Sign up for our Technology Newsletter 
WordPress Attacked By Hackers
March 14, 2012 by admin
Filed under Around The Net
Comments Off on WordPress Attacked By Hackers
Security outfit Websense said that more than 200,000 infected pages that redirect users to websites displaying fake antivirus scans have been created. The latest compromises are part of a rogue antivirus distribution campaign that has been going on for months, the Websense researchers said.
Cybercriminals gangs have switched to drive-by download attacks that exploit vulnerabilities in outdated browser plug-ins to automatically download and install their rogue software. The large number of infected Web pages seen in this campaign is an indication that these scams still work. Vulnerable websites are a rich source of opportunity for cybercriminals. More than 85 percent of the compromised sites were located in the US, but their visitors were geographically dispersed.
Symantec’s Virus Code Hacked
Symantec is looking into an Indian hacking group’s claims that it accessed source code used in the company’s flagship Norton Antivirus program.
A spokesman for the company on Thursday said that one claim by the group was false, while another is still being investigated.
Meanwhile, the Indian group, which calls itself Lords of Dharmaraja, has threatened to publicly disclose the source code very soon.
On Wednesday, the group posted on Pastebin what it claimed was confidential documentation related to Norton AntiVirus source code. A review of the material showed what appears to be a description of an application programming interface (API) for Symantec’s AV product.
The group also posted what it claimed was the complete source code tree file for Norton Antivirus. That document appears to have been taken down.
‘Yama Tough,’ the hacker who posted the documents, released at least two more on Google+ allegedly related to Symantec source code. One of the documents appears to be a detailed technical overview of Norton Anti-Virus, Quarantine Server Packaging API Specification, v1.0. The other document, from 2000, describes a Symantec Immune System Gateway Array Setup technology.
.
Spam Is At A Two-Year High
Spam – particularly the kind with malicious attachments – is enjoying a growth spurt, reaching a two-year high overall, which includes the spike last fall just before the SpamIt operation folded its doors, a security firm says.
In fact spam traffic is about double what it was then, according to M86 Security Labs, which analyzes spam levels across selected domains.
“After multiple recent botnet takedowns, cybercriminal groups remain resilient clearly looking to build their botnets and distribute more fake AV in the process,” the company says in its blog. “It seems spammers have returned from a holiday break and are enthusiastically back to work.”
This report coincides with a report yesterday from Internet security company Commtouch, which says a spike in email-attached malware has just ended, but that further waves are expected.
M86 says in its blog that most of the spam is generated by the Cutwail botnet, and malicious spam accounted for 13% of the mix over the past week, which is unusually high, but even that spiked to 24% yesterday.
Apple Admits To Security Issues
Apple has finally acknowledge and has promised an update for Mac OS X that will find and remove the MacDefender fake security software, and warn uninfected users when they download the infectious program.
The announcement — part of a new support document that the company posted late Tuesday — was the company’s first public recognition of the threat posed by what security experts call “scareware” or “rogueware.”
Apple has taken criticism for not publicly responding to the MacDefender threat.
“In the coming days, Apple will deliver a Mac OS X software update that will automatically find and remove Mac Defender malware and its known variants,” Apple said in the document. “The update will also help protect users by providing an explicit warning if they download this malware.”
Apple also outlined steps that users with infected Macs can take to remove the scareware.
Andrew Storms, director of security operations with nCircle Security, was surprised that Apple said it would embed a malware cleaning tool in Mac OS X.
Conflicker Worm Still Wreaking Havoc
Comments Off on Conflicker Worm Still Wreaking Havoc
Security firm fighting the dreadful Conflicker worm claim that they have it on the ropes. The team of computer-security researchers said they managed to neutralize the worm’s impact by blocking its ability to communicate with its developer, who is still anonymous.
Unfortunately after years of trying fighting the Conflicker, security experts estimate the worm infects between five million to fifteen million computers. The Conficker worm, showed up in 2008. The worms intent is to disable a computer’s security measures, including Windows software updates and antivirus protection, leaving machines vulnerable to more malicious software. Read more….