Wi-Fi theft is turning into a menace of inordinate proportions and home-based wireless networks are sitting ducks for bandwidth thieves, a demographic that now also includes wily terrorists. A case that has come to light in India will insure that some of the benevolent Wi-Fi hosts will never turn off their firewalls or show vacuous disregard towards bandwidth theft.
He is fortunate that the cyber experts of the ATS bought his plea, that his Wi-Fi might have been used by the terrorists to send the e-mail without him being in the know. Of course, their preliminary investigation also seems to suggest the same, as he hasn’t been booked under any law. However, he has been told not to leave the country until further notice.
Several fear-mongers have prophesied about the threat cyber terrorism poses. This isn’t the deadly manifestation of cyber terrorism that they talk about, it is a sinister beginning all the same.
MySpace and Facebook users now have bigger worries than whether Wordscraper will stay online: two new worms, known as the Koobface family, are attacking Windows users of these popular social networking (or "Notworking" sites, as our friends at The Inquirer call them). These new worms pose a threat to the peace of mind of people like Zac Koobface (a real Facebook user, by the way).
Kapersky Labs was the first to detect these worms: Net-Worm.Win32.Koobface.a (targets MySpace) and Net-Worm.Win32.Koobface.b (targets Facebook). McAfee refers to both worms as W32/Koobface.worm, while Symantec uses the terms W32.Koobface.A and W32.Koobface.B.
Both worms send comments or messages to other users of the service. The messages or comments contain alleged links to humorous YouTube files (such as "Paris Hilton Tosses Dwarf On The Street"). When the user clicks on the link, the link redirects to a website that displays an error message claiming the user needs an updated codec to enable the Adobe Flash player to play the video. The alleged Flash player update (codecsetup.exe) contain the worm.
When the Koobface.A worm runs, it configures itself to run automatically when the system starts, checks for MySpace cookies, and if it finds them, modifies the user's profile by adding links to malicious sites that contain the worm. To learn more about Koobface.A and Koobface.B, check the McAfee and Symantec links earlier in this article.
If you use Kapersky, McAfee, or Symantec antivirus, the latest virus definitions will detect and stop these worms. If you use other antivirus or anti-malware programs, check for updates daily - and don't click on funny video links from other MySpace or Facebook users. The results just aren't very funny.
Been bugged by these or other social-networking worms? Tell us your story after the jump!
Homeland Security is once again drawing criticism, this time over a newly disclosed policy that has apparently existed for some time. According to the Washington Post, U.S. agents have (and have had) the authority to seize and retain laptops indefinitely, which as resulted in some travelers reporting not getting them back. And not just laptops, but all kinds of electronic devices, like cell phones, music players, portable hard drives, and more.
While the policy isn't new, it's only now being stated publicly and the contents of the DHS document has civil rights activists and lawmakers up in arms. Not only does it appear that government officials have the power to seize electronic devices, but according to U.S. Senator Russ Feingold, customs agents are allowed to analyze the contents of laptops without any suspicion of wrongdoing.
"The policies that have been disclosed are truly alarming," Feingold wrote in a statement.
Not surprisingly, malware infections are at an all-time high, but what's shocking is just how fast the infection rate has risen. According to antivirus vendor Sophos, the company says it detects one webpage containing malicious content every 5 seconds, a rate that represents a whopping 300 percent jump from 2007.
That breaks down to over 16,000 malicious sites each day, most of which are victims of SQL-injection attacks. One of the more common tricks entails using SQL-injection to place a dirty 1x1 pixel element on an infected page. And because many of the sites are legitimate, security vendors are having a tough time keeping up with blocking the sites.
There also exists a fair number of illegitimate sites, and Sophos claims Google-owned Blogger accounts for nearly 2 percent of all malware hosts, making it an unflattering number one offender.
Responding to the report, a spokesperson for Google said "Google takes the security of our users very seriously, and we work hard to protect them from malware. Using Blogger, or any Google product, to serve or host malware is a violation of our product policies. We actively work to detect and remove sites that serve malware from our network."
Here is a product for those that use Carpool Kenny (for security purposes of course) or timers on lights, and is more eco friendly that leaving your TV on. Enter FakeTV, a computer controlled, super-bright multi-color LED lamp with light output equivalent to a typical 27" HDTV LCD television, but it consumes fifty times less power than an actual TV. It creates the effect of a TV that is on, minus sound of course.
This is an item that is sure to land on one of those “as seen on TV” commercials, although it won’t become anywhere near as popular as The Clapper. While FakeTV is sound in principle it’s only going to work as well as the crook casing your house is smart. Leaving the TV on is an old trick, and a TV without sound is only going to fool the most novice of burglars. It’s creepy in a way I can’t quite put my finger on. Oddly enough even Carpool Kenny looks cooler than this thing.
Wikipedia is famous for being the free online encyclopedia that anyone can edit. Unfortunately, there are numerous examples of so-called "Wikipedia vandalism," where the reputations of people past and present have been blackened by bogus entries in their Wikipedia pages. To help reduce vandalism, Wikipedia is now experimenting with flagged revisions on its German Wikipedia site, which is apparently a hotbed of vandalism. When pages are changed, a checker must sign off on the changes to a page before they are posted.
How big a problem is Wikipedia vandalism? How do we know that the checkers who approve pages can be trusted? And what do Wikipedia fans think about all of this? To find out more, join us after the jump.
Whether you work in a large enterprise, small business, or are the network guru to your own home's PCs, the pressure to connect a new system right now can be overwhelming. To find out how you can head off trouble by hardening a new (or reloaded) system before it gets its first whiff of the Internet, join us after the jump.
Ping any enthusiast forum about security software and you'll likely get conflicting recommendations. But one thing most advanced PC users seem to agree on is that there are better, faster alternatives than Symantec's Norton software. With the release of Norton Internet Security and Norton Antivirus 2009, Symantec is telling those users to take another look.
Helping them do that, Symantec today has gone live with public betas for both programs, which the company purports are "designed to set a new industry standard for speed and performance." Symantec calls it their "zero-impact" performances goal and says it has implemented more than 300 improvements running the gamut from scanning engine tweaks to a better user interface. Even the installation looks to waste no time, with Symantec touting a one-minute install time and "less than half the memory usage of the next leading competitor."
Why the sudden interest in speed? "Based on customer feedback, we viewed performance as the key feature for this release. Our goal is to create the fastest security product in the world, hands down," said Rowan Trollope, Senior VP of Consumer Products.
Find out what else is new with Norton 2009 after the jump.
ZDNet's ZeroDay security blog reports that software engineering and reverse engineering expert and author Kris Kapersky is ready to prove that bugs in Intel CPUs can be exploited by various types of attacks. Kapersky will be speaking at the 2008 Hack in the Box Security Conference in Kuala Lumpur, Maylasia, in October.
To find out how Kapersky plans to prove his theory, read on after the jump.
A surge in the volume of stolen data has caused the price of hacked bank and credit card details to fall sharply, Reuters reports. According to researchers for Finjan, a Web security firm, account details with PIN codes that once sold for $100 or more might now only bring in $10 to $20. Taking its place are new types of stolen data, such as patient healthcare information that can be used to commit insurance fraud or to acquire prescription medication to sell on the black market. Other data commanding a high price now includes business information, company personnel files, and intercepted commercial emails.
Click the jump to see what new types of data are commanding a bigger premium, an why your banking institution might not always have your back.