Cisco – Reporting & Investing

SAN JOSE, Calif. – Jan. 20, 2011 – In a major online crime turning point, scammers are shifting their focus away from Windows-based PCs to other operating systems and platforms, including smart phones, tablet computers, and other mobile platforms, according to the Cisco 2010 Annual Security Report.  The report finds that 2010 was the first year in the history of the Internet that spam volume decreased, that criminals are investing heavily in “money muling,” and that people continue to fall prey to trust exploitation.

Cisco has also announced in an unrelated story, that it has invested in Tilera, a developer of multicore processors for cloud computing and communications.  Tilera is operating “near break-even” and expects to reach profitability later this year.  The $45 million round of investments will accelerate development of its 4th-generation processor line, expand sales and marketing, and develop new products.


Continue reading

Spear Phishing Attacks Climbing

Symantec is reporting that “Spear Phishing” attacks have climbed dramatically over the last 4-5 years.  The number of targeted phishing attacks against individuals has risen from one or two a week in 2005 to more than 70 a day.  Symantec is muddying the waters a bit, explaining targeted attacks and Advanced Persistent Threats, and Spear Phishing attacks as one and the same.  They are not necessarily so.

Continue reading

Facebook, Fak-A/V, G-Mail Scams

Sophos sent out these little nuggets this week.  Looks like Apple and Facebook are getting some serious recognition, as a brand and as an attack vector…

iPad and iPhone 4 tester scams hit Facebook
It sounds too good to be true – Can you really get a free iPad 3G or iPhone 4 by signing up just to be a tester?  It’s just the latest scam spreading rapidly between compromised Facebook accounts in the last few days.  Discover more, and ensure that you and your employees are practising safe computing.

Malicious spammers launch major fake anti-virus attack
SophosLabs’s worldwide network of email-monitoring stations has seen a tidalwave of malicious messages being spammed out with an attachment that redirects users’ web browsers to a fake anti-virus attack.  Once installed, Fake-A/V is responsible for a wide array of additional malware infections, from spyware and keyloggers to full remote control and Denial of Service attack software installation.  The emails have subject names such as:

  • Parking Permit and/or Benefit Card Order Receipt - <random number>
  • You're invited to view my photos!
  • Appointment Confirmation
  • Your Bell e-bill is ready
  • Your Vistaprint Order Is Confirmed
  • Vistaprint Canadian Tax Invoice (<random number>)

Did Gmail make you look like a spammer last week?
How mortified would you feel if you found that you had been spamming someone through no fault of your own?  Well, up to 4 million Gmail users found out last week.  Find out how a problem with the Gmail service meant up to four million users were couldn’t stop the system sending out multiple messages.

SMB Security On A Shoestring

I came across a fabulous articel on “Dark Reading” yesterday.  I share it here as it has useful recommendations for handling the challenges that small to medium sized businesses are facing, or will be facing very soon regarding online presence and security. 

It speaks about how an innoccuous email led to the compromise of an employee’s PC, and then the aftermath of what came to follow.  If you own a small business and engage in any type of e-commerce, or allow yourself or your employees to have access to email and/or the Internet, then pay attention.  This one’s for you.


Facebook Friend Deletion Flaw

Facebook has had its share of problems again lately.  Last week it was a fast moving worm, this week it’s a bug that allows someone to delete all of a users’ friends without permission.  The flaw was reported Wednesday, but could still be exploited over 48 hours later.  Proof-of-concept code is now publicly available.  “A malicious hacker could combine an exploit for this bug with spam or even a self-copying worm code to wreak havoc on the social network,” IDG says.

The cross-site request forgery (CSRF) bug that makes this possible is the same one reported earlier that exposed user birthdays and other sensitive data even when they were designated private.  Facebook representatives said engineers had closed the hole, but that turned out to be premature.  The flaw could still be exploited to control the site’s “like” feature, a button users click to endorse ads and other types of content.


Malware Watch: Bogus Facebook apps, Amazon orders, and Adobe updates

Dancho Danchev has an article up detailing a handful of new campaigns to spread the nasty Zeus Trojan via email using “Adobe Security Update” as a theme, a fake Amazon orders scam, Adult content themed “Watch Video” campaign, and an overview of the “sexiest video ever” rogue application campaign, spreading across Facebook.  These clowns REALLY want to hook into your bank account and celebrate the coming of summer on your nickel.  Be aware, and don’t let them at a penny!


Koobface Makes A Comeback

A new round of e-mails aimed at launching the koobface worm onto the PCs of unsuspecting users has been discovered by researchers for the security vendor ESET, according to the company’s blog.  This latest Koobface campaign is sending Facebook users messages with a link that claims to direct them to videos of sexual encounters, then tells the user to download a video codec to view the X-rated content.  Instead of delivering the goods, the link launches the koobface malware, infecting its intended victim.  Once infected, the worm then triggers the malicious message to all of their contacts.

The dangerous download occurs only the first time someone clicks on the link.  After that, it brings up a “Page not found” error to make detection and sample capture difficult.  To protect yourself from koobface, ESET offers the usual advice.  Don’t trust this new message or any like it sent to you via social networks like Facebook.  And of course, make sure your antivirus software is always up-to-date.

My wife has me testing out a new FREE product on Facebook and my blog called Defensio, and was acquired by WebSense 2 years ago.  It’s a spam blocker, malicious content detection/filtering, content and profanity filter, and even offers code injection protection.  I’m trying figure out how to get it to work with this blog.  We’ll see if I have any luck.