Help | Contact | Forum | Affiliates | Press
Purchase
Download
Features
Screenshots
Demo
Facebook has been the first internet company to baldly state the risks it faces from hacking and spam to the markets since the SEC issued guidance on the issue. In October last year, the US Securities and Exchange Commission told publically listed companies that it was about time they talked about the cyber-attacks they had suffered, particularly because online mischief could financially damage their products. One of the basic rules of listing on a stock market is that firms have to make their financial comings and goings public so that investors can make (relatively) informed decisions about whether or not to buy their shares. But up until last year, there was no push in the US for companies to 'fess up when they'd been hacked. Now the SEC says: Registrants should address cybersecurity risks and cyber incidents in their MD&A;[management discussion and analysis] if the costs or other consequences associated with one or more known incidents or the risk of potential incidents represent a material event, trend, or uncertainty that is reasonably likely to have a material effect on the registrant’s results of operations, liquidity, or financial condition or would cause reported financial information not to be necessarily indicative of future operating results or financial condition. Facebook's widely anticipated IPO, for which the social network hopes to net a cool $5bn, is the first to actually use the words "hacking" and "spam" in their list of risk factors for investing in the firm.
Google, Microsoft, Yahoo!, AOL and Facebook are setting aside their online rivalry to fight a common enemy: email spam and "phishing" attacks. The Web giants said Monday they have teamed up with Bank of America, PayPal and others to combat spam and phishing, where emails seeking to obtain passwords or other information are sent to unsuspecting recipients. Following 18 months of private collaboration, they announced the formation of a technical working group known as DMARC.org, drawn from the acronym for Domain-based Message Authentication, Reporting and Conformance. "Email phishing defrauds millions of people and companies every year, resulting in a loss of consumer confidence in email and the Internet as a whole," Brett McDowell, the chair of DMARC.org, said in a statement. "Industry cooperation -- combined with technology and consumer education -- is crucial to fight phishing," said McDowell, the senior manager of customer security initiatives at PayPal. The members of DMARC are proposing email authentication standards for email senders and receivers designed to make impersonation more difficult for the fraudsters behind phishing attacks. Currently, email providers must rely on "complex and imperfect measurements to separate legitimate unauthenticated messages sent by the domain owner from fraudulent phishing messages sent by a scammer," DMARC said.
(Reuters) - Some of the world's biggest Internet companies and financial services firms have developed a new approach to fighting email spam that they hope will reduce online scams. Facebook, Google Inc and Microsoft Corp have joined with financial firms Bank of America Corp, Fidelity Investments and eBay Inc's PayPal to create a set of industry standards for preventing criminals from sending out spam emails that appear to come from corporate email addresses. Fraudsters often pose as banks and other trusted firms in attempts to persuade email recipients to provide payment card numbers, bank account information and other personal data or click on links that infect computers with malicious software. The new approach calls for email providers and businesses to attack spammers by coordinating on a massive scale the use of two existing technologies for email authentication known by the acronyms SPF and DKIM, which have yet to be widely adopted. PayPal is one company that currently uses SPF (Sender Policy Framework) and DKIM (DomainKeys Identified Mail) technology standards to fight email spoofing, but only through partnerships with Yahoo Inc and Google, said Brett McDowell, a security manager at PayPal who serves as chairman of the group that developed the new standard.
SEATTLE (AP) — Facebook is partnering with Washington state to combat a type of spam called "clickjacking" that is plaguing the social networking site, company and state officials announced Thursday. Two separate lawsuits were filed in federal courts in California and Washington state against Delaware-based Adscend Media LLC, which officials say is behind the spamming. "The way we think about it, security is an arms race," Facebook's general counsel, Ted Ullyot, said alongside Washington state Attorney General Rob McKenna at the social media company's Seattle offices. "It's important to stay ahead of spammers and scammers." In "clickjacking," links on Facebook promising shocking or salacious videos have code embedded in them that spreads the link to the user's page. That makes it seem like the user "liked" the link, with the aim of attracting more clicks from the user's friends. The links eventually lead users to a survey or information from an advertiser. Adscend Media is spreading spam through misleading and deceptive tactics and has encouraged others to do the same, McKenna's office said. An email inquiry sent to Adscend was not immediately returned, and an attorney for the company had not yet been listed in federal court records. Social networking sites are popular targets for spammers because people are more likely to trust and share content that comes from people they know. This makes spam, scams and viruses easy to spread.
Nokia has been fined by Australian regulators for spamming its customers with text messages, Reuters reports. The company will have to pay AUS$55,000 for sending SMS marketing messages for its products and services alongside "tips" on how customers can best use their phones, but without offering a way to unsubscribe to the messages. The Australian Communications and Media Authority (ACMA) does not prohibit companies from using unsolicited text messages, but according to the Spam Act of 2003, those messages must be accompanied by a way to contact the company and unsubscribe. While the usage tips Nokia sent contained some "factual information" and weren't mere marketing, some were promotions for things like mobile phone accessories. Spam texts have proved to be a popular marketing method in Australia: ACMA reported a 370 percent increase in spam reports over the 2010-2011 fiscal year. Unlike the US, which only protects cell users from spam texts that arrive from a domain name (for example, an e-mail address) and not from all SMS spam, Australia frowns on spam sent directly to mobile numbers. In addition to paying the fine, Nokia will be required to train its employees to comply with Australia's Spam Act and to appoint a consultant to audit its systems and processes for sending texts to customers.
Global spam volumes continued to decline throughout 2011, but web malware encounters appear to be growing steadily, according to new research from Cisco. The Cisco 4Q11 Global Threat Report, which covers the period between October 1 and December 31, 2011, found that enterprise users experienced an average of 339 malware encounters online per month during the fourth quarter. Part of the serious danger here is that 33 percent of those attacks were using zero-day malware, which were not detectable by “traditional signature-based methodologies at the time of encounter.” For the year overall, Cisco tracked an average of 20,141 unique web malware hosts encountered per month in 2011 — compared to a monthly average of 14,217 in 2010. The average per month in 2011 was 362 web malware encounters, and the peak amounts were found in September and October at 698 and 697 encounters on average per enterprise, respectively. Denial-of-service events also increased slightly over the course of the fourth quarter, while the number of SQL injection signature events stayed steady.
McAfee has fixed issues in its Total Protection service that allowed attackers to take over computers to send out spam. A bug in McAfee's hosted anti-malware service was being exploited by spammers to turn computers into a spam proxy to send out large volumes of spam, David Marcus, director of security research at McAfee Labs, wrote in a blog post Jan. 18. Another flaw allowed remote attackers to abuse an ActiveX control to execute code. McAfee's SaaS Total Protection is a suite of software-as-a-service offerings that includes Web filtering, antivirus and anti-spam capabilities. The spam flaw was in the "Rumor" technology used within the suite. McAfee patched SaaS Total Protection on Jan. 20 to close both vulnerabilities, according to the blog post. "Because this is a managed product, all affected customers will automatically receive the patch when it is released," Marcus said. The Rumor feature allows agents installed on the computers to share antivirus, anti-spyware and firewall updates across the network instead of having to download them from McAfee servers individually. Downloading the security updates once and distributing them to all computers on a network mean organizations can save bandwidth and management time. Spammers exploited the vulnerability in Rumor to accept incoming connections on port 6515 and to respond by opening hundreds of outgoing connections with other servers, according to a blog post by Keith and Annabel Morrigan of British art company Kaamar. Spammers bounced spam messages off computers running the Rumor service agent to make it seem as if the messages were being sent by those machines.
McAfee will release a fix this week for a bug in its SaaS for Total Protection anti-malware service that scammers were using to distribute spam, the company said today. The problem came to light after McAfee customers reported in blog posts and forum sites that spammers were using a hole in McAfee's RumorServer relay service to secretly send spam from their machines. The customers said they noticed the problem after their e-mails were blocked by e-mail providers and their IP addresses appeared on blacklists. The problem is isolated to the SaaS Total Protection service, according to David Marcus, director of security research at McAfee Labs. There is no evidence that any customer data has been lost or compromised as a result of the problem, he said. "The patch will be released on January 18 or 19, as soon as we have finished testing," Marcus wrote. "Because this is a managed product, all affected customers will automatically receive the patch when it is released. There are two issues with the software. One vulnerability could allow an attacker to misuse an ActiveX control to execute code on victim's computer. The second one, which is the issue the customers complained about, allows an attacker to misuse the "open relay" technology in the software.
Hackers are targeting websites aimed at children, by embedding malicious software in free gaming sites, praying on the young as adults grow wise to their strategies. Child-focused malware first affected Chinese sites last year, but now arcade game sites worldwide are growing increasingly susceptible to malware. Avast, a European anti-virus firm, reported more than 60 arcade game sites with threatening, malicious software. The company singles out CuteArcade.com as the worst offender. CuteArcade.com, registered to a company out of the British Virgin Isles, features a trojan on the site itself. Avast researchers believe some of the sites are designed specifically with infection in mind, and think CuteArcade.com is one of those sites. Other sites corrupted by a third-party virus are often unaware of their threat, and look utterly innocuous. The majority of threats come from third-party ads on legitimate pages. The decision to target children reflects a larger move towards alternative methods of spamming and malware infection. As the general populace expands its computer literacy, the threats posed by ordinary pop-up ads and email scams aren't as effective anymore. Computer users are wary of messages from strangers and links promising riches to those who click. In response to the growing awareness, hackers are now tailoring their malware to children because they are less skeptical and savvy about online hazards.
Facebook revealed Tuesday how over the past year it has been fighting the infamous Koobface malware that spreads via social networks and builds out a botnet: It knocked one of the gang's command-and-control (C&C;) servers offline, which has resulted in more than nine months of no Koobface infections on the massive social network. Security researchers worldwide have been putting the screws to the brazen Koobface malware gang of late in hopes of derailing their operations. Names have been named, their photos posted online, but they continue to operate freely in Russia. Sophos Labs, which revealed Tuesday a detailed account of how it followed the trail to the alleged gang members, also released the names of the alleged perpetrators: Anton Korotchenko, Alexander Koltyshev, Roman Koturbach, Syvatoslav Polinchuk, and Stanislav Avdeiko. Koobface, which is an anagram for Facebook, had dogged the social network since 2008. The gang made money via pay-per-click and traffic referral schemes: Once a user got infected, his or her machine was redirected and, at times, duped into fake antivirus scams. The Koobface gang's central C&C;server was at the heart of the operation. But Facebook said that it killed that server back in March of last year: "... Facebook Security was able to perform a technical takedown of this 'Command & Control' mothership. And since then we have had no new sightings of Koobface for over nine months and our teams are working hard to keep it that way" according to post by Facebook's security group. That takedown apparently came with the help of researchers including indie researcher Jan Droemer, who worked with SophosLabs' Dirk Kollberg. Facebook says it will share the information and intelligence it discovered about the game with others in the security industry.
