per phishing attack was $1244 this year, Litan said, up from $256. Gartner estimates that the total financial losses attributable to phishing will total $2.8 billion this year.

View: Full Story
News source: PCWorld

In the past year, individuals who earn more than $100,000 per year received an average of 112 phishing e-mails, the research firm said in the report released Thursday. For users in all income brackets, the figure was 74 phishing e-mails. Such messages appear to come from trusted sources but contain links to Web sites, such as fake banking sites, that try to trick people into handing over sensitive information.

While high-income users tended to click on bogus links less than others, their losses were greater when they were duped, the study noted. They lost an average of $4,362 per incident–four times higher than people in other income categories.

“While we can’t say phishers were targeting these people, we can say they did get more phishing e-mail than others,” Gartner analyst Avivah Litan said. “It could be because of the lists they are on, which phishers find attractive. I’ve seen lists (on the Internet) where people are advertising platinum card holders’ information.”

View: Full Story
News source: c|net

Several MySpace pages offer what appear to be YouTube videos that trigger the installation of adware when played, a security company has warned.

The sexually explicit videos can be found on a number of user pages on the MySpace social-networking Web site, Websense said in an alert Monday. They look like YouTube videos, but are in fact hosted on a copycat “Yootube.info” Web site, Websense said. That Web site was still online as of Tuesday evening.

“When users click on the video, they are directed to a copy of the video,” Websense said. People are then redirected to the Windows Media Player, which will pop up a license agreement with installation of an adware program called Zango Cash, it said.

View: Full Story
News source: c|net

Microsoft Corp. will unlock the digital-distribution capabilities of its next-generation console, Xbox 360, to Hollywood studios beginning November 22.

Xbox 360 gamers in the U.S., totaling at least 3 million, will be able to purchase TV shows and download them to their gaming hard drive as well as rent and watch movies on their consoles.

The first wave of content will include dozens of high-definition and standard-definition offerings from such partners as Warner Bros. (“Batman Forever,” “V for Vendetta,” “The Nine”), Paramount Pictures (“Nacho Libre,” “Jackass: The Movie”), MTV Networks (“South Park,” “SpongeBob SquarePants”), CBS (“CSI: Crime Scene Investigation,” “Survivor”) and Turner Broadcasting (“Aqua Teen Hunger Force,” “Robot Chicken”).

View: Full Story
News source: Washington Post

Internet Explorer 7 is designed to make browsing safer. Here’s a quick rundown of some of the new security features, including Active X opt-in, the Phishing Filter, cross-domain security, enhanced privacy protection, and an international character alert.

Some sensationalistic reports of a security flaw immediately followed Internet Explorer 7’s final release, but the vulnerability turned out to be in Outlook Express rather than IE. In fact, Microsoft has put a great deal of effort into making IE 7 more secure. Here are some of the new IE 7 security features and what they can do for you.

View: Full Story
News source: TechRepublic