Tag: phishing

Could Ad Networks Power Massive, Browser-Based Botnets?

Could Ad Networks Power Massive, Browser-Based Botnets?

When it comes to security, the web is insecure-by-design. We’ve known that for a long time – what with “man in the middle” attacks like FireSheep, drive-by download attacks and more. The problem has always been how to scale web based attacks. At the end of the day, having an attack web page is great but, like every other website owner, you still have to figure out how to get people to visit your site! Now researchers at WhiteHat security say they’ve found an easy way around the “scale” problem: ad networks. In a presentation at Black Hat this week, Jeremiah Grossman, the CTO of WhiteHat Security, and Matt Johansen, the Manager of Threat Research there, will show how would-be attackers can parlay a small cash outlay into a sizeable browser-based botnet that could be used to send out spam, spread malicious code or launch denial of service attacks on other web […]

Security Must-Do’s For Facebook Graph Search

Security Must-Do’s For Facebook Graph Search

Facebook finally pulled the covers off its much-anticipated (or dreaded) Graph Search feature on Monday, after about six months in beta. The new search feature greatly expands the kinds of information Facebook users can access on other users of the social network, making it easy, for example, to cross reference data stored in Facebook profiles. For example, users can easily call up a list of their “friends who live in Boston” and like the show “Arrested Development.” Fun! But, as has been noted, Graph Search is also a social engineer’s dream, because it lays bare lots of information – data – that Facebook users shared, casually, and without a thought of how it might be used in combination with other data they shared. For example, researchers have shown that they can use knowledge of a Facebook user’s “Likes” to “automatically and accurately predict a range of highly sensitive personal attributes including: […]

New Banking Trojan Hacks The FAQ To Fool Users

New Banking Trojan Hacks The FAQ To Fool Users

Cyber criminals are notoriously crafty and persistent, especially when it comes to defeating security measures created to thwart them. But a group behind a recent version of the Ramnit banking malware has raised their game to a new level: hacking the customer FAQ (frequently asked questions) document to make their malicious activity look like it was business-as-usual. A report on Tuesday by the security firm Trusteer finds that new variants of Ramnit targeting a UK bank  have added features to game a one-time-password (OTP) feature at the bank. Among other tricks, the Ramnit variant uses an HTML injection attack to alter the wording of the bank’s customer FAQ, making it seem as if prompts created by the malware were standard security features at the bank. The report, published on the Trusteer blog, described a complex ruse in which Ramnit lies dormant on infected machines, then springs to action once a […]

Data Breach For Dummies: Simple Hacks, Hackers Are The Norm

Data Breach For Dummies: Simple Hacks, Hackers Are The Norm

In spite of widespread media attention to the problem of “advanced persistent threats” and nation-backed cyber espionage, most cyber attacks that result in the theft of data are opportunistic and rely on unsophisticated or non-technical means, according to Verizon’s 2013 Data Breach Investigations Report (DBIR). Verizon said that its analysis of 47,000 security incidents and 621 confirmed cases of data loss showed that three-quarters were “opportunistic” – not targeted at a specific company or individual – and financially motivated. Around 20 percent of attacks were linked to what Verizon termed “state affiliated actors” conducting cyber espionage. Verizon’s annual Data Breach Investigations Report presents the results of investigations conducted by Verizon’s RISK investigators, the U.S. Department of Homeland Security, US-CERT as well as by law enforcement agencies globally. In its sixth year, it is a highly regarded and oft-cited benchmark of malicious activity and threats to organizations. In a press release […]

Spammers Using Yahoo, Google To Whitewash Links

Spammers Using Yahoo, Google To Whitewash Links

If the gigantic distributed denial of service (DDoS) attacks against the spam blacklisting operation Spamhaus wasn’t proof enough: spammers have trouble steering around blacklists and other reputation-based filters. Even if the language in their message is generic enough to avoid detection, dropping a link to a known, malicious- or compromised domain is plenty to get an entire message dropped. Spammers without a legion of 100,000 bots at their fingertips have to get creative about getting their message into the target’s inbox. Lately, a method that’s drawing attention is to leverage low-security redirection services to whitewash a link to a ‘known-malicious’ or merely suspicious sites. Barracuda Networks said that it has captured spam attacks that are combining a Yahoo based URL shortening service with Google’s free Translate service to whitewash links in spam e-mail messages and evade automated detection. The message, which was sent to a Barracuda “honeypot” system  includes a […]