45,000 Facebook Accounts Compromised: What to Know

Facebook users should be on alert. An old worm has learned some new tricks and is spreading through the social network, compromising accounts and possibly gaining access to financial information. Seculert claims that logon credentials from over 45,000 Facebook accounts have been stolen so far.

The Ramnit malware itself has been around for quite a while. The initial discovery dates back to April of 2010. An October 2010 post from McAfee explains that the worm is capable of infecting EXE, DLL, and HTML files, and breaks down in detail how the malware works.

Ramnit worm spreads on Facebook and exploits weak security to compromise financial accounts.
Following the release of the ZeuS botnet source code, though, malware developers borrowed from the ZeuS playbook to modify Ramnit. The resulting merger is a worm that has the scope and propagation of Ramnit, combined with the financial data-stealing talents of ZeuS.

Read more »


Microsoft Ruins Perfect Record with Out-Of-Band Patch

It was so close. Microsoft made it 363 days in 2011 without releasing an update outside of the monthly Patch Tuesday cycle. It was also 48 hours away from finishing 2011 in double-digits for security bulletins. But, on December 29, Microsoft pushed out an out-of-band patch -- MS11-100.

Researchers recently revealed a flaw that exists in a wide variety of Web application platforms, including Python, PHP, ASP.NET, and others. It is an insidiously simple attack that can bring a Web server to its knees by consuming all of the processing power and effectively creating a denial-of-service (DoS).

Microsoft released its 100th security bulletin of the year outside of the normal Patch Tuesday cycle.
Andrew Storms, director of security operations for nCircle, explains, “This isn’t your average DoS attack because it doesn’t take a botnet or a lot of coordination to take a web server down. Most DoS attacks rely on a huge number of small requests targeted at a specific web server to overwhelm it. In this case, a single request can consume a single core for 90 seconds. Queue up a few of these requests every few minutes and the site will be essentially knocked offline.”

Read more »


Windows 8: Log On With Taps, Circles, and Lines

Windows 8: Log On With Taps, Circles, and Lines
Though it’s common not to have a password on a home computer, and some even skip it on their personal mobile devices, it’s the first and most important barrier protecting a company's data. Windows 8 will provide a number of ways of securing your password, and Microsoft recently talked more about a feature called Picture Password as a new way to authenticate without standard passwords and pins. Will this feature have your business tapping and drawing its way to more secure devices?

Keyboard Passwords

Traditionally, authenticating to a device involves typing in a password or PIN. Unfortunately, users tend to choose passwords that are easy to remember, or using characters that they relate to. This makes it easier for attackers who know something about you to guess passwords. Character-based passwords are also vulnerable to keylogging, where malware installed on the device can detect the specific keystrokes and easily reproduce them.

Read more »


Three Important Ways Windows 8 Provides Password Protection

windows 8
More than ever, passwords are a part of our lives, the key to our digital identity. On average, each of us has 25 online accounts, and that is beyond the internal systems you also need to authenticate to in your business. You should have unique, complex passwords for each system, but who can remember all of that? Windows 8 will include features that make it easier to manage your digital identity so your business's data stays safe.

The Problem with Passwords

In the BuildingWindows 8 blog earlier this week, Microsoft’s Dustin Ingalls said that despite each of us having 25 online accounts, on average we only have six unique passwords. Anyone trying to gain entry to your company's data knows that if they can get access to any password a user has, there's a good chance they can use it to gain entry to other services. There are generally four methods attackers will use to access a password: phishing, keylogging, guessing, and cracking. Windows 8 will address each of them in the following ways.

Read more »


Carrier IQ Poses a Threat Despite Good Intentions

Carrier IQ isn’t the bad guy. The mobile device and network diagnostic firm issued a detailed report earlier this week explaining what its software does and how the data is used. However, benign intent doesn’t change the fact that the Carrier IQ software infringes on privacy and exposes personal data to unnecessary risk.

On the surface, the Carrier IQ agent sounds like an awesome diagnostic tool for smartphone vendors and wireless carriers. Data such as battery temperature, battery voltage, current location--including altitude, performance metrics, and more--is made available through the Carrier IQ agent so it can be collected and logged for analysis.

The intentions are benign, but the collected data could still be exposed or compromised.
I’ll say it. I completely understand why my smartphone vendor and wireless carrier would be interested in this sort of information, and as a customer, I want them to gather data like this to troubleshoot issues and make improvements in the hardware and wireless network infrastructure for the future.

Read more »


SMS Fraud Is Not Unique to Android

Google is yanking a number of apps from the Android Market after discovering that they are fraudulent. Although such apps are more likely to be found with Android than on rival platforms, the concept of fraud is an equal opportunity threat that extends far beyond Android mobile devices.

First, a little background on the action in the Android Market. Google has reportedly removed 22 apps from the Android Market that were identified as fraudulent. The apps in question pose as legitimate, popular apps like Angry Birds, or the Opera Mobile browser, but lure users into sending costly premium SMS text messages.

When it comes to fraud, the weakness is the user, not the operating system.
Lookout Mobile Security has been instrumental in uncovering the Android Market fraud and working with Google to weed out the apps. Lookout believes the fraud is originating from Russia, so it gave the apps the apropos name “RuFraud”.

Read more »


Chrome Is Most Secure of the Top Three Browsers, Study Finds

Even as Mozilla's Firefox browser has been surrounded by uncertainty in recent weeks, Chrome seems to be having a very good month.

Not only did Google's software officially surpass Firefox to assume the No. 2 position in market share last week, but today it was named the most secure of the top three browsers by security firm Accuvant.

“Both Google Chrome and Microsoft Internet Explorer implement state-of-the-art anti-exploitation technologies, but Mozilla Firefox lags behind without JIT hardening,” the company explains in a 100-page study.

Read more »