IT security, vunerabilities, bugs, fixes, flaws, RSA conference and Infosec.
A blog from

« July 2010 | Main | September 2010 »

UK and US drop down virus source list

There was good news for US and UK security chiefs today with the latest stats from managed security firm Network Box showing that India and Russia have both leapfrogged them in the list of top virus sources.

India is now the world's single biggest producer of viruses, accounting for 13.74 per cent, while Russia comes next, producing just over 11 per cent. The US now accounts for just over eight per cent, an impressive decrease from 14.65 per cent last month.

The UK dropped down from fourth to seventh on the list.

However, there was bad news for the US in the spam list, with the latest stats showing it came out as number one source for worldwide spam, at just over 12 per cent. India came second with Brazil in third and the UK in fourth with five per cent.

The stats echo those form Symantec Hosted Services which last week declared the UK also in fourth place with around 4.5 per cent of the world's share of spam.

However, Network Box warned that the trends are unlikely to continue in the same vein next month, given the agility of cyber criminals.

"The country sources of these internet threats shifts each month, which shows how quickly internet criminals can move their operations round the world and launch attacks," said Network Box internet security analyst, Simon Heron.

"Businesses need to be vigilant and ensure they are not opening up the back door to a hacker when they use new applications or technologies."

August 31, 2010 | | Comments (0)

Microsoft's free security tool gets the thumbs up

Some good news for Windows users for a change; Microsoft's free-to-download Security Essentials tool has been certified by anti-virus research organisation AV-Test as part of an in-depth study of 19 security products.

Security Essentials was launched last year as a replacement for the scrapped Windows Live OneCare subscription service, and is a free download for consumers running Windows 7, Windows Vista and Windows XP SP2 or higher.

At the time, questions were raised about whether a free security product could really prove effective in protecting Windows computers, especially when compared against full-blown security suites from established vendors such as Symantec and McAfee.

However, Security Essentials seems to have fared well in AV-Test's study, especially in the usability category which examines how much a particular tool impacts on the performance of the computer it is running on.

This tallies with feedback from reviewers and testers, who have previously praised the tool for its unobtrusive operation. Some security suites can slow down a PC alarmingly.

In terms of protection, Security Essentials was still rated as less effective than Symantec's Norton Internet Security 2010 or AVG: Internet Security 9.0, both of which are paid-for suites, but Microsoft has always maintained that the product is aimed at those users who would otherwise have no protection at all, rather than at taking market share from other security vendors.

Enhanced by Zemanta

August 19, 2010 | | Comments (1)

Justin Bieber used as malware lure

Omnipresent cyberstar Justin Bieber is the fishing bait of choice for malware distributors, according to Panda Labs.

The security firm said that blackhat search engine optimisation attacks were being used to distribute malware, and added that it had found as many as 200 different web addresses that exploit the teen singer's name.

Panda found a number of references to Bieber on the links it studied, and these ranged from 'justin bieber takes estrogen pills', to 'justin bieber smoking weed', 'justin bieber pregnant', and 'justin bieber removes left testicle'.

Although this technique is not new - the last episode of meandering confusathon Lost prompted a similar blooming of sites, for example - it is still annoying. Panda said that the fake web sites appeared high in search rankings, and once clicked prompted the user to download a file which turns out to be fake anti virus software.

"These types of activities have become increasingly common and any popular topic or issue is used by cyber-crooks to spread their creations," said Luis Corrons, technical director of Panda Labs.

"By positioning web sites used to distribute malware among the first results in search engines, they can be sure that numerous internet users will inadvertently download the fake antivirus."

August 18, 2010 | | Comments (0)

Largest ever drive-by download discovered?

An infected widget from web hosting firm Network Solutions could have affected over five million separate domains, according to new research from web app security firm Armorize.

The security firm revealed that the 'Small Business Success Index' widget was infected last week, but the malware could have been operating in some form for months. It soon realised that the problem was much more widespread than at first thought.

"Yesterday I had some time to sit down and study this widget further, and discovered something critical - it's a part of the standard domain parking page of Network Solutions," explained co-founder Wayne Huang.

According to a Google search, the widget in question was available and serving malware on more than 500,000 domains, but according to Yahoo that number rose to over five million, he said.

"I didn't have time to click on every single one of them, but I clicked on enough to conclude that, all of them are indeed infected, via the same widget we blogged about a few days ago," wrote Huang.

"Also, neither Google or Yahoo actually shows all results. Google shows the first 45 pages only, and Yahoo shows the first 100 only. So we couldn't really go through all the domains one by one...and 5 million is too large a number for manual verification anyways."

The drive-by-malware in question, when downloaded, redirects user searches and monitors various search terms, automatically popping up advertising on the user's screen, for which the malware writer will get a fee.

According to Armorize, Network Solutions took down the widget within three hours of being contacted. However it remains worrying how such a large scale drive-by download remained under the radar for so long.

August 17, 2010 | | Comments (1)

Japanese hacker arrested for fishy malware

A Japanese hacker has been arrested on suspicion of creating malware which deletes a user's computer files and replaces them with manga-style images of octopuses and squid.

Up to 50,000 computers may have been infected by Masato Nakatsuji, 27, of Izumisano, Osaka Prefecture, the Asahi Shinbun reported today.

High-tech crime officers said Nakatsuji is suspected of writing the Ikatako (squid-octopus) virus, which was distributed on the Winny file-sharing site in May, disguised as a file for anime songs, according to the report.

He was arrested whilst serving a suspended sentence for a previous offence and reportedly told police: "I wanted to see how much my computer programming skills had improved since the last time I was arrested."

Police arrested Nakatsuji in 2008 for violating copyright laws by writing a virus which replaced user files with anime images.

August 5, 2010 | | Comments (0)

European Commission rejected BlackBerrys

As the row over BlackBerry security continues to rumble on, there was more bad news for Research In Motion today with news emerging that the European Commission rejected use of the devices in favour of the iPhone and HTC handsets.

The European Union's executive body reviewed the use of smartphones by its staff, which number over 30,000, two years ago, according to a Reuters report today.

"Following this evaluation, the HTC and the iPhones emerged as the most suitable platforms for voice/mail-centric mobile devices," a Commission spokesman told Reuters in an email.

"As a result, the Commission currently supports these two platforms."

The news will be a blow to RIM as it struggles to fend off strong competition from Apple and phones running Google's Android operating system.

Apple pulled off a coup in May when UK bank Standard Chartered offered its worldwide workforce the chance to switch from BlackBerry to iPhone.

The decision by Saudi Arabia and the United Arab Emirates this week to ban key BlackBerry services has added to RIM's woes.

However, somewhat ironically, these "security concerns" appear more to be due to the fact that BlackBerrys are too secure, with both authorities expressing concerns that they can't monitor encrypted communications made over the devices.

For its part, the UK government remains convinced that BlackBerrys are the most secure smartphone around, saying in June that it would not sanction ministerial use of iPhones for official business due to security concerns.

"The only mobile telecoms or personal digital assistant devices that have been issued to ministers of the department are BlackBerrys," said health secretary Simon Burns.

"The department does not issue Apple iPhones to staff as these are not approved for government use by the Communications-Electronics Security Group [CESG]."

August 4, 2010 | | Comments (0)

Site credentials: About | Privacy policy | Terms & conditions | Top of the page
© Incisive Media Investments Limited 2010, Published by Incisive Financial Publishing Limited, Haymarket House, 28-29 Haymarket, London SW1Y 4RX, are companies registered in England and Wales with company registration numbers 04252091 & 04252093