There Will Be Cyberwar
Richard Stiennon is a prolific writer, analyst and speaker on security at all levels and a frequent guest on the Internet Advisor. Richard is a security expert and industry analyst who is known for shaking up the security industry and providing actionable guidance to vendors and end users. He recently re-launched the security blog ThreatChaos.com and is the founder of IT-Harvest, an independent analyst firm that researches the 1,200 IT security vendors. Richard was Chief Marketing Officer for Fortinet, Inc. the leading UTM (Unified Threat Management) vendor. Prior to that he was VP Threat Research at Webroot Software.
Richard Stiennon has written for Network World (IDG) and CIO Update (Jupiter Media) His blog was hosted by CNet for two years and is still published by Network World. Prior to publishing There Will Be Cyberwar: How the Move to Network-Centric Warfighting Has Set The Stage For Cyberwar , Richard co-authored Cyber Styletto, a novel of cyber intrigue with Mike Brennan, editor of MiTechNews.com.
Fourth of July Malware Campaign Targets Vacationers
Cybercriminals Launch Carefully Timed Malware Campaign to Coincide With Major US Travel Holiday
SUNNYVALE, CA — (Marketwired) — 07/04/14 — Researchers from Proofpoint, Inc. (NASDAQ: PFPT), a leading security-as-a-service provider, have discovered a nasty piece of malware which is targeting vacationers who visit US travel sites, just in time for the July 4th holiday.
The discovery shows that popular travel destination websites for cities including Boston, Salt Lake City, Houston, Monterey, Rochester, Myrtle Beach,Victoria and Utah Valley have been exploited and are serving malware to unsuspecting visitors. Proofpoint can also confirm that the command-and-control infrastructure of the cyber criminals behind the attacks all appears to be based in the Ukraine.
In response to the discovery, Mike Horn, VP, Threat Response Products at Proofpoint, said: “This is a good example of how poorly protected websites play a big role in the distribution of malware. Users might be directed to these sites by a search engine and they have no idea that just by visiting the site they can become infected. We are also seeing a large number of phishing campaigns which direct people to the legitimate travel sites which have …Read More
by Dennis O’Reilly May 13, 2014 12:32 PM PDT
Researchers report the number of malicious apps available on the Google Play store continues to grow. Your best defense is a security app, a cautious approach to downloads, and a close eye on your bank and credit card statements. Suddenly the cost of being the most popular platform for smartphones is rising.
A recent experience with CNet Download requires a warning label: This software will hijack your browser and install PUPware (Potentially Unwanted Programs)
In one recent experience, a simple download from download.cnet.com:
- Browsers were immediately hijacked, PUPware installed and closed thereby requiring a full reboot of the browser.
- Installed PUPware:
- SearchMe (hijacked all searches)
- Ebay Shopper
- Amazon Shopping Assistant
If you are interested in downloading an app or piece of software, we recommend you no longer use CNet Downloader. …Read More
Hour 2 Answering Listener Questions
Guest experts Pepijn and Anne Bruienne share the story of an international romance on an IRC channel that led to their marriage. Their son Jack (9) reveals his precocious passion for Minecraft and programming languages.
Paul Sr.’s DVD/CD drive kept disappearing from his Vista computer every time that he would plug a USB thumb drive in. Pepijn found the solution on a Microsoft Mr. Fixit solution at KB 314060.
A listener from Inkster wanted to know where to recycle old computer equipment. This led to a full discussion about the steps needed to do that and two recommendations for places that you can go to recycle:
- Global Electric Electronic Processing Website about recycling in Michigan
- Global Tech Ministries: Charitable organization that takes used computers, refurbishes them for schools and missions in the US and overseas.
A listener wanted to know if a 9 year old Gateway computer running XP SP2 could get a boost from putting a new SSD (Solid State Drive) in it. Could a 15 year old Tempest handle a new 12 cylinder V8?
Pepijn Bruienne is a certified Mac Developer as well …Read More
Steven Vaughn-Nichols, ZDNet
Being biggest isn’t always the best thing. Android dominates the smartphone ecosphere but that just makes it the biggest, most obvious target for hackers and they are paying attention. Now there is a report that:
Kaspersky Lab is reporting that “For the first time malware is being distributed using botnets that were created using completely different mobile malware.”
Java Vulnerability Exploited
Apple has admitted that they were targeted recently in a carefully orchestrated attack. The Cupertino company also just released a patch and fix for the vulnerability.
Apple has identified malware which infected a limited number of Mac systems through a vulnerability in the Java plug-in for browsers. The malware was employed in an attack against Apple and other companies, and was spread through a website for software developers. We identified a small number of systems within Apple that were infected and isolated them from our network. There is no evidence that any data left Apple. We are working closely with law enforcement to find the source of the malware.
Since OS X Lion, Macs have shipped without Java installed, and as an added security measure OS X automatically disables Java if it has been unused for 35 days. To protect Mac users that have installed Java, today we are releasing an updated Java malware removal tool that will check Mac systems and remove this malware if found.
A couple of weeks ago it was discovered that it’s possible for viruses to quickly spread among unsecured or WEP-encrypted Wi-Fi routers in densely populated urban areas. The FBI has Strongly Recommended that all users Immediately Disable Windows’Read More
Universal Plug n’ Play Support. Steve Gibson is a noted security expert and has been featured on Internet Advisor in the past. He has a simple one step, free test to see whether your computer/network are vulnerable. …
‘Malwarebiter’ (an obvious attempt to copycat Malwarebytes, the excellent anti-malware software) is being advertised as the ‘Worlds Greatest Anti-Malware Software.’ It is really a fake Anti-Malware software product that identifies legitimate files as malware and fails to detect any real malware. In addition, the “Malwarebiter” web site is actually spreading malware, a drive-by exploit in the form of a Zeus Trojan delivered either by Java or a PDF.
DO NOT VISIT THIS SITE
This is a serious threat but ironically if you google Malwarebiter, Malwarebytes comes up….just another way for the cyber mafia to damage business and commerce online.
Here is a screenshot of the fake Malwarebiter cyber scam: