trojans

'Cloud-based' zombies available for as little as $299 per month

Paul Mah — Tue, 04 Nov 2008 06:59:34 -0500

Cloud computing is taking off in a big way, and this is not just evidenced by the recent announcement of Windows Azure by Microsoft, either. Speaking at the RSA Conference Europe, Uri Rivner, head of new technology over at RSA, spoke of how cyber criminals are offering a botnet network through a subscription service for as little as $299 per month. In addition, malware is being sold, ranging from $350 to $1,000, for sophisticated data-harvesting Trojans. What is surprising is that instead of declining, remote-commandeered computers are thriving, and control software is so refined it has them trading like commodities for nefarious purposes. I suppose it won't be long before mobile devices suffer from the same malware plague too.

For more on this story:
- check out this article from ZDNet News

Taking security to the clouds

Judi Hasson — Fri, 26 Sep 2008 17:51:39 -0400

Major cybersecurity vendors have, in recent months, released software that seeks to identify viruses, Trojans and various forms of malware on severs connected to the Internet rather than wait until they infect the desktop PC. Forbes.com reports that F-Secure, McAfee, Symantec and Trend Micro have moved into this new territory, hoping to protect their customers' machines by performing more analysis as a networked service.

This cloud-based approach, they hope, will be a more effective strategy for blocking new malicious code. This move comes has more and more desktop machines are being infected by malicious software. The cloud-based solution is designed to more quickly block the bad actors, and do so across a broader spectrum as opposed to waiting for individual databases of newly identified malware signatures to be downloaded to a PC.

For more on cloud-based solutions
- check out this forbes.com article

Hackers hide behind Olympics

Mon, 28 Apr 2008 06:59:59 -0400

CIO's beware. The latest security threat may be coming: emails using the Olympics as a cover to hide malicious Trojans that elude most antivirus programs. These email attacks mostly originate from Asia, in some cases claiming to be to be from the International Olympic Committee, and are highly destructive. Security experts at MessageLabs, a company that scans email messages for hostile content and provides Web security, have found more than a dozen Olympic-themed attacks over the past six months. They have targeted different industries with Trojan attachments that could allow the attacker to conduct corporate espionage.

Mark Sunner, chief security analyst at MessageLabs, said the attacks have shifted from Microsoft Word documents to new types of Microsoft files where the intrusions are much less likely to be detected by traditional antivirus engines. "The emerging targeted attacks are more unseen" and antivirus programs are likely to be insufficient, he said.

For more on hackers masquerading behind Olympics:
- See this CIO Today article

The newest Trojan threat

Wed, 13 Dec 2006 19:01:39 -0500

Add the name "Rustock Trojan" to that ever-growing list of security issues you need to keep an eye on come the New Year. Security experts say that the family of back-door malware apps use a rootkit to cloak their appearance while attacking file structure. According to security vendor Symantec, the Trojans have been around for a year but may become a "baseline" for future Trojan strategies within the coming months.

For more on the latest Trojan threat:
- check out the article at InformationWeek

PLUS: Why 'Rock Phish' is another vulnerability to keep an eye on. Article

Symantec's future security strategy

Tue, 28 Nov 2006 19:01:35 -0500

It's not like Symantec doesn't consider viruses, worms and Trojans as enterprise security threats. The vendor surely does. But it also sees the dawn of a new age of information sharing as one that presents some serious security concerns as well. That's why Symantec is morphing its security products toward protecting data that's shared during online collaboration. Its emerging line of new tools and services--packaged as Security 2.0--feature modules for database security and functionality to protect communications such as email and instant messaging.

For more on Symantec's security focus:
- read the article at BPM Today

Related Article: It's been a busy year for Symantec. Article

ALSO NOTED: Trojans on the rise, rootkit infections decreasing; Optimism can boost M&A transition; and much more...

Wed, 25 Oct 2006 20:01:33 -0400

> Trojans on the rise, rootkit infections decreasing. Article

> Optimism can boost M&A transition. Article

> Building good interdepartmental bridges enhances business processes. Article

> Under-reporting hurts hacking investigation efforts. Article

> Britain opens national open-source policy institute. Article

> Cyber attacks at the top of the FBI task list. Article

> Public CIOs leave, rather than take new government role. Article

> "FBI" email solicitation is a hoax, says agency. Article

And Finally... The world's fastest text messenger gets beaten. Article

Telecom site hacked for malware distribution

Sun, 10 Sep 2006 20:01:37 -0400

Imagine finding that your company Web site has been hacked in order to distribute malware to any customers visiting your site. That's exactly what happened recently to Samsung Telecom whose server was discovered to be infected with Trojans that could have disabled antivirus applications and dropped malware files into unsuspecting visitor PCs.

For insight on the server break-in:
- check out the article at TechWorld

Latest rootkit threat illustrates sophistication

Tue, 29 Aug 2006 20:01:37 -0400

Just on the heels of a recent report on the popularity of rootkits with hackers comes news of a new threat. A new form of malware loads a rootkit onto the compromised PC, then changes the local DNS settings and finally, dumps more malicious code on to the drive. Panda Software says that this so-called "Zcodec" malware is a part of a program that claims to install codecs required for multimedia formats. The security vendor says that the intricate attack demonstrates how malware writers are getting smarter everyday and are now using rootkits, social engineering, and Trojans to commit their dirty deeds.

For further insight on the new malware approach:
- check out this article at Vnunet

Trojans overtake virus, worms in popularity

Wed, 05 Jul 2006 20:01:37 -0400

If you've been tracking IT security news, you likely know that Trojans are increasing by the week. According to one security report, the 'ransomware' Trojan is getting more popular with hackers these days. In fact, the malware is outnumbering worms and viruses by a ratio of four to one, says Sophos, a security vendor.

For more on why Trojans are getting popular:
- read this article at NetworkWorld

Battling those nasty SSL Trojans

Wed, 03 May 2006 20:01:39 -0400

When it comes to securing systems, the best defense can be knowledge. With SSL-evading Trojans, for example, it's important to understand the various types, how they work and what vulnerabilities they present. There are three types of Trojans that can make their way through secure and authenticated tunnels: bogus SSL, transaction-based attacks and credential-stealing. According to experts, true protection requires making sure all code is clean and secure, and that enterprises plug in more than just authentication barriers.

For more on fighting SSL Trojans:
- read this article at Infoworld