NSA on Computer Network Attack & Defense

I spent the past few days in Mexico City participating in the annual meeting of the Honeynet Project, an international group dedicated to developing and deploying technologies that collect intelligence on the methods malicious hackers use in their attacks. The event brought in experts from around the globe, and our hosts — the National Autonomous … Читать далее

Infamous Storm Worm Stages a Comeback

The “Storm Worm,” a strain of malicious software once responsible for blasting out 20 percent of spam sent worldwide before it died an ignominious death roughly 18 months ago, was resurrected this week. Researchers familiar with former strains of the worm say telltale fingerprints in the new version strongly suggest that it was either rebuilt … Читать далее

Fake Anti-virus Peddlers Outmaneuvering Legitimate AV

Purveyors of fake anti-virus or “scareware” programs have aggressively stepped up their game to evade detection by legitimate anti-virus programs, according to new data from Google. In a report being released today, Google said that between January 2009 and the end of January 2010, its malware detection infrastructure found some 11,000 malicious or hacked Web … Читать далее

To Catch a Mule

Much digital ink has been spilled in this blog detailing the activities of so-called “money mules,” willing or unwitting individuals here in the United States who are lured into laundering money for international organized cyber crime gangs. The subject almost always generates fierce debate among readers about whether these mules should be prosecuted, and the … Читать далее

Hiding from Anti-Malware Search Bots

Malicious hackers spend quite a bit of time gaming the Internet search engines in a bid to have their malware-laden sites turn up on the first page of search results for hot, trending news topics. Increasingly, though, computer criminals also are taking steps to block search engines bots from indexing legitimate Web pages that have … Читать далее

Charting the Carnage from eBanking Fraud

Aaron Jacobson of Authentify put together this map of all 43 of the U.S. commercial e-banking victims I’ve mentioned in stories at Krebsonsecurity.com and at the Washington Post’s Security Fix blog. Clicking on this Google Maps link brings up an interactive version of this map showing the names of the victim at each point on … Читать далее

Rogue Antivirus Gangs Seize on McAfee Snafu

Purveyors of rogue anti-virus, a.k.a. “scareware,” often seize upon hot trending topics in their daily efforts to beef up the search engine rankings of their booby-trapped landing pages. So it’s perhaps no surprise that these scammers are capitalizing on search terms surrounding McAfee, which just yesterday shipped a faulty anti-virus update that caused serious problems … Читать далее

Fire Alarm Company Burned by e-Banking Fraud

A fire alarm company in Arkansas lost more than $110,000 this month when hackers stole the firm’s online banking credentials and drained its payroll account. On Wednesday, Apr. 7, Ft. Smith based JE Systems Inc. received a call from its bank stating that the company needed to move more money into its payroll account, chief … Читать далее

McAfee False Detection Locks Up Windows XP

McAfee‘s anti-virus software is erroneously detecting legitimate Windows system files as malicious, causing reboot loops and serious stability problems for many Windows XP users, according to multiple reports. The SANS Internet Storm Center has received dozens of reports from McAfee users who complained that a recent anti-virus update (DAT 5958) is causing Windows xP Service … Читать далее

Krebsonsecurity.com Partners with Federated Media

Readers may notice over the next day or so advertisements in one or two prominent spots on this blog. This is the result of a new partnership between Krebs on Security and Federated Media Publishing, a company that connects independent Web site authors with advertisers. Federated Media currently represents more than 100 of the most … Читать далее