Web Security Review

For readers with a MySpace or Facebook account, please be vigilant and careful when accepting apps or widgets from your friends; they main contain Trojan viruses that steal information from your site and then send it all back to the one who created it. They usually do this by sending Trojans through apps or widgets that your friends sent you. According to researchers at Finjan, cyberattackers are now going to these social networking sites such to get more victims.

“Attacks will become more sophisticated by combining several services in order to heighten infection ratios and decrease the detection rate, while providing more robust and scalable attack frameworks,” Yuval Ben-Itzhak, chief technology officer, Finjan, said in a news release. “The focus will be on trojan technology as it enables maximum flexibility in terms of command and control. This adds another potentially malicious element to the “legitimate” web traffic that needs to be examined by security solutions.”

In short, before installing the app or widget that your friend sent you, confirm if it came from them. If it didn’t, kindly delete it immediately. If it did come from them, research on the app or widget from previous users.

Source

The US government may be hardening it’s stance against the growing threat from cyber-attacks and guess what they did to make it known? They got a hacker to provide them with an insight to act as adviser to the government, a move that would surely get him on every cyber-hit man’s roster or possible targets. They say he’s only on as an adviser but for the world of Black Hats, this is seen a s treachery, a move that counters all beliefs on which they function, to deny his own people. “Dark Tangent” as he was known during his hacking days, was hired by the new and fortified Cyber-Security command which is to try and bolster the ability of the US government to fend of attacks hopefully armed with his insight on how they work. Continue Reading »

Scareware, or a form of malware that tricks customers with bogus messages that leads users to sites that install fake security software for a fee. These tactics have long been used by hackers to get hard earned cash from people’s pockets for nothing. The software you install in turn asks you to get more and more software till you finally get it that the whole thing was a sham, with your cash long gone and the errors they were reporting. Many of these sites have been targeted by law enforcement in the past few years but there are still some persistent ones that manage to survive the best efforts of law enforcement agents. Continue Reading »

A long standing botnet was closed with it’s manager arrested and subsequently charged with cyber-crimes leaving him to deal with a 5 year sentence of which he is to serve 2 in jail and the rest on conditional release. He will be allowed out on the conditions he would have limited access to computers and the internet, seemingly to follow the movie “Hackers”. This victory comes after a hosting firm based in California was ordered shut by the FTC and FBI after it was proven to have hosted malware spreading sites and spamming botnets. He even when as far as selling the services of his botnet, using “bots4sale” as a catch phrase to people he knew were going to use it for spamming of close to half a million computers the world over. Continue Reading »

Image source: www.blog.webreakstuff.com
This is an alarming news, everyone. We all know about Youtube, right? Well, it’s dangerous as MySpace, FaceBook, or any online community now. Given that Youtube also allows “pg 13” stuffs, but that’s not the danger we’re talking about. That’s right. Some of the pages in Youtube have links that opens malicious machines into your computer. These machines have the ability to save your computer’s keystrokes, copies data, or even control your computer for another hacking scheme. Some people can separate the real and the fraud just by looking in the URL in the status bar, but it is much safer if you just search it in youtube itself. You know why? Some hackers make their preys open these links by making them their friends first. They just did this just because this is the time of election in the US, and youtube-users provide videos about the election, or their insight.

by Matt Hines

EC-Council University’s security science program aimed at helping qualified IT professionals advance their skills and take on high-level industry jobs.

EC-Council University, a New Mexico-based distance learning company, has launched the program to help qualified workers advance their training and move to the next level of the security profession.

Founded in 2006, the school is a spin-off of the International Council of Electronic Commerce Consultants, an online trainer that claims to have certified more than 40,000 IT professionals already, including 12,000-plus security specialists.

With the growing need for highly skilled security experts among businesses, EC-Council founders say there’s a scarcity of people who have all the know-how necessary to make the leap to CTO-level work.

“Traditionally, a lot of white hat hackers have been people with computer science backgrounds who taught themselves about hacking, but we’re trying to change the surface of the industry because we can’t leave this field of study up to chance,” said Jay Bavisi, president of EC-Council.

Continue reading from: infoworld.com