October 2013 - Posts
Symantec shares an overview of Ploutus ATM malware currently found in Mexico and may be spreading to other areas
QUOTE; A malicious software program found in ATMs in Mexico has been improved and translated into English, which suggests it may be used elsewhere, according to security vendor Symantec. Two versions of the malware, called Ploutus, have been discovered, both of which are engineered to empty a certain type of ATM, which Symantec has not identified. In contrast to most malware, Ploutus is installed the old-fashioned way: by inserting a CD boot disk into the innards of an ATM machine running Microsoft Windows. The installation method suggests that cybercriminals are targeting standalone ATMs where access is easier. On September 4, 2013, we were the first to discover and add detections for a new malware targeting ATMs named Backdoor.Ploutus, as reported by our Rapid Release Definitions. Recently, we identified a new variant of this threat and realized that it has been improved and translated into English, suggesting that the ATM software is now being used in other countries
From business perspective, many changes noted in insurance sector are occuring in other professions
QUOTE: As insurance shifts from being a risk product to a consumer product that is more usage-based, there will be dramatic changes in the way insurance is bought, sold and distributed. The shifts in business models will dramatically change the way insurance is bought, sold and distributed. The historical strength and pride of every insurer has been agency. The future consumer will want experience, ease and choice. The old model of distribution based on trust, relationships -- the agency -- will face extinction and will move to a more experienced, choice-based, real-time distribution model via Facebook, Amazon, eBay and many other channels. Insurance will no longer be an annuity product or even a term-based. It will be a choice and usage based.
Consumerization will force the death of fixed-cost in insurance companies. Just as their customers are demanding of them, insurance companies will demand variable cost and "pay as you go" models from their suppliers of technology. Large change programs will be replaced by small agile based many projects. Software licensing will be replaced by utility. The insurance industry will demand a new, fresh approach to talent building. It won't be too long until there will be a green field virtual insurance company which will completely disrupt the way insurance is bought and sold. Underwriting will be on the spot, policies will be simple, customer behavior will be analyzed to petabyte and claims will be handled in real-time with customer interaction at its finest.
Key mobile phone user concerns were recently assessed and they center around security
QUOTE: It's easy to see we're attached to our devices. Of those surveyed, 63 percent of users said they'd be upset if they left the house without their phones. Without phones, 29 percent of users would miss texting the most followed by calling with 26 percent and email with nine percent. Not to say this saturation is a bad thing, it's just the world we're living in now.
However, this new world has new rules for keeping vulnerable, personal information safe and not all users are following them. 18 percent of those surveyed store password information on their phones while 26 percent remain uninformed of the risks of clicking strange links and downloads. Nearly half of all users still don't bother using a passcode at all, one of the simplest security measures. Bad habits can be hard to notice and harder to break. But, if users are really worried about privacy and don't know what to do, being cautious and paying attention to their mobile activity is a good place to start.
Aside from the serious potential risks that come with stolen data, one out of three users under 30 said they'd just be embarrassed if their information was exposed. That's not surprising considering how much of ourselves we can now put on the internet, and how much of it is apparently ripe for the taking. "Smartphones have become our most personal computers and in many cases know more about us than our best friends," said diVittorio. Users are worried about losing personal info (42 percent), bank info (33 percent), contacts (29 percent) and texts (23 percent).
Bitdefender warns regarding a fake scam pretending to be associated with FB Social Empires game
QUOTE: Facebook games have amassed huge audiences with their broad, social appeal. However, among these expanding user bases are some more casual players who aren't necessarily the world's most tech-savvy people. Case in point, 135,000 players of the popular Facebook strategy game Social Empires have recently been scammed through a fake cheat according to Bitdefender's Hot for Security blog. Like many in Facebook games, the economy of Social Empires, from Spanish developer Social Point, works by making its over six million monthly users wait or pay real money for the resources needed to proceed. The purposefully frustrating yet addicting mechanic controls the pace of play keeping players locked into the system. Knowing this, the scam entices players by offering maxed out food, gold, wood, stone and cash reserves. All they have to do is Like and spread the page by sharing it on other Facebook walls. It sounds like a steal, but the real theft is happening to the user.
Sophos shares recent detailed study on SPAM
QUOTE: Prepare yourself for the results of the latest Spampionship. SophosLabs conducted a study calculating the "Dirty Dozen" spam sending countries. United States, Belarus, and India take the leading three spots on the "Dirty Dozen" list for countries that send the most amount of spam; consistent with what SophosLabs has seen this past year. Countries on this list aren't necessarily spammers, but they are spam senders. Spam senders and spammers are two different things. Spammers usually don't send their own spam in bulk because it makes them easy to identify. Out of the ten million unwanted emails they attempt to send, one million could get sent before either recipients or data centers start resisting. At this point, spammers are blocked from using the servers and sending the remaining emails.
Trend has published a creative theme that documents the dangers of malware
QUOTE: Happy Halloween! Ready for a really good scare? Check out our latest infographic titled “The Scariest Cyber Security Threats.” Our clever team of researchers have created this creepy artwork by comparing the traditional frightening Halloween characters with their associated cyber threats. For example, vampires compare quite well to online banking Trojans that “suck cash out of your accounts.” Zombies in the “reel world” of Hollywood Halloween movies were the role models for hackers who created their own zombies—“mindless creatures that are controlled by botmasters who make them do their [nefarious] bidding.” Ghosts” represent targeted attacks that are designed to be neither seen nor heard. Our research indicates that for this type of attack, the average time from initial breach to detection has increased dramatically over the past couple of years.
EWeek shares the new automated Server based updating found in WordPress 3.7
QUOTE: A new version of the open-source WordPress content management and blogging platform, Version 3.7, has been officially released, providing users with improved stability and security. The impact of the new WordPress platform on the Web as a whole is nontrivial, as WordPress currently is the technology behind some 72 million Websites.
One of the biggest changes in the WordPress 3.7 release is the much anticipated introduction of background updates. Until the 3.7 release, WordPress users needed to manually click the update button inside WordPress or download a new release to update an installation for security fixes. It's a situation that could well have left countless millions of sites with older versions of WordPress, which could potentially be exploited by attackers.
However, the new background updater in Version 3.7 can now automatically update WordPress installations for maintenance and security. Introducing automatic updates for a server-side technology like WordPress, however, could be riskier as it could potentially also impact the myriad plug-ins or underlying technology that the site is running on
EWeek highlights 10 improvements found in Windows 8.1, including security
QUOTE: Windows 8.1 promises to strike a proper balance between Microsoft's vision for the future of its operating system and the average user's view on what features it needs to make the OS as effective for their needs as possible. While Windows 8.1 is an improvement over Windows 8, it's an admission that the software company might have misjudged what users would find acceptable in the latest edition of Windows. This is not unfamiliar territory for Microsoft. When the company launched Windows Vista, users were displeased with its redesign of the user interface. But Windows 7 fixed that, and Microsoft moved on. Now, after Microsoft's mistakes with Windows 8, company officials hope improvements in Windows 8.1 will put the OS in users' good graces. This slide show looks at the improvements in Windows 8.1 that Microsoft hopes will placate alienated users
It Includes Better Security Features. Overall, it's hard to not be happy with the improvements Microsoft made to Windows 8.1's security. The company has updated Windows Defender to provide improved antivirus and anti-spyware protection. It also has finally delivered device encryption across its entire software line, not just its mobile platforms. Windows 8.1 will even work with enhanced biometrics—a feature that enterprise buyers eagerly desire
MMPC highlights SIR v15 report and Windows XP vulnerabilities, noting latest Windows versions are safer and more reliable. The popular O/S is now 12 years old and is being retired for improved and more secure control systems for the PC, laptop, or device.
QUOTE: Earlier today we published a blog post that discussed a new metric for analyzing malware prevalence which was introduced in the latest report. This new metric, called the encounter rate, measures the percentage of computers protected with Microsoft real-time antimalware products that come into contact with malware. It is important to note encounters do not equate to infections. Although some computers do report active malware, the vast majority of these encounters represent blocked infections reported by our antimalware products. Another recent blog explained our metrics in more detail.
As shared in volume 15 of the SIR report, more recent operating systems (Windows 7/8) are better hardened for security and can mitigate or prevent most attacks circulating today, with complementary defenses in place (i.e., AV, Firewall, safe user practices, etc)
If you need a strong supporting argument and five good reasons to upgrade, look no further than the Microsoft Security Intelligence Report v15 released today. All you need to do is CTRL+F this doc and search for Windows XP to see what I'm talking about. Here, I'll help, as ripped directy from the SIR v15:
- 9.1 computers cleaned per 1000 scanned by the Malicious Software Removal Tool (MSRT) were Windows XP SP3 32-bit, more than any other system cleaned.
- Windows XP SP3 holds the top spot for infection rate (9.1 CCM) even though it actually has a lower encounter rate (percent of reporting computers) than Windows 7 SP1.
- The disparity between the two metrics above highlights the importance of moving away from older operating system versions to newer, more secure ones. Computers running Windows XP in the first half of 2013 encountered about 31 percent more malware worldwide than computers running Windows 8, but their infection rate was more than 5 times as high.
- #1 threat family affecting Windows XP SP3? INF/Autorun. Yes, that autorun, used by worms when spreading to local, network, or removable drives. Doesn't work on modern versions of Windows in their default configuration.
- Windows XP extended support ends April 8, 2014. That means no more patches, people.
XP has been a beloved operating system for millions and millions of people around the world, but after 12 years of service it simply can't mitigate the threats we're seeing modern-day attackers use."
Intego highlights new version of Ransomware browser locking "prank" that is circulating this month:
QUOTE: Last July, a ransomware prank was found making the rounds on Safari browsers, which tied up the browser window with excessive pop-ups purporting to be from the FBI, demanding users send $300 to have their browser unlocked. The ransomware wasn’t harmful to the user’s system, and it could be easily bypassed. Well, we’re seeing yet another round of this irritating prank, and this time it affects Chrome and Safari browsers. There’s a couple ways to kill this prank from each of the affected web browsers.
Intego highlights important update for Safari browser as follows:
QUOTE: Apple has released Safari 6.1 with patches for 21 vulnerabilities to improve its web browser security. The Safari update addresses a number of Webkit flaws that may lead to information disclosure and cross-site scripting attacks, as well as a Safari vulnerability related to arbitrary code execution.
Trend reports an an increase in spreading of CryptoLocker malware, as follows:
QUOTE: Over the past few weeks, we’ve been seeing an increase in the number of spreading CryptoLocker malware. This new kind of ransomware has been hitting more users over the past few weeks Previously, we discussed how these threats were arriving via email. CryptoLocker can be viewed as a refinement of a previously known type of threat called ransomware. Such “improvements” are in line with our 2013 Security Predictions, where we mentioned that the focus of cybercriminals would be the refinement of existing tools, rather than the creation of entirely new threats.
Recent surveys note that usage of these two specialized social networking sites are growing. Both are popular resources for younger users.
QUOTE: We’re almost 10 years old so we’re definitely not a niche thing any more so that kind of angle for coolness is done for us," Facebook CEO Mark Zuckerberg said just last month at the Newseum in Washington, D.C. Facebook, in its July report to stockholders, noted that losing younger Facebook members to competing social networks is a known problem. Now there's even more statistics to support what you and Zuck already know in your heart: Twitter toppled Facebook as "most important" social site among teens, making the former long-standing champion No. 2. That's according to the semi-annual teen market report from investment management firm Piper Jaffray.
With 26 percent of the teens surveyed choosing Twitter, and 23 percent going with Facebook, the difference doesn't seem like a big one, until you notice how far Facebook's fallen since its all time high of 42 percent teen preference, way way back in 2012. (About 200 years in Internet time.) If this all seems freakishly familiar, it's because Pew Research offered up similar stats in its May report on teens and social media, noting a "waning enthusiasm" for Facebook among U.S. teens. Instagram — that's the third most important social media site for teens, according Piper Jaffray. With 23 percent of teens surveyed choosing Instagram as No. 1, the photo-sharing social service is up from 17 percent in Spring, neck-and-neck with its new owner and growing fast
Kaspersky AV users should update the AV signature files if they encounter this false detection message:
QUOTE: One of our readers has alerted us to the fact that Kaspersky AV has identified tcpip.sys as malware on his Windows 7 32bit hosts - the file is flagged as "HEUR:Trojan.Win32.Generic". Microsoft's Windows File Protection feature prevented it from quarantining this critical file, but his end users were all treated to the error message. Kaspersky has verified that this is resolved in their latest update. If you're seeing this issue, get your AV to "phone home" for the fix!
Parents still need to take an active role to ensure responsible use of home Internet resources. As often shared, don't put anything on a social network you would not want on front page of newspaper.
QUOTE: Facebook has eased its privacy settings for 13 to 17-year-old users, enabling them to now share photos updates and comments with the public. The change went into effect immediately after the announcement on Wednesday. “Teens are among the savviest people using social media, and whether it comes to civic engagement, activism, or their thoughts on a new movie, they want to be heard,”
Facebook wrote in a blog post announcing the change. “While only a small fraction of teens using Facebook might choose to post publicly, this update now gives them the choice to share more broadly, just like on other social media services.” The privacy settings for teenagers were previously set to “Friends of Friends” as a default. Their default will now be set to just “Friends,” a narrower audience, but they will have the choice to make their posts public. However, a small warning will pop up when teenagers try to set their posts to public, giving them one last warning that anyone can see their online content once they make it accessible.
Often users will special posts in their friends messages that ask them to COPY & PASTE certain warnings. Almost all of these are hoaxes that are filled with some factual data so that folks will become concerned and take action. One new variant of a privacy hoax was circulating actively this month. Have just assisted some friends in dispelling this as a hoax. It is captured below
Critical updates for IE, Windows, Office, and other products are available. Corporate and home users should promptly install these updates. The Internet Explorer update is rated as "PATCH NOW" by ISC because it patches an exploit currently circulating on malicious sites
With the TWC initiative, Microsoft introduced an innovative process to continually improve security over time. It provides an important planning date each month for system administrators and well all home & corporate users
QUOTE: This month also marks the 10-year anniversary of the Patch Tuesday program, which Microsoft started in October of 2003. Over the past decade, it has become a model implementation of a patch program in both outreach to vulnerability submitters and predictability for IT administrators, who have been dealing with the increasing number of patches for their computer infrastructures
NY Times shares article on new advanced Facebook timeline search capability
QUOTE: In a blog post on the company’s Web site Monday, Facebook said people could now search “status updates, photo captions, check-ins and comments” from both their own timelines and those of their friends. Facebook said people could search for specific things by, for example, typing in, “Posts about Dancing with the Stars by my friends,” which will bring up any posts by their friends on the service who have commented on or shared content about the show. You could also search for “Pictures of me and my dog” to help find photos in which you’re both tagged, or “My posts from last year.”
More Posts Next page »