My news stories on Infosecurity Magazine, Friday 2 March:
“ACTA’s harm greatly exceeds its potential benefits…”
Yesterday the Directorate General for External Policies at the European Parliament held a workshop on the The Anti-Counterfeiting Trade Agreement (ACTA).
02 March 2012
Compromised websites leading to banking malware
M86 Security is warning that recent spam campaigns are luring victims to compromised websites that redirect to malicious Phoenix-hosting sites, which in turn seek to infect the visitor with the Cridex trojan.
02 March 2012
The ten most important security events and issues from 2011, and what they presage for the future
Kaspersky Lab’s analysis of the ‘evolution of malware’ during 2011, from the rise of hacktivism to the emergence of Mac malware; and the consequent lessons for the future.
02 March 2012
I got this email from personalinjuryattorney.org. It asked me if I would “review personalinjuryattorney.org, and if you agree that it’s a valuable resource, perhaps consider adding a link to it from your site kevtownsend.wordpress.com?”
Never in a million years.
I quote from my earlier post: “I don’t have any precise figures, but I’m willing to bet that the amount the insurance company pays to the ambulance-chasing RealLawyersJust4U, and the host of expert witness ex-medical businessmen hangers-on who prod and poke the physical and emotional victim, will dwarf the amount paid out in compensation to the injured human being… What is required is a change in the process so that the victim receives more and the lawyers and experts (who treat the victim as little more than a very lucrative meal-ticket) are removed from the equation.”
Last week’s news stories (Jan 30 to Feb 3):
Security researchers break satellite phone encryption
German researchers have cracked 2 satellite phone encryption codes – huge implications.
EU publishes 10 Myths about ACTA
EU says ACTA ain’t bad, just misunderstood.
VeriSign repeatedly hacked in 2010
VeriSign was repeatedly hacked in 2010, and never even told its own senior management.
Science and Technology Committee publishes Malware and Cyber Crime report
Commons committee makes recommendations on how to tackle cybercrime.
New development in post-transaction banking fraud
Banking malware now seeks to divert telephone calls between banks and customers.
Counterclank is not malware, just aggressive adware
Contrary to Symantec’s initial claim, Android’s Counterclank (Apperhand) is not a trojan.
Major UK companies still not blocking porn namesakes
UK companies remain open to cybersquatting by YourBrandName.xxx
New Forrester Report: Big Data Risks
Forrester describes how to secure Big Data.
Resilience is the key to security says World Economic Forum
WEF suggest an holistic view of resilience to risk rather than an isolated view of prevention.
A call for a new standard in infosec training and awareness
We need a new standard to improve security awareness in users.
IE6 users: no longer caught between a rock and a hard place
A new product allows legacy IE6 applications to run in new versions of the browser.
75% of all new malware are trojans
PandaLabs 2011 report is full of facts, figures and information.
Spam and phishing are growing problems: DMARC has the answer
A new standard is being developed to help stop spam and phishing.
CSO Interchange: Cloud concerns are largely propaganda
Misunderstandings about the cloud make it seem a problem rather than an opportunity.
Up to five million Androids infected with Counterclank
Android’s largest ever infection reported by Symantec.
I’m not behind Kelihos botnet, claims Sabelnikov
Man named by Microsoft says I didn’t do it, guv.
You have to marvel at their cheek. pizzahutonlinecoupons.scam just tried to post the following in the comments:
This is an anti-spam message|| Join the anti-spam movement! Accept this comment and do your part spreading the word that we will NOT be spammed anymore.Do your duty and pass it on by posting on a friends blog!
Isn’t this wonderful? Google, never one to miss an advertising opportunity, advertises ‘Spam Swiss Pie’ in my Spam folder.
Strictly speaking, of course, they’ve got it wrong (although it could be part of the joke): it should be SPAM not spam. It’s a genuine recipe using the SPAM meat product, reproduced here from recipesource.com.
Now I know i am just a grumpy old git – but this sort of thing so annoys me. I got this in my email today:
Technically, it’s spam, because it is certainly unsolicited. But I usually take a fairly relaxed view over what is spam and what is not. This is something I would tend to call marketing – if it were targeted to people who might be interested. But I am not interested. And for one very good reason. I don’t have an iPhone. In fact, I don’t have any smartphone. (Readers may recall my aversion to fried brains.)
So why have they sent me this? The answer may be at the bottom of the email:
First of all it says my email address has been given as a referral from a friend. That’s a lie. I don’t have any friends. Or rather, hopefully, it’s a lie because I don’t have any iPhones. But then it says the mailing is from a company called MailChimp.
The point here is that one of them, either iFindiPhone or MailChimp, is lying. I have no way of knowing which – so I put both into the same category. Both companies are lying spammers. That’s the impression I get. It is possible that only one of them is. But the net effect is that I won’t touch iFindiPhone with a barge pole. When a marketing company tells lies, it becomes a spamming company.
StopMalvertising has an interesting dissection of some Twitter spam that tries to beat discovery by impersonating a bit.ly URL.
But the thing that really caught my eye was the impersonation of bit.ly. People are so used to see shortened URL’s and bitly everywhere so that the chance of the link being seen as a trusted source, and thus clicked, is highly increased.
There is no bitly involved here, only short URL’s created by bitly.thruhere.net and they redirect to articles on various websites…
Twitter Spam Impersonating bit.ly