Honeynets and other “deception technologies” are among the approaches discussed in the following document, written by the National Security Agency’s Information Assurance Directorate. A source of mine passed it along a while back, but I only rediscovered it recently. I was surprised to find that it had never been published, so I have uploaded the document here.
A number of readers recently have written in to say their banks recently have urged customers to install a security program called Rapport as a way to protect their online bank accounts from fraud. The readers who pinged me all said they didn’t know much about this product, and did I recommend installing it? Since it has been almost two years since I last reviewed the software, I thought it might be useful to touch base with its creators to see how this program has kept pace with the latest threats.
The “Storm Worm,” a prolific strain of malicious software once responsible for blasting out 20 percent of spam sent worldwide before it died an ignominious death roughly 18 months ago, was resurrected this week. Researchers familiar with former strains of the worm say telltale fingerprints in the new version strongly suggest that it was either rebuilt by its original creators or was sold to another criminal malware gang.
Purveyors of fake anti-virus or “scareware” programs have aggressively stepped up their game to evade detection by legitimate anti-virus programs, according to new data from Google.
Much digital ink has been spilled in this blog detailing the activities of so-called “money mules,” willing or unwitting individuals here in the United States who are lured into laundering money for international organized cyber crime gangs. The subject almost always generates fierce debate among readers about whether these mules should be prosecuted, and the debate usually hinges on whether the mules knew that they were contributing to a crime.
Aaron Jacobson of Authentify put together this map of all 43 of the U.S. commercial e-banking victims I’ve mentioned in stories at Krebsonsecurity.com and at the Washington Post’s Security Fix blog. Clicking on this Google Maps link brings up an… Read More »
Malicious hackers spend quite a bit of energy and time gaming the Internet search engines in a bid to have their malware-laden sites turn up on the first page of search results for hot, trending news topics. Increasingly, though, computer criminals are taking steps to keep search bots at bay, particularly with legitimate Web sites that have been hacked and booby-trapped with hostile code.
Purveyors of rogue anti-virus, a.k.a. “scareware,” often seize upon hot trending topics in their daily efforts to beef up the search engine rankings of their booby-trapped landing pages. So it’s perhaps no surprise that these scammers are capitalizing on search terms surrounding McAfee, which just yesterday shipped a faulty anti-virus update that caused serious problems for a large number of customers.
A fire alarm company in Arkansas lost more than $110,000 this month when malicious hackers stole the firm’s online banking credentials and drained its bank account.
McAfee’s anti-virus software is erroneously detecting legitimate Windows system files as malicious, causing reboot loops and serious stability problems for many Windows XP users, according to multiple reports.