Computer Viruses Evolve
New malware morphs into different shapes unattended by humans
Now this is quite a fascinating story, it seems the latest development is the accidental development of new super-malware strains created by viruses infecting executable files of worms. Worms are generally executable files and well, viruses infect executables – so you can imagine what happens.
Ten years ago, there was a clear-cut distinction between Trojans, viruses and worms. They all had their own features specific to one family of malware only. As more people connected to the internet, cyber-criminals started mixing ingredients to maximize impact. And here I’m thinking Trojans with worm capabilities or viruses with Trojan features, and so on. (more…)
2012 Malware and Cybercrime Predictions
Now that 2012 is upon us, people always like to give predictions on what they think the year will turn out. I found this video recently and thought I would share it. Enjoy.
Bypass Wireless Security
Summary: Security Flaw Found in Wi-Fi Protected Setup (WPS) that allows Brute Force Hack of PIN in Roughly Two Hours
The Wi-Fi Protected Setup (WPS) was a standard launched in 2007 by the Wi-Fi Alliance to simplify connecting to a wireless network — and simplify setting up encryption. With so many people failing to set up a router password because they found it too confusing, the standard implemented either/and a single button setup option, in addition to a simplified eight-digit PIN used by the AP and connecting devices. However, security researcher Stefan Viehbock has discovered a new security hole in the standard that allows a hacker to use brute force to access a WPS PIN-protected router — in roughly around two hours. (more…)
Stopping Online Piracy – SOPA
Will 2012 see the end of the internet as we know it? The House Judiciary committee tried to finalize the Stop Online Piracy Act (Sopa) before Christmas for a vote early next year. But fierce opposition – much of it online – seems to have given pause to the bill’s main author, Lamar Smith. He is now expected to hear from expert witnesses early next year before the bill goes to Congress.
The Stop Online Piracy Act (SOPA), also known as H.R. 3261, is a bill that was introduced in the United States House of Representatives on October 26, 2011, by Representative Lamar Smith (R-TX) and a bipartisan group of 12 initial co-sponsors. The bill expands the ability of U.S. law enforcement and copyright holders to fight online trafficking in copyrighted intellectual property and counterfeit goods. Now before the House Judiciary Committee, it builds on the similar PRO-IP Act of 2008 and the corresponding Senate bill, the Protect IP Act. (more…)
Windows Patch Tuesday – December 2011
Patch up warmly this winter if you’re running Java, as Oracle’s software platform is the single biggest target for hackers. Java proved the single most popular target in the 12-month period to the end of June, according to Microsoft’s latest Security Intelligence Report has found here. Running Java as a Web-browser Plugin is much more dangerous than Flash, and you should disable the Java Applet Plugin.
Microsoft today issued software updates to patch at least 19 security holes in Windows XP, Vista, 2003 and 7 (no surprise there), including three flaws that earned the company’s most serious “critical” rating. Separately, Oracle released a security update that fixes several issues in its Java software. (more…)
Automatic Computer Malware
According to a Security Intelligence Report from Microsoft, AutoRun—the feature in Windows that automatically executes files when you plug in a USB or connect to a network—accounts for almost half of all malware infections. These are infections that don’t require any user-input from you, so it’s kind of not your fault that your computer gets infected. By turning off AutoRun, you’ll add an extra step to certain tasks, but it’s worth it to cut down on malware 50%.
This report states that Windows XP SP3 systems get infected about ten times as much as Windows 7 SP1 64-bit systems, and six times as much vs. 32-bit Windows 7 systems. That alone is one reason why you might want to upgrade your parents’ machines to Linux. bear in mind that Windows XP should have been mostly fixed back in February of 2011. See Microsoft Security Advisory 967940. The update does not disable auto-play for CD nor DVD media, but only USB drives, external hard drives and network shares. (more…)
Phishy Emails Abound
Do not ever, click on a link in your email. Unless you know its is from someone you implicitly trust, but even then that could be a problem, as spammers are constantly trying to trick you.
Here is a one of the most recent examples, which I found intriguing as I just paid them a few days ago.
WiFi Wide Open
Wi-Fi gives us freedom from wires, but it’s not secure by default. Data is transmitted through the air, and anyone nearby can easily capture it with the right tools. As discussed below, whether you have your own Wi-Fi network or use someone else’s, employing security measures is necessary to protect company files, online accounts, and user privacy.
Why Protect Your Wi-Fi Network?
By default, Wi-Fi routers and access points aren’t secure when you purchase them. Unless you enable encryption, people nearby can easily connect to your network. At best, they just use the free wireless Internet for browsing and downloading, possibly slowing down your connections. However, if they wanted to, they could possibly access your PCs and files. They also could easily capture your passwords or hijack your accounts for websites and services that don’t use SSL encryption, such as some Web-based email clients, Facebook, and Twitter. (more…)
2012 Security Threats
Hackers are sidestepping automated security technology and are using social engineering and data mining to orchestrate attacks against prominent individuals and their corporate networks.
This trend has been brought about through advances in network protection and tighter regulation both of which have conspired to make it more difficult for hackers to compromise systems and create widespread disruption.
Traditional techniques such as SQL injection, web app hijacking and unauthorised server access are now being bypassed in favour of more rewarding social engineering practices which yield the data necessary to carry out highly organised systematic attacks.
Five influential security trends to watch in 2012 are: (more…)
Windows 8 Antivirus
In a move that is likely to anger the antivirus industry, Microsoft is adding security features from its Security Essentials program to Windows 8. This is good news for consumers, but bad news for the antivirus industry. Microsoft should have been doing this since the release of Windows 95. While many of us do simultaneous facepalms and giggle at a decade-late decision, others question the legality of doing so. A multi-billion dollar industry has grown, based on the absolute porous operating system that is Microsoft Windows.
That’s right. Microsoft this week began offering U.S. customers its free antivirus program via Windows’ built-in update service, a move one major security firm said may be anti-competitive. Microsoft is adding features from its Security Essentials program, which is currently available as a separate download for Windows users, to the Windows Defender package already built into Windows. This means that Windows 8 users will get out-of-the-box protection against malware, along with firewall and parental controls from within Windows without requiring users hunt down a separate download or buy new software. (more…)
