Tag Archives: Facebook

Email-Based Malware Attacks, July 2012

July 31, 2012

Last month’s post examining the top email-based malware attacks received so much attention and provocative feedback that I thought it was worth revisiting. I assembled it because victims of cyberheists rarely discover or disclose how they got infected with the Trojan that helped thieves siphon their money, and I wanted to test conventional wisdom about the source of these attacks.

While the data from the past month again shows why that wisdom remains conventional, I believe the subject is worth periodically revisiting because it serves as a reminder that these attacks can be stealthier than they appear at first glance.

How to Break Into Security, Grossman Edition

July 9, 2012

I recently began publishing a series of advice columns for people who are interested in learning more about security as a craft or profession. For the third installment in this series, I interviewed Jeremiah Grossman, chief technology officer of WhiteHat Security, a Web application security firm.

A frequent speaker on a broad range of security topics, Grossman stressed the importance of coding, networking, and getting your hands dirty (in a clean way, of course).

A Closer Look: Email-Based Malware Attacks

June 21, 2012

Nearly every time I write about a small to mid-sized business that has lost hundreds of thousands of dollars after falling victim to a malicious software attack, readers ask how the perpetrators broke through the victim organization’s defenses, and which type of malware paved the way. Normally, victim companies don’t know or disclose that information, so to get a better idea, I’ve put together a rough profile of the top daily email-based malware attacks over the past month.

Facebook Takes Aim at Cross-Browser ‘LilyJade’ Worm

May 17, 2012

Facebook is attempting to dismantle a new social networking worm that spreads via an application built to run seamlessly as a plugin across multiple browsers and operating systems. In an odd twist, the author of the program is doing little to hide his identity, and claims that his “users” actually gain a security benefit from installing his software.

At issue is a program that the author calls “LilyJade,” a browser plugin that uses Crossrider, an emerging programming framework designed to simplify the process of writing plugins that will run seamlessly across multiple browsers and operating systems, including Google Chrome, Internet Explorer, and Mozilla Firefox. The plugin spreads by posting a link to a video on a user’s Facebook wall, and friends who follow the link are told they need to accept the installation of the plugin in order to view the video. Users who accept the terms of service for LilyJade will have their accounts modified to periodically post links that help pimp the program.

How to Buy Friends and Deceive People

July 15, 2011

Want more friends and followers? Emerging enterprises will create them for you — for a price. An abundance of low-cost, freelance labor online is posing huge challenges for Internet companies trying to combat the growing abuse of their services, and… Read More »