Spam Is At A Two-Year High

Spam – particularly the kind with malicious attachments – is enjoying a growth spurt, reaching a two-year high overall, which includes the spike last fall just before the SpamIt operation folded its doors, a security firm says.

In fact spam traffic is about double what it was then, according to M86 Security Labs, which analyzes spam levels across selected domains.

“After multiple recent botnet takedowns, cybercriminal groups remain resilient clearly looking to build their botnets and distribute more fake AV in the process,” the company says in its blog. “It seems spammers have returned from a holiday break and are enthusiastically back to work.”

This report coincides with a report yesterday from Internet security company Commtouch, which says a spike in email-attached malware has just ended, but that further waves are expected.

M86 says in its blog that most of the spam is generated by the Cutwail botnet, and malicious spam accounted for 13% of the mix over the past week, which is unusually high, but even that spiked to 24% yesterday.

Read More…

RSA To Replace SecureID Tokens

In an acknowledgement of the severity of its recent systems breach, RSA Security said Monday that it will replace SecureID tokens for any customer that asks.

Customers have been left to ponder whether or not to trust RSA’s security tokens since March, when the company confirmed that it had been hacked and issued a vague warning to its customers. Then, two weeks ago, government contractor Lockheed Martin was reportedly forced to pull access to its virtual private network after hackers compromised the SecureID technology.

In a letter sent to customers Monday, RSA confirmed that the Lockheed Martin incident was related to SecureID. Information “taken from RSA in March had been used as an element of an attempted broader attack on Lockheed Martin,” RSA Executive Chairman Art Coviello stated in the letter.

Coviello said the company remains “highly confident in the RSA SecureID product,” but acknowledged that the recent Lockheed Martin attack and general concerns over hacking, “may reduce some customers’ overall risk tolerance.”

Read More…..

Microsoft’s IE Latest Flaw: ‘Cookiejacking’

A technology security researcher has discovered a flaw in Microsoft Corp’s widely used Internet Explorer browser that he said may allow hackers to steal credentials to access FaceBook, Twitter and other websites.

He coined the technique as ”cookiejacking.”

“Any website. Any cookie. Limit is just your imagination,” said Rosario Valotta, an independent Internet security researcher based in Italy.

Hackers can exploit the flaw to access a data file stored inside the browser known as a “cookie,” which holds the login name and password to a web account, Valotta wrote.

Once a hacker has that cookie, he or she can use it to access the same site, said Valotta, who calls the technique “cookiejacking.”

The vulnerability affects all versions of Internet Explorer, including IE 9, on every version of the Windows operating system.

To take advantage of this flaw, the hacker must first persuade the victim to drag and drop an object across the PC’s screen before the cookie can be hijacked.

That sounds like a difficult task, but Valotta said he was able to do it fairly easily. He built a puzzle that he put up on Facebook in which users are challenged to “undress” a photo of an attractive woman.

“I published this game online on FaceBook and in less than three days, more than 80 cookies were sent to my server,” he said. “And I’ve only got 150 friends.”

Microsoft said there is little risk a hacker could succeed in a real-world cookiejacking scam.

“Given the level of required user interaction, this issue is not one we consider high risk,” said Microsoft spokesman Jerry Bryant.

Read More….