Spamzy

Cisco released its annual Security Report the other day, tracking the notable trends and threats across the world wide web. Here are the highlights:

The Annual Cisco Security Report: Notable Trends
· The overall number of disclosed vulnerabilities grew by 11.5 percent over 2007.
· Vulnerabilities in virtualization technology nearly tripled from 35 to 103 year over year.
· Attacks are becoming increasingly blended, cross-vector and targeted.
· Cisco researchers saw a 90 percent growth in threats originating from legitimate domains, nearly double what was seen in 2007.
· The volume of malware successfully propagated via e-mail attachments is declining. Over the past two years (2007-2008), the number of attachment-based attacks decreased by 50 percent from the previous two years (2005-2006).

Specific Threats Across the Web
· Spam. According to Cisco, spam accounts for nearly 200 billion messages each day, approximately 90 percent of worldwide e-mail. The United States is the biggest source at 17.2 percent. Other countries who contribute spam include Turkey (9.2 percent), Russia (8 percent), Canada (4.7 percent), Brazil (4.1 percent), India (3.5 percent), Poland (3.4 percent), South Korea (3.3 percent), Germany and the United Kingdom (2.9 percent each).
· Phishing. While targeted spear-phishing represents about 1 percent of all phishing attacks, it is expected to become more prevalent as criminals personalize spam and make messages appear more credible.
· Botnets. Botnets have become a nexus of criminal activity on the Internet. This year, numerous legitimate Web sites were infected with IFrames, malicious code injected by botnets that redirect visitors to malware-downloading sites.
· Social engineering. The use of social engineering to entice victims to open a file or click links continues to grow. Cisco expects that in 2009, social engineering techniques will increase in number, vectors and sophistication.
· Reputation hijacking. More online criminals are using real e-mail accounts with large, legitimate Web mail providers to send spam. This “reputation hijacking” offers increased deliverability because it makes spam harder to detect and block. Cisco estimates that in 2008 spam resulting from e-mail reputation hijacking of the top three Web mail providers accounted for less than 1 percent of all spam worldwide but constituted 7.6 percent of the providers’ mail traffic.

Read the full report for free on Cisco’s site.

Here is the original post:
Less Malware, More Blended Threats from Legit Domains, Says Cisco

River of junk stems from malware plague

Nine in ten emails are now spam with an estimated 200bn junk mail messages a day clogging up the internet, according to a new report by networking and security giant Cisco.…

Read the rest here:
Nine in ten emails now spam

It looks like CAPTCHAs are often more useful for restoring old manuscripts than implementing security on a web site. This recent research by Carnegie Mellon university shows audio CAPTCHAs are easily crackable — if you consider that getting about half the data will give you enough to break the network:

reCAPTCHA’s own audio version was similar to Google’s but used different speakers for different digits. This proved to be a significant barrier to the learning algorithms, which, at best, got it right a bit less than half the time (again, SVM was the star). As the authors point out, however, getting it right half the time would be more than worth the effort for spammers that may have hundreds or thousands of computers at their disposal. Some sites also allow the answer to be off by one digit, which would significantly increase the success rate.

Based on their results, the authors conclude that more of just about everything is better: more speakers, more characters, more distortion, and longer strings of tokens all seem to make a difference. As a result, they have expanded their own service to include all numbers from 0 to 99.

Read the full findings here.

Audio CAPTCHAs Easily Crackable

The world recession may be helping cyber crooks to trick people into opening their homes and bank accounts and becoming “mules” for laundering money or stolen goods, says the Associated Press.

McAfee’s annual “Virtual Criminology Report” says 873 money-mule recruitment Web pages were detected in Britain in the first half of 2008, “a 33 percent increase over the first half of 2007,” says the story, going on:

That data [sic] was compiled by APACS, the United Kingdom’s payment-industry trade group.

More evidence emerged from a recent study by Panda Security, a Spanish software vendor that found that job-related messages hit a record of 0.3 percent of all spam in October, nearly triple the proportion from August. And the success rate in recruiting money mules rose to 1.8 percent in October, from 0.5 percent in August.

The company tracked the figures with another unnamed large security firm which was monitoring active mule networks, says AP, adding:

“Computer attacks in general have sharply increased in the past few months.

“IBM says the number of daily attacks it spotted against Web servers and computer networks increased 30 percent over the past four months, to more than 2.5 billion attempted incursions worldwide.

” ‘Those are very scary numbers,’ said Gunter Ollmann, chief security researcher for IBM’s X-Force security services team’.”

Excerpted from:
Recession helps computer criminals

Unsurprisingly, we’re seeing increased hacks and social engineering attacks at retail sites during the months leading up to the holiday season –

Hacker attacks against retail sites increased by 161% in the July to November period compared with the first six months of this year, according to security firm SecureWorks. After a big increase in network-scanning reconnaissance attacks in October, hackers dramatically increase efforts to fraudulently authenticate themselves to e-retailers, the firm says.

The authentication exploits include attempts to determine consumers’ user name and password combinations, which would allow criminals to make fraudulent purchases. “It is not surprising that the attempts to steal customer credentials greatly increased just before the holiday shopping season,” says Wayne Haber, director of architecture at SecureWorks.

Read the full article here.

View original here:
Holiday Fever Leads to Hacking

America has overtaken China as the source of most malware.

So says a report from UK security firm Sophos, quoted by IT Pro.

The US hosted 37 per cent of the world’s malware in 2008, ahead of China with 27.7 per cent,” says the story.

“Russia was in the third place with 9.1 per cent, while the UK was down in seventh at 1.7 per cent,” it says, also stating the US relayed the most spam, at 17.5 per cent.

“To emphasise the extent of the US based problem the report highlights how when US hosting company McColo was taken offline, the amount of spam sent reduced by up to 80 per cent – albeit for a short time,” says IT Pro.

“Not only is the USA relaying the most spam because too many of its computers have been compromised and are under the control of hackers, but it’s also carrying the most malicious web pages,” it has Graham Cluley, senior technology consultant for Sophos, saying.

According to the report, “most attacks occur through networks of computers that have been linked together to form an attack platform, having been commandeered by hackers completely unbeknownst by their owners,” it says, adding:

Further revelations are that state sponsored cybercrime is also on the rise, with China, North Korea, Russia and Georgia among those accused of virtual espionage.

Also highlighted was a major rise of malicious email attachments, designed to steal identities and financial details, and also in hackers breaking into peoples accounts on social networking sites such as Facebook in order to send spam and malware.

Credit:
US takes the malware lead

Greg Garcia stepped down from his post at the Department of Homeland Security on December 5th.

Says Government Computer News:

President-elect Barack Obama intends to move cybersecurity up a rung in his administration by creating a federal CTO and putting a high-level adviser back into the White House, and this is a good idea. Cybersecurity is not just a governmentwide issue. It is a global issue that cuts across national and public/private sectors. The White House is the proper place for establishing agendas and priorities on international issues.

This is not to say that DHS will not have an important role in implementing these initiatives, and the challenges facing the next secretary and assistant secretary will be significant in this area. Gov. Janet Napolitano, Obama’s choice for DHS secretary, will take over a department that is not long out of its infancy as far as Cabinet-level departments go. It is toddling, and toddlers tend to fall a lot and need quite a bit of direction. But toddlers also can mature and develop their skills surprisingly quickly if the proper direction is provided. The next secretary and assistant secretary will have to ensure that the progress now under way continues.

Read the full article here

Read the original post:
Assistant Secretary for Cybersecurity Steps Down

It’s ALIVE

One of the three botnets cut off by the shutdown of rogue ISP McColo is back in business. The Mega-D botnet is back on its feet and throwing off huge volumes of spam, net security firm Marshal8e6 reports.…

Originally posted here:
Penis pill botnet awakens after McColo shutdown

Here’s one security device you can get for cheap — a paper shredder.

Avoid the big mistake this medical office made and don’t throw your personal info away:

Boxes with documents detailing confidential patient information, such as Social Security numbers and personal medical history, were found discarded next to a medical office building, which officials said could be a violation of patient confidentiality laws

read the full article here.

Read more:

This Web site was created to be a clearing house for technical IT security queries, and we are still fielding quite a few of those. But we continue to receive a broad variety of fascinating questions …

More here:
IT Security Ask the Experts: Top Queries, November 2008