While it may not be too surprising to many security experts, malware has been in the increase for a long time now. Malware is not showing any signs of letting up and it was found certain computer parasite variants, such as ZBot, are flooding the cyberworld at record levels.

From Ecards to Trojans that steal login credentials, it is an epidemic of computer parasites like we have never seen before. According to Fortinet’s report, there has been a consistent trend of software vulnerabilities increasing from just the months of July into august. A new method for hackers to attack systems is by remote. A large number of recent attacks involve cybercriminals planting or injecting websites with malicious code to infect other systems. In addition, botnets are on the increase allowing remote users to control a group of systems to perform malicious actions.

It is becoming a time when the criminals use some of the old tactics with upgraded tools that are more sophisticated and not easily detected by some security applications. New vulnerabilities such as those found in Microsoft Office Web Components, Adobe Flash and Adobe Reader are just a few to name that had new exploits in the past two months. This is an easy way for an attacker to penetrate ones system to either steal personal information or compromise use of the computer.

You may ask, what can we do to protect ourselves? Security experts will tell you that the best thing you can do in the interim is make sure all of your software is up-to-date with the latest security patched applied. It is also best apply the latest definitions to your security applications as well.

An independent testing group based out of Germany has been maintaining malware collections for the purpose of testing anti-malware products over the past few years. The data on collection of malware is a clear indication of the growth rate and AV-Test.org, the German testing group, was able to compile this information and put it into a graph form.

[image source: av-test.org]

For demonstration purposes, the graphs showing new unique samples added to AV-Test.org’s malware collection, reinforces the suggestion of malware rapidly spreading and increasing at an alarming rate.

[image source: av-test.org]

AV-Test.org was also able to demonstrate the total size and growth of the malware collection. If you look closely, then you will notice a steep climb of the red line. This shows that the growth of malware has already increased double-fold from just 3 years ago. The likelihood of a company that produces and markets security tools to combat malware to lag behind the hackers that create this malware is very common.

Do you foresee the hackers having a major advantage over security firms or the software that is used to detect and remove malware parasites? Will it get out of control or is it already too late?

CA Security Advisor Research Blog has warned computer users of a new mass-mailer spam campaign that sends out messages including a .ZIP file attachment which contains malware. Spreading through an older method via P2P (peer to peer) networks, is an onslaught of fictitious emails asking computer users to either join a social network or appear to be an invitation card.

The spam emails that were discovered to be currently circulating over the internet can be very deceiving. The messages actually look legitimate as if they were sent by well-known websites.

• The fake Twitter emails appear to be an invitation to join Twitter but it is fake and contains a malicious .ZIP file attachment. See Figure 1.
• The fake Hallmark email appears to be a postcard. This email also has a malicious .ZIP file attached to it. See Figure 2.
• A fake Amazon email comes in the form of a shipping conformation but it is fake as well. It contains virtually the same malicious .ZIP file. See Figure 3.
• A fake Hi4 email has an invitation card and message with an “Invitation Card.zip” file which is malicious. See Figure 4.

Figure 1.

Figure 2.

Figure 3.

Figure 4.

[images source: community.ca.com]

Users should take warning to these fake email messages. You should limit the download of attachments from email messages unless you are 100% sure of the source. Usually e-cards, initiations and social network emails do not contain attachments especially in the form of a .ZIP file.

Ever seen any of these emails in your inbox?

The position that Rod Beckstrom held was one that involved forming a relevant cybersecurity policy for the better of the government as a whole in part of reporting to the US Department of Homeland Security. Some may speculate that Mr. Beckstrom’s office’s organization was one of the contributing factors to his resignation. The Wall Street Journal commented on his office stating Mr. Bechstrom’s office “was funded for just five weeks out of the past year and had just five people working in it. During the rest of the period, he borrowed staff and office space from other agencies.”

While many new organizations and some of the newly appointed officials in government move to make changes and face unprecedented issues at hand the confusion begins. Information security is one task that is moving faster than ever and it may be very difficult to properly structure a fairly new setup or appointed officials to meet those demands.

[image credit: US department of homeland security dhs.gov]

We know firsthand how fast threats creep up on networks and effect direct or indirectly security infrastructures across the nation. Tackling a fast growing problem may be enough to make one resign from holding such a position as that of Rod Beckstrom. We are not staying that was the exact reason as we can only image the intensive task of combating cyber security threats and the over-all security infrastructure or any type of government or organization. Hackers are busier than ever and are not backing down at anything. Either way you put it, cybersecurity or the lack of, is a threat to all of us.

Why do you think Rod Beckstrom resigned?

Lately attackers have been putting up comments and posts on Digg stories and YouTube videos that contain a link claiming to link to a video, usually pornographic, which essentially infects the user with malware. This comes as no big surprise as hackers and cyberthieves are ramping up actives during the slumping economy seeking some type of monetary gain.

We are certain that you are familiar with YouTube and have an idea what Digg is. Digg is a social network designed to allow users to post interesting stories where they may get Dugg-Up if it is a popular subject or post. Digg allows users to post comments with links in them. YouTube allows users to post links within video posts but the spread of malware through comments is not as prevalent as it is with Digg currently. The attackers are promoting malicious links that are promising to be anything from a celebrity video to pornographic material. Many computer users who do not know any better may fall victim to these links where malicious files or programs may be installed or downloaded onto their computer.

From the newly reported malicious links it was found that many of them infect a computer through a process of prompting users to download a codec to view a video. One of the fake video codec downloads was found to be VideoPlay adware which is a worm that steals email logins and other personal information stored on your computer. The worm may further spread through a removable drive where it could infect other machines.

What type of comments or links should you look out for?

Some of the fake titles or story subjects in comments that you should look out for are reported to be of those related to “Megan Fox naked”, “Christian Bale freak out dubbed with video” and “Jessica Simpson Hotel Sex Tape.” The type of comment may vary as the attackers find new subject matter to exploit only to entice users to click on their malicious links.

It is highly advisable that you avoid clicking on links within comments on Digg and also embedded links found on YouTube video pages. Over 500,000 comments on Digg.com alone were found to be malicious. This may be a confirmation that these attackers are using automated scripts to post the comments that contain malicious links. Either way, you must use your gained knowledge so that you are aware of the dangers of clicking links within Digg.com comments and/or YouTube video page links.

Have you ever been redirected to a malicious site or promoted to download a video codec by clicking on a link found in a Digg.com comment?

Some of the banks included in the Heartland data breach are located in 40 states as well as Bermuda, Canada and Guam. This information was explained by BankInfoSecurity.com’s news portal.

With today’s day and age of hackers breaching big companies and the economy slump, it only adds to the rate that we will see systems being compromised or attacked by cyber thieves. Hackers are hurting due to the economy also just like the common working force around the world which only makes matters worse when it comes to online security.

BankInfoSecurity.com has posted the names of 157 banking institutions that have publicly disclosed to customers that they were victimized from the Heartland breach. Heartland is a large payment processor located in Princeton, NJ.

What does this breach mean?

Most of the banks of the list of being breached are smaller institutions and only a few larger banks. A small percentage, around 33%, of the banks may have had credit and debt card information compromised during this initial Heartland breach. The total number of cards compromised may be around 300,000 which is an alarming number considering this information could be in the hands of hackers who are looking for monetary gain which is the ultimate purpose of the breach being initiated. As you may know with credit and debit card information in the wrong hands it could lead to mass amounts of money being lost by many customers of these institutions.

The Heartland breach already lead to a class-action lawsuit filed against the company which may be a result of intruders breaking into the system sometime last year where it went undetected for a long time. It seems Heartland may have failed to take the necessary precautions. The details of the older breach have not been publicly disclosed.

What can you do to protect yourself in spite of an unfortunate breach happening to your financial institution?

One thing that can be done is closely monitor your accounts. Many companies offer credit monitoring services which may include a multitude of features that monitor your banking activity. This is a good preventative measure to proactively stay ahead of the cybercriminal game.

This Valentine’s Day brings about another holiday that hackers can use to their advantage. You may ask, how would they use Valentine’s Day to affect more computer users? It is very simple for them, more people will be expecting to receive something for Valentine’s Day from Valentines eCards to flowers and candy to emails just to say that someone cares. Of those electric greeting cards that are sent it is sure to be many of them that are malicious or found to be spam messages that link to a malicious site to download malware.

Electric greeting cards or eCards have been something cybercriminals have used for several years to spread malware. Security researches lately have taken a poll, posted on Sophos, that says about 82% of system administrators say electronic greeting cards put computer security at risk. Be assured, come Valentine’s Day, the cybercriminals or hackers will be increasing their efforts in sending out spam messages disguised as Valentine’s eCards. What better way to trick someone than by sending a Valentine through an eCard? You pretty much know with a certainty that the recipient will open the eCard message. If you had a secret admirer who sent you an eCard then why wouldn’t you open the message?

Below is a video that Sophos has created and posted on their site about Valentine eCards in the office. This video is pretty hilarious and while it may be portrayed with a humorous tone, the idea that eCards may be dangerous is a very real issue that could affect everyone.

Sexist public information film about Valentine eCards in the office from Sophos Labs on Vimeo.
Disclaimer: Please bear in mind that this poll is not scientific and is provided for information purposes only. The comments expressed on this page are those of a subsection of poll participants, and not necessarily those of Sophos. Sophos makes no guarantees about the accuracy of the results other than that they reflect the choices of the users who participated. Sophos reserves the right to edit participants’ comments for the purposes of clarity, brevity and decency. Sophos reserves the right not to publish the comments of all participants.

Will you still send an eCard to someone this year for Valentine’s Day? Do you expect to receive several Valentine’s Day eCards come February 14th?

Test workers at the US Justice Department never expected to get a hoax email sent to them. That is exactly what they got, a hoax email sent to them that phished for sensitive information. Later reports verified that these messages were sent out to test the department’s security awareness. Have you ever heard of such measures being taken to test out a department’s security awareness?

In our opinion, this was a good test. Not only will it weed out the weakest links within an organization but it reveals the effectiveness of security policies and measures put in place at a given company or facility. The Justice Department hoax email strategy is just one method for testing out others ability or inability to effectively practice security measures.

The hoax email sent out in this situation lead users to phishing sites where personal information was asked to be filled out by an employee. The email was confirmed as a security test which the DOJ has been doing for about three years now. As explained by Gina Talamona, Justice Department spokeswoman, “Scenarios are intended to represent an example of persistent cyberthreats facing today’s Internet users.”

As far as the results of this test conducted, they are not available for discussion as we would think coming from a US Government department.

Is this a good idea and way to test the security of a particular office or department? Should other companies use this same strategy to put their employees to the test when it comes to company security? What if they fail the test? Should they be fired or reprimanded?

The first few days of President Barack Obama being in office have been very busy. One of the new tasks at hand includes outlining the cyber security strategy. Basically, an attack on the nation’s most vital information networks would be very devastating. One of the plans is to boost investment and research to help prevent an attack.

Some of the new plans closely resemble the recommendations offered last year in regards to computer security. President Obama was urged to setup a high-level post to tackle cyber security where he would consider new regulations and shore up the security of the most sensitive computer networks in the nation.

Posted on the Washington is the strategy outlined which is included in its entirety in the broader policy document on homeland security priorities. This document is posted on the Whitehouse.gov website. Below are the highlighted goals.

• Strengthen Federal Leadership on Cyber Security
• Initiate a Safe Computing R&D Effort and Harden our Nation’s Cyber Infrastructure
• Protect the IT Infrastructure That Keeps America’s Economy Safe
• Prevent Corporate Cyber-Espionage
• Develop a Cyber Crime Strategy to Minimize the Opportunities for Criminal Profit
• Mandate Standards for Securing Personal Data and Require Companies to Disclose Personal Information Data Breaches

It may be obvious that many of these goals are needed to safeguard our nation’s cyber security infrastructure. Not only for the safety of our government but to aid in the protection of the citizens of the United States.

Do you think that these measures and goals put in place will be enough to combat cyber attacks?