Posts Tagged ‘malware’

Watch Your Google Gadgets

Monday, August 4th, 2008


Ever use iGoogle? I do and I love it.  It’s as close as you can get to a personalized home page without having to know web code. However, the platform is about to be rocked by a presentation this week at Black Hat, the annual hacker conference.

According to Yahoo News, Cenzic senior security analyst Tom Stracener and security researcher Robert Hansen, better known as “RSnake,” plan to demonstrate a zero-day vulnerability that affects Google Gadgets. What this means is that they are going to announce that knowledgeable web coders will be able to inject malware into your PC, possibly beyond the realm of traditional detection with antivirus and malware protection.

So if you’re an “iGoogle-Google-Gadget-User” what do you do? 

  1. The first thing is to educate your users about the dangers of installing unknown software.  This is a good practice no matter what.
  2. Watch what comes out of BlackHat 2008.  Follow the mainstream IT Security bloggers as they summarize the presentations.  I’ll post more on this as it gets closer. 
  3. If in your opinion the risk of iGoogle malware outweights the benefits, use your webfilter to block it.  Or block the installation of Google Gadgets.   You can still get all the benefits of Google.

Tags: , ,
Posted in Endpoint Security, Malware News, Security Matters, Threat Management, Web Security | No Comments »

The Importance of Proactivity

Wednesday, July 30th, 2008


 

IBM’s X-Force security division reported that more than 90% of all  browser-related exploits occurred within 24 hours of an official vulnerability disclosure, and that most botnets were created using this flaw.  

What this means is that within one day of a vulnerability being announced, cyber-criminals are deploying code that can take control of an uppatched or unprotected computer user’s PC and use the PC as part of their botnets.  Botnets are computers that are controlled by a rogue user that when grouped with thousands, even millions of other similar computers, can be used for the delivery of spam or denial of service attacks.   

This demonstrates the need for three main things:

  1. Good patch managment
  2. Updated anti-malware software that goes beyond your standard AV program
  3. Good security awareness training for your employees

These three things give you an effective defense against the botnet masters, not a 100% defense but one they don’t typically factor in.  Like any criminal looking for a easy steal, they’ll look for the unlocked and undefended places first.

If you have any questions about how to establish any of these three layers of protection, please contact us.  Your blog questions are welcome.   

Tags: , ,
Posted in Malware News, Security Matters, Threat Management | 1 Comment »

Limbo 2 Trojan

Friday, July 25th, 2008


 

Cybercrooks have released a custom-built Trojan, dubbed Limbo 2, “guaranteed” by its shady creators to continually evade the top ten anti-virus products on the market.

The Limbo 2 Trojan is touted as being able to bypass products from Symantec, McAfee, AVG and others to steal login credentials from online banking sessions. Crackers hawking tailored versions of the Trojan on underground forums are selling licences for up to $1,300, net security firm PrevX reports. The “guarantee” of non-detection represents a new level of sophistication in the underground malware business, which is borrowing more and more business models from the legitimate software industry.

This is why downloading unknown software off the Internet is so dangerous since these types of programs are commonly “joined” to other products.  Users unknowingly install them and then operate undetected.  If it looks dubioius, don’t download it.

Tags: , ,
Posted in Malware News, Security Matters | No Comments »