Category Archives: Latest Warnings

EU to Banks: Assume All PCs Are Infected

July 12, 2012

An agency of the European Union created to improve network and data security is offering some blunt, timely and refreshing advice for financial institutions as they try to secure the online banking channel: “Assume all PCs are infected.”

The unusually frank perspective comes from the European Network and Information Security Agency, in response to a recent “High Roller” report (PDF) by McAfee and Guardian Analytics on sophisticated, automated malicious software strains that are increasingly targeting high-balance bank accounts. The report detailed how thieves using custom versions of the ZeuS and SpyEye Trojans have built automated, cloud-based systems capable of defeating multiple layers of security, including hardware tokens, one-time transaction codes, even smartcard readers. These malware variants can be set up to automatically initiate transfers to vetted money mule or prepaid accounts, just as soon as the victim logs in to his account.

Microsoft Patches Zero-Day Bug & 15 Other Flaws

July 10, 2012

19 Comments

Microsoft today issued a security patch to fix a zero-day vulnerability in Windows that hackers have been exploiting to break into vulnerable systems. The company also addressed at least 15 other flaws in its software, and urged customers to quit using the desktop Sidebar and Gadget capabilities offered in Windows 7 and Windows Vista.

Plesk 0Day For Sale As Thousands of Sites Hacked

July 10, 2012

46 Comments

Hackers in the criminal underground are selling an exploit that extracts the master password needed to control Parallels’ Plesk Panel, a software suite used to remotely administer hosted servers at a large number of Internet hosting firms. The attack comes amid reports from multiple sources indicating a spike in Web site compromises that appear to trace back to Plesk installations.

New Java Exploit to Debut in BlackHole Exploit Kits

July 5, 2012

44 Comments

Malicious computer code that leverages a newly-patched security flaw in Oracle’s Java software is set to be deployed later this week to cybercriminal operations powered by the BlackHole exploit pack. The addition of a new weapon to this malware arsenal will almost certainly lead to a spike in compromised PCs, as more than 3 billion devices run Java and many of these installations are months out of date.

DNSChanger Trojan Still in 12% of Fortune 500

June 28, 2012

15 Comments

In about two weeks, hundreds of thousands of computer users are going to learn the hard way that failing to keep a clean machine comes with consequences. On July 9, 2012, any systems still infected with the DNSChanger Trojan will… Read More »

A Closer Look: Email-Based Malware Attacks

June 21, 2012

88 Comments

Nearly every time I write about a small to mid-sized business that has lost hundreds of thousands of dollars after falling victim to a malicious software attack, readers ask how the perpetrators broke through the victim organization’s defenses, and which type of malware paved the way. Normally, victim companies don’t know or disclose that information, so to get a better idea, I’ve put together a rough profile of the top daily email-based malware attacks over the past month.

Beware Scare Tactics for Mobile Security Apps

June 20, 2012

25 Comments

It may not be long before your mobile phone is beset by the same sorts of obnoxious, screen-covering, scaremongering ads pimping security software that once inundated desktop users before pop-up blockers became widely-used.
Richard M. Smith, a Boston-based security consultant, was browsing a local news site with his Android phone when his screen was taken over by an alarming message warning of page errors and viruses. Clicking anywhere on the ad takes users to a Web site selling SnapSecure, a mobile antivirus and security subscription service that bills users $5.99 a month.

Microsoft Patches 26 Flaws, Warns of Zero-Day Attack

June 12, 2012

30 Comments

Microsoft today released updates to plug at least 26 separate security holes in its Windows operating systems and related software. At the same time, Microsoft has issued a stopgap fix for a newly-discovered flaw that attackers are actively exploiting.

If You Use LinkedIn, Change Your Password

June 6, 2012

54 Comments

An archive reportedly containing the hashed passwords of more than six million LinkedIn accounts is circulating online. LinkedIn says it is still investigating the claims, but if you use LinkedIn, you may want to take a moment and change your… Read More »

Attackers Hit Weak Spots in 2-Factor Authentication

June 5, 2012

31 Comments

An attack late last week that compromised the personal and business Gmail accounts of Matthew Prince, chief executive of Web content delivery system CloudFlare, revealed a subtle but dangerous security flaw in the 2-factor authentication process used in Google Apps for business customers. Google has since fixed the glitch, but the incident offers a timely reminder that two-factor authentication schemes are only as secure as their weakest component.

In a blog post on Friday, Prince wrote about a complicated attack in which miscreants were able to access a customer’s account on CloudFlare and change the customer’s DNS records. The attack succeeded, Prince said, in part because the perpetrators exploited a weakness in Google’s account recovery process to hijack his CloudFlare.com email address, which runs on Google Apps