Spyware Hunter

Sunbelt Software recently announced the top 10 most widespread spyware threats for the April 2007. The information have been derived from monthly scans done by Sunbelt’s award-winning anti-spyware product, CounterSpy.

The top ten most prevalent spyware threats for the month of April are:

(1)Trojan-Downloader.Zlob.Media-Codec 1.68 per cent
(2) Virtumonde 1.59 per cent

(3) Trojan.FakeAlert 1.16 per cent

(4) ClickSpring.PuritySCAN 0.61 per cent

(5)Malware-Stopper 0.52 per cent

(6) Trojan.Unclassified.gen 0.38 per cent

(7) Trojan-Downloader.Win32.ConHook 0.30 per cent

(8) 180solutions.SearchAssistant 0.30 per cent

(9)Trojan.Smitfraud 0.28 per cent

(10) SpyLocked 0.26 per cent

Read

Robot Genius, an Oakland, Calif.-based start-up, recently said to have created a new suite of security softwares developed to fight nasty software assaults such as spyware, adware, and rootkits by a threefold approach of prevention, finding and remediation. The products are able to be downloaded independently or utilized together.

The first module of the software package is RGcrawler Data, an automated Web crawler for pinpointing and trying out likely nasty software on the Internet; the 2nd is RGguard, a browser plug-in that cautions the user of possible attacks; and the 3rd is Spyberus, a behavior-enabled security client developed to hunt down and undo the results of nasty software deployed on a computer.

The company maintains that Spyberus has a 99% success rate in reversing spyware, adware, rootkits, and other types of nasty software. Free trial versions of RGcrawler Data and Spyberus can now be availed on Robot Genius’ Web site; RGguard is coming soon.

Read

Small firms have been called on to keep away from being apathetic while it comes to skirmishing security, it has been purported. Recent research from the FBI discovered that 90% of small companies had experienced a security crisis with the last twelve months, so far the National Cyber Security Alliance (NCSA) has maintained that most are even now not defending their resources, as said by vnunet.com.

Ron Teixeira, executive director of the NCSA was quoted as saying,

Even though small business recognize the need to make cyber-security a priority, many are intimidated by the perceived resources needed to implement the right security plan.

As a remedy to this, the NCSA has recommended organizations to utilize effectual passwords and powerful authentication processes, plus to deploy anti-virus and anti-spyware products. Likewise, a security contingency plan ought to be in place in the event that a system is exploited, it included. In the meantime, a Scottish hacker who gained entry in US government PCs from his North London flat could face 40 years in jail if his newest appeal is ineffective this week. But Gary McKinnon, 41, claims he was just trying to come across aliens.

Read

Fraudsters are reported to be active in Sussex and its nearby areas. They are said to be committing theft of one’s ID and make use of it to obtain money, credit or goods in their ’s name. ID fraud is claimed to be flourishing in the country seeing that crooks commit theft of someone’s ID and utilize it to get money, credit or goods in the person’s name.

One of the county’s ID theft hotspots is said to be Central Brighton, where almost 35% of its populace are victimized by a high-risk of ID theft crime, whereas Horsham, Haywards Heath, Worthing and Chichester are the other areas in Sussex that have been highlighted as other ID theft hotspots in the study by credit experts.

The police have warned people that ahead of throwing their credit card receipts, bank statements and bills, considering them their regular rubbish, they should think twice and thrice as the thrown rubbish could make an easy way for the offenders to commit theft of their personal or private info. Sussex Police further say that another way for offenders to obtain personal information is card cloning, wherein a dishonest staff in shops or restaurants swipes a card and info are downloaded onto a PC.

Not only this cash machines are also being targeted by the offenders, frequently putting bogus facades on the machines to copy people’s pin numbers. Sussex Police is now forewarning public not to throw any personal documents into their waste and to shred anything they think might consist of their personal information. Detective Chief Inspector Trevor Bowles, of the main crime branch at Sussex Police, said: “There are a number of ways people can protect themselves against identity theft.

Read

Security experts have warned of surge in viruses disseminated in terms of actually worth-trusting password-protected zip file attachments. Email Systems, Messaging security expert, maintains more virus designers than ever before are providing their nasty code as either an encrypted or password-sheltered email, leading even the security-savvy to get prey inadvertently.

The first viruses concealed in purportedly safe and sound zip attachments were spotted 6 months back, stated Greg Miller, marketing director at Email Systems. He maintained the condition has gone downhill significantly in current weeks with a major swell in many such mails being spread.

Millar said,

This is another step change in the tactics of the virus industry. We’ve seen a drop off in viruses delivered by email in the last year or so. Now there’s obviously been another fluctuation in what virus writers are up to. They are getting even cleverer, and hiding the viruses a little bit.

Read

GFI Software recently launched its EndPointScan, a free of charge online service, which is said to enable users to be aware of the tools connected to PCs on their network and by whom they have been connected. With the use of this problem-solving device, the users are allowed to make out those areas where the utilization of portable storage devices might cause a threat to the integrity of the company’s systems and data. The wild utilization of portable mass storage devices, like smartphones, CDs, floppies, MP3 players, handhelds, iPods, USB sticks and digital cameras, built-in with data theft methods like ‘pod slurping’, are a main risk to network security and might cause security violations, data theft, viruses and other malware, which are being uploaded to a company’s network.

Identifying what tools are connected on the users’ network and the risk caused by them is the 1st move towards lessening these threats and for this EndPointScan has been brought about. EndPointScan performs grainy checks through all kinds of ports comprising USB, Infrared, Firewire, Bluetooth, PCMIA and Wi-Fi, on all systems. This utility claims to make available comprehensive and meticulous info regarding all handy tools and is capable of scanning many PCs all together. GFI EndPointScan is at one with recent network management or administrative devices like Active Directory and will also perform on Vista systems. EndPointScan is fully free of charge.

Read

The ostensibly never-ending creativeness and passionate attempt of spammers is as commendable as it is a waste of talent. As soon as spam filter purveyors get the hang of putting a stop to image-based spam, the spammers come across a new-fangled technique to absolutely nullify it. Image-based spam bursted out previous year as a way of circulating round the word filters utilized on client and server e-mail filtering software. Rapidly, image-based spam grew to make up 30% of all spam.

Instead of coming across uncanny techniques to write “Viagra” or “mortgage” or stock symbols for pump and dump schemes, the text would be scripted in a JPG and the filters were not able to grab hold of it. Thus spam filter purveyors exerted themselves in scrutinizing implanted images in e-mail files. As it is being made by the products in to market, Secure Computing’s labs claimed to have stumbled upon that spammers are making use of image hosting sites and a few HTML code to let the image pop up in the e-mail. Secure Computing’s Chief Research Scientist, Dmitri Alperovich, was reported to have maintained that as the image is hosted instead implanted, image filters don’t check the file. And as HTML tags are utilized, the image emerges within the e-mail similar to the implanted image.

Read

Federal agencies are being encountered with on the rise cybersecurity threats, which are said to be the outcome of potentially complicated techniques of attack and the combining of once distinctive kinds of invasion into more multifaceted and destructive forms.

Instances of these threats are spam, phishing, and spyware. With the aim of handling these problems, security experts were asked to find out: (1) The possible risks to federal systems from these rising cybersecurity threats, (2) The federal agencies’ views of threat and their measures to tone down them, (3) Federal and private sector measures to deal with the threats nationwide (4) Government-wide challenges to shielding federal systems from these risks.

Spam, phishing, and spyware cause security threats to federal information systems. The combination of these risks brings about extra threats that cannot be simply alleviated with presently available tools. Agencies’ insights of the threats of spam, phishing, and spyware show a discrepancy.

Additionally, the majority of agencies were not making use of the information security program needs of the FISMA Act of 2002 to these increasing threats, with carrying out risks evaluations, putting into practice effectual extenuating controls, making available security alertness training, and guaranteeing that their incident-response plans and procedures addressed these threats.

Read

New Zealanders are very shortly going to be capable of reporting PC security violations suffered by them like hacks, viruses and Trojans incognito online. NetSafe would like to gather info on attacks beginning soon after this year. Non-profit Internet safety group will make use of the info to monitor what types of invasions are happening and how to put a stop to them in the long run.

NetSafe is said to gather the data, strip out any identifying info, and utilize the results to make out which kinds of businesses and households are being attacked, and through what assaults. It will utilize this for studying and planning edifying drives. Sean Lyons, Training and development manager, expects people will report cyberattacks like virus affectivities and hacking efforts beyond only altruistic motives, as NetSafe will make use of the info to make people better ready.

Read

Sophos recently came up with the findings of its research into global cybercrime activity through Q1 of 2007. The results disclose that the total number of new-fangled pieces of malware has developed radically, with the most nasty code writers selecting the web as its vector of choice.

Let’s take a glance at Q1 of 2007:Number of malware over doubled (23,864 latest threats) likened to Q1 of 2006. Overall Spam disseminated went up to 4.2% during the same time previous year. Decline in total bug-ridden emails — from 1.3% to only 0.4%. On average, 5,000 latest bug-ridden web pages were detected every day — Troj/Fujif comprised 50.8 per cent of the ‘top 10 malware families hosted on websites’ - China detected as top nation hosting web-enabled malware that was almost 41.1 per cent.

In Q1 of 2007, Sophos claimed to detect 23,864 latest threats — over double the number made out in the similar time previous year while the company claimed to identify 9,450. In the meanwhile, the percentage of bug-ridden email has come down from 1.3% or one in 77 emails in Q1 of 2006, to only 0.4% or one in 256 emails in 2007.

Bug-ridden websites cause greatest threat

From January to the ending of March, Sophos claimed to have spotted an average of 5,000 latest bug-ridden web pages every day, signifying that this route to infectivity is getting increasingly all the rage amongst cyber crooks. With PC users getting more and more alert to defend against email-aware viruses and malware, hackers have switched over to the web as their favorite vector of assault.

The top 10-malware families hosted on websites in Q1 2007 were:

1. Troj/Fujif 50.8% 2. Troj/Ifradv 12.1% 3. Troj/Decdec 10.4% 4. Mal/Packer 6.3% 5. JS/EncIFra 5.5% 6. Mal/FunDF 2.3% 7. Mal/Psyme 2.2% 8. Troj/Zlob 2.0% 9. Mal/Behav 1.2% 10. Mal/DelpBanc 0.4% Others 6.8%

Read