Week in review: pcAnywhere code leaked, Trustwave revokes “MitM” certificate, and top reasons for IT layoffs in 2011
Here’s an overview of some of last week’s most interesting news, articles and interviews:
Compromised DreamHost-hosted websites lead to scams
Hundreds of websites hosted by DreamHost have been compromised and are used to redirect users to a Russian scam page.
Smaller DDoS attacks can be deadlier than big ones
Contrary to conventional thinking that large bandwidth cyber attacks wreak the most damage on enterprises, security experts at Radware instead found that bigger problems usually come in small packages.
The state of cyberwar in the U.S.
As a country that is used to being dominant in the more traditional sense, the U.S. has been working to come to grips with a new sense of supremacy as a result of cyber threats.
Quick response, quick risk?
You don’t have to look far these days to spot a QR code. They are a marketeer’s dream, but also useful to hackers as a social engineering tool.
Update on the Kelihos botnet
Reports that the Kelihos botnet is back online and that its original operators are again trying to take over its reigns have been premature, says Microsoft.
Trojan rounds up and steals Word and Excel docs
Beware of bogus FedEx emails asking you to review a shipment notification – the attached Fedex_Invoice.exe is actually a downloader Trojan that opens you computer to other pieces of malware.
Wireless security and the enterprise
Jesse Frankel is the head of the AirMagnet Intrusion Research Team. He has been working in various areas of wireless LAN technology and applications for more than 15 years. Currently he manages the AirMagnet Enterprise WLAN IDS/IPS and performance measurement platform and drives technology directions for the Wi-Fi security space. In this interview he discusses wireless LAN security policies for mobile users in the enterprise, challenges faced by mobile warriors, and more.
U.S. developing plan to regulate critical infrastructure company cyber defense
A Senate plan to boost the US government’s ability to regulate the security of companies responsible for critical industries is causing debate as to exactly how far its reach should be.
pcAnywhere code allegedly leaked after failed extortion attempt
Late Monday evening a 1.2GB file named “Symantec’s pcAnywhere Leaked Source Code” was posted on The Pirate Bay. Symantec has confirmed that the leaked source code is legitimate.
Public beta of Flash Player sandbox for Firefox is out
“The design of this sandbox is similar to what Adobe delivered with Adobe Reader X Protected Mode and follows the same Practical Windows Sandboxing approach,” shared Peleus Uhley, Adobe’ platform security strategist.
How online communication connects generations
AARP and Microsoft released “Connecting Generations,” a research report that examines how people of all ages are using online communication and social networking to enhance their family relationships.
More bogus ad-serving Android apps evade Google’s Bouncer
Users searching for games on the official Android Market have lately been heavily targeted by ad-pushing scammers. First it was the fake Temple Run app, and now a string of bogus copies of popular iPhone games supposedly developed by Rovio Mobile Ltd, the developers of the famous Angry Birds game.
Trustwave revokes “MitM” certificate, vows never to issue one again
Certificate authority Trustwave has revoked a subordinate root certificate it issued to a company that allowed it to intercept their employees’ private email communication.
Satellite telephony encryption cracked
Researchers at the Horst G?¶rtz Institute for IT-Security (HGI) at the Ruhr University Bochum (RUB) have cracked the encryption algorithms of the European Telecommunications Standards Institute (ETSI), which is used globally for satellite telephones, and revealed significant weaknesses.
Chrome to stop using online checks to spot revoked certificates
So far, Crome – as, indeed, all other major browsers – sends OCSP and CRL queries to the services run by the Certificate Authorities in order to verify whether that particular certificate has been revoked. But, as Langley points out, the process is deeply flawed and Google has finally decided to do something about it.
Top reasons for IT layoffs in 2011
Inappropriate use of work time and Internet connection turned out to be one of the most compelling reasons for dismissal (26%).
Cybercriminals tailoring tactics for maximum appeal
Last month saw malware attacks targeting a wide range of potential victims, including gamers looking for a Pro Evolution Soccer 2012 game crack, small business owners concerned about the reputation of their business, and government organizations receiving spoofed messages from US-CERT.
The evolution of targeted attacks and exploit kits
There’s been a significant growth in cybercrime, via sophisticated targeted attacks and social media scams, as well as a rise in malicious email attachments, despite a four-year low in spam volumes last year, according to M86 Security.
Romney defeats Gingrich in US spam primaries
Mitt Romney, the former Massachusetts governor who’s leading polls in the race to become the Republican Party’s nominee for the US presidency, is also the favorite politician of spammers touting knockoff drugs and dubious bargains in junk e-mail.
Active mobile botnet enslaves thousands of Android devices
A trojanized Android application for configuring phone settings has been enslaving the devices of the customers of China’s two largest mobile carriers into a botnet numbering hundreds of thousands of compromised devices, say Symantec researchers.