Support our Sponsors


uClip Clipping Path Service



Main Menu
Home
News
Blog
Links
Search
Resources
Windows Software
Mac Software
Hosted Solutions
Server Software
Mobile Solutions
Login



Syndicate
feed-image Feed Entries

spamNEWS | botnet | phising | virus | spam | mallware
Bkav Released a Forecast about DDoS and Malware Attacks in 2015 PDF Print E-mail
Written by Administrator   
Monday, 26 January 2015 16:00


Bizhub.vn reported on 14th January, 2015 quoting Vietnamese security firm Bkav as "Malware and distributed denial-of-service (DDoS) attacks will continue to threaten network security in 2015."

It observes that hackers will continue to distribute links infected with viruses on social networks. Malware and Spy software which attack purposely will become more dangerous as they can change according to targets. Hackers will access penetration from backdoor of computers of victims to collect information about users and systems. When the data is sent to servers, it will be analyzed, exploited and selected to update malicious software with customized function for each victim and this sophisticated attack will be a target method for new-generation spyware.

The company advises users to install anti-virus software on computers and mobile phones.

Bkav added that DDoS attacks created much trouble for network administrators in 2014 and it will continue to happen this year because several enterprises and government agencies are depending on the Internet.

Bkav also highlighted some trends related to malware and the loss incurred due to them in 2014.

Bkav said that Vietnamese users lost around 400 million US dollars in 2014 due to malicious software programs.

The firm said that the virus has damaged around 8.5 trillion VND or 396.12 million US dollars in 2014.

The firm said that each computer user in Vietnam lost 1.23 million VND (57 US dollars) on an average to malicious software in 2014 which has been calculated on the income of victims and amount of time their work was disrupted by malware issues.

Presently, Vietnam has minimum 6.98 million users of computers across the country.

Bkav also released a brief report on Internet security in Vietnam in 2014 revealing that 90%of mobile phone users in Vietnam are regularly disturbed by SMS spam with 43% of them received at least an unwanted message per day.

The firm says that the virus which was spread through USB devices and fake apps are also threatening users in Vietnam.

Eighty-three percent of computers in Vietnam were infected with viruses distributed through thumb drives at least once in 2014 whereas only 13% of respondents said that they paid attention to the makers before downloading their apps.

Read more... - Bkav Released a Fore...
 
Security Researchers find Carberp in New Version PDF Print E-mail
Written by Administrator   
Monday, 26 January 2015 16:00


According to security researchers, the banker Trojan Carberp, which lately struck more than 150,000 computers in Australia, has been found yet again spreading in the country via bulk e-mails carrying the malware, reported cso.com.au, January 16, 2015.

Notably, after one ransomware attack massively infected Australian users locking their PC files till the time money demanded was paid, one known banker Trojan having its origin in Russia is likely to return in Australia.

Symantec's security investigators state that one fresh version of Carberp chiefly targets computers in Australia, with more than 50% of contaminations worldwide occurring here.

Given the name "Carberp.C," the malicious program captures online banking credentials that are stored on infected computers while it's getting disseminated through spam mails which carry a zipped attachment mimicking a bill. Quite naturally, the zipped archive in reality contains malware.

This malware, according to researchers, has the ability to contaminate both 64-bit and 32-bit computers while bears associated plug-ins that suit different CPU architectures.

One key revision to the "C" edition happens to be the coding volume which miscreants have expended on stealth.

Symantec explains that the new Carberp sample is intriguing because of the many parts the attack contains that aid in concealing the infection as well as in quietly pulling down more encrypted payloads for subsequent injection of the same into processes. Extra elements are implanted into the installer followed with zipping them, adds Symantec. Infosecurity-magazine.com published this, January 16, 2015.

According to Symantec's researchers, the widely spreading behavior of Carberp likely shows Oz as being one freshly-known area of attack for cyber-crooks.

Symantec repeats since Carberp.C is chiefly attacking Australian PCs, it could further indicate one more prevalent tendency of malware creators foraying inside the country like during the lately considerable expansion of crypto-malware striking PCs here.

During June 2013, Carberp's source-code became obtainable from underground forums just following the announcement by Russian officials that they arrested a person understandably the main culprit responsible for the financial badware. Then during November 2014, Trojan.Carberp.B was found; however, meanwhile, Carberp code was as well utilized for designing an amalgamation of Carberp and Zeus components that was named Zberp.

Read more... - Security Researchers...
 
Phishing E-mail Scam Targets Users of Outlook.com, says Malwarebytes PDF Print E-mail
Written by Administrator   
Saturday, 24 January 2015 20:00


Malwarebytes the cyber-security company has said that one offensive phishing e-mail scam is presently aiming at subscribers of Outlook.com thus possibly disturbing the total 400m people who're regular users of the non-chargeable electronic mail service.

It (Security Company) actually alerts users to one fake e-mail which posing as communication from Microsoft admonishes that their accounts would be disabled till of course they confirm their accounts' details. The message also provides a web-link that takes the victims onto one fraudulent site which captures those details.

Addressing recipients as Microsoft Users, the said e-mail informs them that Microsoft has temporarily stopped messages from coming into their accounts, as dubious and spam operations have been detected on their mailboxes connected with certain blacklisted e-mail ids; hence, to keep the users safe they require confirming their account particulars.

The e-mail then warns that failure to make the confirmation within 24-hrs will compel Microsoft towards deactivating the accounts for good.

Now, when the web-link is clicked, users get diverted onto one phishing site which exactly imitates the genuine Outlook.com site, different from the poorly constructed sentences because of incorrect grammar which explains the scams' objective for grabbing logins.

Thus according to Malwarebytes' Malware Intelligence Analyst Christopher Boyd, users must treat any e-mail with suspicion if it directs for logging in alternatively providing personal information, particularly in case there's threat of suspending accounts else mention about irregular operation. Cbronline.com published this, January 15, 2015.

However, for lessening the phishing scams' impact, specialists suggest some tips. These are never to follow web-links else view attachments within suspect e-mails. Rather one should go to his Web-browser and enter the URL inside its address bar and then log into his account.

But incase the person has already followed the web-link in that situation he should alter his password instantly.

Meanwhile, miscreants abusing Outlook.com with phishing scams has happened previously too, like during March 2014, fraudulent electronic mails were spotted that posed as Microsoft Account Team messages while making an assertion for recipients to follow one web-link for taking their e-mail A/Cs towards an upgraded stage as also establishing Outlook Web Access.

Read more... - Phishing E-mail Scam...
 
Scammers Vehemently Perform Phishing on LinkedIn Accounts PDF Print E-mail
Written by Administrator   
Saturday, 24 January 2015 20:00


Symantec the security company warns of scammers who keep on vehemently targeting social-networking websites for different purposes, including digging out private credentials with which to compromise and access users' accounts such as they are doing on LinkedIn the professionals social media site.

Actually lately, scammers attacked members of LinkedIn as they sent them phishing e-mails asserting as being LinkedIn Support messages. In those fake e-mails, supposedly unusual operations were cited on the members' accounts which required certain mandatory security update of such accounts. Essentially, the purpose was to get recipients towards taking down one attached form of the HTML kind as well as do as per the instructions given.

Senior Security Response Manager Satnam Narang at Symantec writes that the HTML attachment in reality is one spoofed login page and site of LinkedIn; however, the site's script within that HTML file comes altered that makes the account credentials of a member who accesses LinkedIn get transmitted onto the attackers' repository. Cio.com published this, January 14, 2015.

Narang continues that the file in attachment likely aids the electronic mails in defeating spam filters.

According to him, the technique evades browser blacklists which usually labels dubious websites thus enabling end-users remain protected against getting phished.

Narang further observes a modification in the LinkedIn term inside the spam mail where instead of using the upper case "I" the lowercase "i" is put. Consequently, the e-mail bypasses recognition by anti-spam filters while the difference remains unnoticed to users.

Significantly, the attackers managed in escaping automatic detection as well as make a phishing site that even lasted long; however, the fact is that websites don't conduct updates, especially security updates via dispatching e-mails to consumers.

Senior Security Analyst Fred Touchette with AppRiver stated that scams of the above kind were getting more-and-more frequent so enterprises required adopting the necessary safeguards. V3.co.uk reported this, January 15, 2015.

Meanwhile, it's advisable that LinkedIn account-owners enable the dual-factor validation security feature which's possible via the profile's included security and privacy configurations while it makes sure that incase user's password/username go missing, another code dispatched onto his mobile-phone can be used for logging in.

Read more... - Scammers Vehemently ...
 
Blue Coat - Malware Organizations Abusing ‘Charlie Hebdo’ Massacre PDF Print E-mail
Written by Administrator   
Friday, 23 January 2015 08:00

According to research conducted by security firm Blue Coat, Malware organizations are quick to latch onto tragedy to distribute malware and they are getting better at it with each new disaster and this time they are exploiting the tragic Charlie Hebdo.

Extremists attacked Charlie Hebdo, a French satirical magazine, on 7th January, 2015 and shot dead its 12 journalists in cold-blood. They were protesting against the cartoons of Prophet Mohammed which was drawn by cartoonists of the magazine.

Security researchers of Blue Coat have discovered a thread of malware which is being distributed by employing the slogan of #JesuisCharlie to dupe victims into downloading the infamous DarkComet malware. Te slogan started trending on Twitter and other places in the wake of this attack and has been tweeted more than 5 million times till date.

The cyber-criminals try to dupe innocents into clicking on maligned links or downloading masked malware by pretending that it contains prevalent major news story.

The DarkComet currently used in this case is a renowned a remote administration tool (RAT), a strain of software which gives cyber crooks remote access to the system on getting installed.

French hacker Jean-Pierre (also known as DarkcoderSc) created DarkComet which is freely available. He stopped to develop it in 2012 when he found that it was being employed by Syrian Government to secretly spy on anti-government Internauts.

Forbes.com published news on 15th January, 2015 quoting Hugh Thompson, Chief Security Strategist of Blue Coat as saying "These online attacks are effective because earth-shattering events put off people and disturb their usual levels of security hygiene." The attackers are not necessarily trying to send political message but encash on the emotions of people due to such events.

Thompson says that this incident created a lot of shock which the world experienced around (the Charlie Hebdo shooting) resulting lot of solidarity.

Cyber attackers have hit 19,000 French websites since this deadly shooting.Darkreading.com reported on 15th January, 2015 quoting Admiral Arnaud Coustilliere, Head of cyberdefense of French military, as saying "We have never seen before. This is the first time that a country has been faced with such a large wave."

Read more... - Blue Coat - Malware ...
 
<< Start < Prev 1 2 3 4 5 6 7 8 9 10 Next > End >>

Page 1 of 1230
Polls
The Spamproblem is
 
Who's online
We have 36 guests online
News Flash
How do you fight spam?

Spam is a growing pain. How are you combating spam?

Submit your favorite spam fighting links to us