malware

A suburban Philadelphia school district remotely activates the cameras in school-provided laptops to spy on students in their homes, a lawsuit filed in federal court Tuesday alleged.

According to the lawsuit filed by a high school student and his parents, the Lower Merion School District of Ardmore, Pa. has spied on students and families by "indiscriminate use of and ability to remotely activate the Webcams incorporated into each laptop issued to students by the School District."

Approximately 1,800 students at the district's two high schools have been given laptops as part of a state- and federally-funded "one-to-one" student-to-laptop initiative.

Link shortening has become a commonplace on services like Facebook and Twitter. Heck, even Google shortens URLs within its products now. People seem to be getting more used to the idea that shortened URLs, despite not showing you where they lead, are safe. Part of that, is that the companies that are doing the shortening keep blacklists of sites with malware or spyware, to keep people from accidentally visiting sites that will do harm.

Valentine’s Day is back and so are the malwares and viruses! Attackers would have tried by now to add you as friends on Facebook and other social networking sites and would have obtained your email addresses from there (if you add just about anyone on such sites without thinking twice).

Once they get your email id they would sent you a cute card laced with virus. Once you open the card/mail you get infected instead of love! No doubt you will receive many emails today expressing love for you today but be cautious of viruses around.

A few tips that may help:

If you are like, well me, then you watch porn. On the Internet. But unlike me, you may not know how to avoid all the creepy and itchy stuff that may arrive after having un-safe sex.

This movie clip shows how free porn (or even paid-for porn) may force you to download rouge video players that is used to infect your computer.

We all are apprehensive of the security of our desktop or laptop at home. A single thought that someone might be tapping out network when we are keying in the Net-banking password or logging in to our email can run a chill down our spine. How do we prevent it all?

Sophos just shared news on a malware targetting ATM systems.

This is a new type of highly targetting attacks - where the attacker tagets something very special. I have warned about such things before, mainly attacks targetting single corporations for ransom or information theft. The challenge with these kinds of attacks is that they usually drop below the radar of typical AV tools - especially the signature based ones.

To me, it is totally natural to attach ATMs. After all, that is where the money is!! The malware in use skimmed the CC numbers, and sent it to the attacker.

ATM attacks traditionally involved HW attacks - like skimming devices and pin code collectors. It is a natural development that it is moved to software, residing on the ATM itself. One of many challenges is to protect against this type of attacks - and to discover them.

How will we protect ourselves? AV on the ATM? Pentesting the ATM? I would think a mixture of hardening the OS - including a signature based mirror, so alterations would be detected, reported and require authentication would be important. Further, I expect some sort of network monitoring, allowing ONLY authorized traffic to white listed targets (i.e. the bank system) would help too. After all, the malware need to communicate, and by shutting of any and all traffic that is not directly related to the transaction, the malware is not able to communicate with its owner.

This kind of scenario of closing down everything is fully duable in a ATM network, as the ATM itself only requires a small amount of traffic and communication, unlike your desktop computer. So monitoring and controlling this traffic would be easy, and not even introduce lags.

What do you think? Are there other ways to stop this kind of malware? Where do you expect to see similar attacks in the future? What will happen when we hook up the fridge to the net - will it be attacked too?

malware, spylogic

According to Fortinet, a new dialer malware is on the spread. Their researchers claim that the threat was mainly reported in Mexico and the US, and that the malware uses the analogue modem to call long-distance calls.

In their newsletter, they make this comment:

Somehow website owners believe that phishing is only targeting banks. Here is some news for you - when security tightens in one area, attachers are quick to find other sites and technologies to exploit. 

In March, a phishing attack targeted MySpace. It was clever, and used CSS to harvest user names and passwords from MySpace accounts. According to Google Security Blog, 95% of all new phishing traffic went to MySpace.