Monthly Archive for April, 2009
Microsoft on Tuesday issued eight security updates to plug at least 23 security holes in its Windows operating systems and other software. The patches are available through Windows Update or via Automatic Updates. One patch fixes six flaws in Internet Explorer 6 & 7 (the flaws are not present in IE8), including the carpetbombing issue. Microsoft addressed that vulnerability with this IE update, as well as with a stand-alone fix for Windows XP and newer Windows versions. Microsoft has rated this update critical, meaning attackers could exploit these IE flaws merely by convincing a user to visit a hacked or booby-trapped Web site. Redmond also issued updates to fix at least two zero-day threats, vulnerabilities that hackers have been exploiting in targeted attacks to break into Windows systems. These updates include a fix for an Microsoft Excel vulnerability, and an update for a hole in most supported versions of Wordpad/Microsoft
Last week, blogs and the mainstream press alike were abuzz with reports that Chinese and Russian hackers had penetrated the U.S. power grid and left behind secret back doors. The original story, a piece in the Wall Street Journal, was light on details, and many readers have asked me if I uncovered additional nuggets of knowledge about the existence of these back doors. I have not. But I have discovered some interesting data published recently, which seems to support the notion that China and Russia are quite interested in locating digital control systems connected to our nation's power grid and other complex critical infrastructures. The data comes from a white paper released late last month by Team Cymru, a group of researchers who try to discover who is behind Internet crime and why. That document sought to provide empirical evidence to show which nations were most active in probing our
Featured Advertiser
 Smart. It's the new speed. Introducing the new Intel® Xeon® Processor 5500 Series. It adapts to low workloads so you and your servers can use less energy. That’s the new IT intelligence. See why information technology is now intelligent technology. www.intel.com/business/xeon/index.htm |
Security experts nervously watching computers infested with the prolific Conficker computer worm say they have begun seeing infected hosts downloading additional software, including a new rogue anti-virus product. Since its debut late last year, the collection of hundreds of thousands - if not millions - of systems sick with Conficker has somewhat baffled security researchers, who are accustomed to seeing such massive networks being used for money-making criminal activities, such as relaying junk e-mail. Today, however, that mystery evaporated, as anti-virus companies reported seeing Conficker systems being updated with SpywareProtect2009, a so-called "scareware" product that uses fake security alerts to frighten consumers into paying for bogus computer security software. According to Kaspersky Labs, once the scareware is downloaded, the victim will see the usual warnings, "which naturally asks if you want to remove the threats it's 'detected'. Of course, this service comes at a price - $49.95." Kaspersky reports that
From today's print edition of The Washington Post come a pair of alarming stories about how Chinese hackers and terrorist groups have infiltrated our electric power grid and are using our own digital infrastructure against us. A piece on page A4 talks about cyber spies having left behind software backdoors on networks connected to the U.S. power grid. A story on the front page warns that terrorist groups who have sworn to destroy the United States are taking full advantage of Web site hosting and registration services here in our backyard. The stories each are a fascinating read, but both have been told before. Hackers motivated by financial gain have been both infiltrating power networks and using our Internet infrastructure against us for years. The main differences these stories highlight are in attribution -- that is, who's responsible -- and intent, or their implied goals. For example, most malicious software,
"Scareware," or programs that masquerade as legitimate security and anti-virus software and then frighten and bully users into paying for them, have emerged as the most prolific and fastest-growing threats facing PC users, according to a biannual security report released this week by Microsoft Corp. George Stathakopoulos, general manager of Microsoft's trustworthy computing group, said these rogue security products can snare even experienced computer users. "Some of these sites and products look really professional and well-done, with trademarks and copyrighted material," Stathakopoulos said. "If you're in a situation where you don't already have security software and you have not yet figured out the state of the machine, you will look for a solution, and these are solutions that come to you." Microsoft found that in the second half of last year, seven of the top 25 malicious software families removed from Windows computers were scareware titles such as Antivirus2008, XPAntivirus,
Sun Microsystems has shipped an update to its widely deployed Java platform that fixes multiple security flaws present in older versions. The latest Java software, Java Version 6 Update 13, is available from this link here. Not sure what version of Java you have? Check out this page, and click the "Do I Have Java?" link. Users of more recent Java versions may already have received a prompt from the built-in auto-update client to grab this version. After updating, you may find older versions of Java still present in the Windows "Add/Remove Programs" listing. If you spot any older versions, go ahead and remove those. Be advised that Sun's installer may by default install some browser add-on, such as Microsoft's MSN Toolbar (this is the plug-in the Update 13 installer offered me when I ran it on a Windows 7 Beta machine using IE 8). If you want the Java
Web site host and domain name registrar Register.com has been the target of a sustained attack this week, disrupting service for thousands of customers. The attacks began on Wednesday, causing a three-hour outage for many Web sites that rely on the company for hosting and/or use the company's domain name system (DNS) servers, said Roni Jacobson, executive vice president at Register.com. The outage was the result of what's known as a distributed denial of service (DDoS) attack, in which attackers cause hundreds or thousands of compromised PCs to flood a target with so much junk traffic that the Web site can no longer accommodate legitimate visitors. Typically, DDoS attacks are waged as a way for criminals to extort money from the targets, who are told the attack will cease when a ransom demand is paid. Jacobson declined to say whether Register.com had received any extortion demands. "We did have a
Security experts selling weapons to ward off the dreaded Conficker warned anyone who would listen that April 1 could be a day of destruction, as millions of infected machines started phoning home for malicious software updates. Of course, not only was April Fool's Day a non-event for Conficker, but now comes news that there are far fewer than millions of systems infected with this version of the worm. Earlier in the week Security Fix reported that only six percent of the world's Conficker-infected systems are in North America, let alone the United States. On Thursday, the researchers who brought us that news - from Atlanta based Internet Security Systems - published their best guess of how many Windows systems are infected wtih Conficker.C, the only version of the worm that instructs computers to search the Internet and private P2P networks for updates after April 1. ISS's Holly Stewart writes that
Internet fraud complaints to the FBI by consumers increased more than 33 percent in 2008 over the previous year, according to figures released this week. Some 275,284 complaints were filed last year with the Internet Crime Complaint Center (IC3), a partnership between the FBI and the National White Collar Crime Center. In 2007, the IC3 received 206,844 complaints. The report shows that the nation's capital appears to be home to the largest concentration of online con artists in the country. The District of Columbia ranks #1, just ahead of Nevada and Washington State, in terms of online fraud perpetrators per 100,000 residents, the IC3 found. The non-delivery of merchandise and/or payment was by far the most reported offense, accounting for nearly one-third of all referred cases, the IC3 reports. Internet auction fraud made up 25.5 percent of referred complaints, while credit/debit card fraud comprised 9 percent. The total dollar loss
