New Windows worm builds massive botnet The worm exploiting a critical Windows bug that Microsoft patched with an emergency fix in late October is now being used to build a new botnet, a security researcher said today. Read more...
London hospitals almost back online after worm infection
Three London hospitals whose computer systems were infected with a relatively old worm are now almost back online.
About 5,000 PCs at St. Bartholomew's, the Royal London Hospital and The London Chest Hospital were hit in mid-November by an infection of Mytob, a worm that e-mails itself to other PCs and can be used to put other malicious software on a machine.
About 97% of those PCs are now clear of Mytob, according to a statement issued Friday. The remaining PCs, which are located in nonclinical areas, should soon come back online.
As a precaution, all of the PCs were shut down after the infection was discovered. The infection affected computers used to admit patients, and the hospitals diverted emergency patients to other facilities for a short time.
Antivirus no defense against botnets, says vendor
Think digital, not analog, when it comes to risk
The amount of money and labor that financial institutions have spent on securing their perimeter makes them a less fruitful target for cybercriminals. But it's the small to midsize businesses that are the seldom-discussed goldmine now, said an executive at Symantec Corp.
From a hacker's point of view, larger organizations in the financial services sector may offer the biggest bang for their efforts considering the amount of sensitive data they transact, but SMBs lack the resources to protect their perimeters, said Symantec's Dean Turner, director for global intelligence network.
"Your small-medium business owner is the accountant, he's the CEO, he's the IT guy, the sales guy, the chief cook and bottle washer," said Turner. "And that's a lot on one person's plate."
Turner was referring to a recent report by Symantec titled "Report on the Underground Economy" that discusses a thriving ecosystem of cybercriminals advertising and selling stolen data like credit card information and financial accounts to meet demand.
...
Estonian ISP cuts off control servers for Srizbi botnet
Srizbi is considered one of the more powerful botnets, with at least 450,000 PCs infected. It is estimated that half of the world's spam originated from computers infected with Srizbi. Spam remains a profitable business for cybercriminals.
But spammers lost control of Srizbi when the ISP that previously hosted its command-and-control servers was cut off from the Internet. McColo Corp., whose servers are based in San Jose, was cut off by its upstream providers earlier this month after being exposed by computer security experts and The Washington Post.
That left spammers unable to control Srizbi-infected computers. But Srizbi's code contained a fallback mechanism in which spammers could reconnect with the stranded machines if such a scenario occurred.
...
Investigation compiles grim catalog of NHS data breaches
The U.K.'s National Health Service (NHS) has lost confidential medical records and personal details of thousands of patients, according to an investigation into how the health service handles data.
Research showed that a series of losses and thefts had potentially exposed the private details of 10,000 patients around the country. The figures, obtained through a Freedom of Information request made by the Liberal Democrats, revealed incidents of data loss dating back as far as 2006.
In some cases, the patient record loss was so serious that 25 patients were visited by the police and NHS management.
Malware is Getting Smarter, CA Warns PC World - 1 hour, 38 minutes ago
Online attacks will be dominated by smarter malware and bots targeting Web users ranging from gamers and social network users to the elderly and unsuspecting parents.
How Spyware Nearly Sent a Teacher to Prison PC World - 1 hour, 56 minutes ago
If there's a poster child for the dangers of spyware, it's Julie Amero.
ERIC SAYS: She still lost her teaching credential and her job.
Europe to get cybercrime alert system CNET - Mon Dec 1, 10:02 AM ET
Europe is getting a cybercrime alert system as part of a European Union drive to fight online criminals.
Mobile Handsets Becoming A 'Smoking Gun' Dec 01,2008
Rise in mobile devices in the enterprise adds new challenges to incident response
Facebook Wins $873 Million Lawsuit Against SpammerNov 25,2008
Spammer remains on the lam, but courts hope big award will scare others
Input filtering and escaping in SQL injection mitigation
While teaching the defensive web app security classes with SANS, I often hear "I have been filtering/escaping quote character for years to prevent SQL injection, it had worked flawlessly." That's one of the common statement I get when I sell the idea of parameterized queries. We know by now that filtering single quote does not prevent all SQL injection, but how big is the risk?
I have been doing some SQL injection research with the fine folks from Security Compass on MS SQL server. Depending on your setup, you might be more vulnerable than you think. What characters do people normally filter or escape for preventing SQL injection? Maybe quote and semi-colon? Bad news, depending on your setup, you maybe very vulnerable even after filtering those characters.
...
Register: Sony rootkit functionality found in security product
November 30, 2008 — CSO — According to The Register, a Chinese development company behind infamous Sony USB rootkit software has embedded similar functionality in the network security product HKTL-BRUDEVIC.
Does the Drew verdict make ToS breakers potential felons?
Legal observers worry that the verdict in a high-profile cyberbullying case will make crimes of ToS violations.
Apple: Mac Users Should Get Antivirus Software
Permalink
In a notable shift, Apple is now recommending that Mac users install anti-virus software to help users secure their systems.
In a technical note quietly published to its support site on Nov. 21, Apple issued the following advice:
"Apple encourages the widespread use of multiple anti-virus utilities so that virus programmers have more than one application to circumvent, thus making the whole virus writing process more difficult."
BotHunter aims to find bots for freeNews Brief, 2008-11-25
A technology firm publicly releases its tool for hunting down compromised machines within computer networks.
Subscribe to:
Post Comments (Atom)
No comments:
Post a Comment