It's the Cold War all over again, only this one's taking place in cyberspace. According to a report by security firm McAfee, there are a growing number of governments all around the globe preparing for potential cyber conflicts with other countries, DailyTech reports.
"There are at least five countries known to be arming themselves for this kind of conflict," McAfee Europe analyst Greg Day told the BBC. "To go to physical war requires billions of dollars. To go to cyber war most people can easily find the resources that could be used in these kinds of attacks."
Targets of such attacks are likely to be a nation's infrastructure, and the U.S., which is known to have an operating manual outlining the rules of cyber engagement, is also known to have used hack attacks alongside ground operations during the Iraq war. The UK, Germany, France, China, and North Korea are the five other countries actively developing their own capabilities.
"In physical warfare it's pretty clear who has which weapon and how they are using them," said Chris Wysopal, chief technology officer at Veracode which advises many governments on security. "In the networked world that attribution is incredibly difficult."
Phishing and worms go together like, well, fishing and worms. But unlike the latter, you're the prey, and it can be particularly dangerous swimming in social networking waters, suggests a new report by Microsoft and McAfee.
The two software makers noted a sizable spike in phishing attacks during the months of May and June, driven in large part by hackers concentrating their efforts on social networking sites. Other popular targets included gaming sites, banking portals, and e-commerce.
While Trojans still topped the charts, Microsoft noted that worms are becoming much more prevalent, rising from fifth place in the second half of last year to now being the second most prevalent category of threats. Much of the rise can attributed to Conficker, which still has most security experts puzzled.
For those still clinging to XP, Microsoft noted that infection rates for Vista were significantly lower than for XP.
Oopsy-daisy! According to complaints on McAfee's message board, a mandatory service pack for the company's antivirus VSE 8.7 software has left some machines unbootable. The update, which was issued on May 27 and later pulled on June 2, was intended to squash minor security bugs, but also inadvertently flagged some Windows system files as malware.
"McAfee removed Patch 1 for McAfee VirusScan Enterprise 8.7i from its download servers out of precaution after a potential issue with the update was discovered," McAfee said in a statement. "A very small number of customers reported trouble with the patch on a limited number of computers."
McAfee went on to say that it's working on identifying the cause of the false positives and, once resolved, will repost the mandatory update.
Most of us view spam as an annoyance with the greatest cost associated with junk email being our time. However an even bigger price is being paid by the environment, a problem underscored by the startling amount of junk email that now flutters across the web. We're talking about 62 trillion spam messages in 2008 alone, according to a report released by McAfee.
In terms of the environment, McAfee researchers say each piece of junk email emits 0.3 grams of carbon dioxide (CO2), or a combined 17 million metric tons of CO2 for all spam-related emissions in 2008.
"The amount released into the atmosphere is significant," said Dave Marcus, director of security research for McAfee. "Spam has a big carbon footprint. It's something people be aware of."
Most of the spam-related greenhouse gas emission -- 80 percent -- comes from the energy used by PC users to view, delete, and sort for legitimate messages, McAfee says. The silver lining here is that by taking steps to reduce spam, you not only reclaim your inbox, but also can have a noticeable impact on the environment.
If you haven’t done so already, make sure your Adobe reader has checked for, and downloaded the latest updates. Adobe has finally released a patch for the zero day scripting vulnerability in its PDF software. The patch for version 9 hit the net a bit earlier than expected, but not a moment too soon to combat this now critically exploited weakness which has been in the wild now since December 2008. The patches for Version 7 & 8 are still planned for March 18th and users of this version would be advised to either upgrade to 9.1 or consider Foxit Reader.
The news was posted by Adobe blogger David Lenoe. "Today, we posted the Adobe Reader 9.1 and Acrobat 9.1 update, which resolves the recent JBIG2 security issue (CVE-2009-0658), including the 'no-click' variant of the vulnerability." "We encourage all Adobe Reader users to download and install the free Adobe Reader 9.1."
For those that haven’t been following the details of the exploit, the vulnerability is a result of an array indexing error in the processing of JBIG2 streams. Hackers have found a way to corrupt arbitrary memory using the PDF format and take control of compromised systems. The lesson learned here if we didn’t know it already, don’t take candy, or PDF’s from strangers.
Adobe’s PDF reader and creator software continues to be under a seemingly endless attack, and a new vulnerability has the security community very worried. A critical flaw in all editions of its PDF reader and creator software will allow attackers to crash the application and gain control of a person’s computer. This vulnerability has been acknowledged by Adobe, but a fix is still rumored to be 2-3 week away. Initially the company will be working to patch version 9, but will eventually include fixes for version’s 7 & 8 as well.
According to the McAfee security blog, malicious PDF documents are already in the wild, and have been appearing across the web since early January. PDF exploits are of significant concern to the security community since the reader software interfaces very closely with web browsers. In many cases PDF documents are opened within a new browser tab, and displayed even with a user’s consent. According to Symantec this attack has primarily been directed towards government agencies and large corporations, it is not widespread as of yet.
Believe it or not, there are security options out there other than AVG. McAfee, being one of them (surely you've run across McAfee on an OEM rig or two), announced plans to acquire network security vendor Secure Computing for around $465 million. The move, according to McAfee, is intended to beef up the company's network security portfolio.
"Today's announcement of this pending acquisition is a natural extension of McAfee's security-only focus," Dave DeWalt, CEO and president of McAfee, said in a statement. "We expect the pending combination of McAfee and Secure Computing will create an annual projected combined revenue of just under $500 million in the network security segment of our SRM (security risk management) portfolio."
Before the acquisition can go through, it must first pass regulatory approvals and get the green light from Secure Computing's stockholders, all of which is expected to be finalized by the end of the year.
MySpace and Facebook users now have bigger worries than whether Wordscraper will stay online: two new worms, known as the Koobface family, are attacking Windows users of these popular social networking (or "Notworking" sites, as our friends at The Inquirer call them). These new worms pose a threat to the peace of mind of people like Zac Koobface (a real Facebook user, by the way).
Kapersky Labs was the first to detect these worms: Net-Worm.Win32.Koobface.a (targets MySpace) and Net-Worm.Win32.Koobface.b (targets Facebook). McAfee refers to both worms as W32/Koobface.worm, while Symantec uses the terms W32.Koobface.A and W32.Koobface.B.
Both worms send comments or messages to other users of the service. The messages or comments contain alleged links to humorous YouTube files (such as "Paris Hilton Tosses Dwarf On The Street"). When the user clicks on the link, the link redirects to a website that displays an error message claiming the user needs an updated codec to enable the Adobe Flash player to play the video. The alleged Flash player update (codecsetup.exe) contain the worm.
When the Koobface.A worm runs, it configures itself to run automatically when the system starts, checks for MySpace cookies, and if it finds them, modifies the user's profile by adding links to malicious sites that contain the worm. To learn more about Koobface.A and Koobface.B, check the McAfee and Symantec links earlier in this article.
If you use Kapersky, McAfee, or Symantec antivirus, the latest virus definitions will detect and stop these worms. If you use other antivirus or anti-malware programs, check for updates daily - and don't click on funny video links from other MySpace or Facebook users. The results just aren't very funny.
Been bugged by these or other social-networking worms? Tell us your story after the jump!
In May 2008, McAfee set up 50 individuals from around the world with new laptops and email addresses and then had them surf for 30 days trolling for spam to discover “how much spam they would attract and what the effects would be, both short lived and long term”.
Every techie reading this is thinking the same thing, Well DUH, they got a crap load of spam and were really @%!#& annoyed by it. Really McAfee’s S.P.A.M. (Spammed Persistently All Month) Experiment amounts to pseudo news or a marketing campaign. That is not to say that it did not generate some useful data, but most of its conclusions are a no brainer.
Jump through to see what conclusions McAfee came to!