De binnendrongen in een beveiligd computersysteem Plaats GOP besmet Bezoekers met Malware
Het nu-beruchte Trojan paard van het Onweer gebruikt nieuwe distributiemethodes om unsuspecting slachtoffers aan te vallen. Waar het eens e-mailgehechtheid gebruikte of verbindingen in spam inbedde, heeft het nu aan website exploiteert gedraaid, onlangs besmettend de gebruikers van PC door een Republikeinse partijwebsite in Wisconsin, de V.S.

Lees meer

Duitsland arresteert 10 in de Globale Invallen van Internet Scam
Na een sonde van 18 maanden, heeft de Duitse politie 10 mensen in Rusland, de Oekraïne, en Duitsland met betrekking tot internationaal Internet scam gearresteerd dat gekost honderdduizenden Euro van slachtoffers kan hebben. De beschuldigde gebruikte phishing technieken om bankklanten in het beantwoorden van vals Ebay of Deutsche Telekom e-mail te verlokken, en dan geïnstalleerdk een Trojan paard om hun persoonsgegevens te registreren.

Lees meer

Grote Firewall van China meer zoals ketting-Verbinding Omheining
De onderzoekers bij de Universiteit van Californië in Davis en de Universiteit van New Mexico hebben bewezen dat de verboden termijnen kunnen door de overheid-opgelegde firewall voor Internet uitglijden dat in China surft. Zelfs met de occasionele misstap in veiligheid, vermijden de meeste burgers nog zoekend naar verboden termijnen en concepten voor vrees dat hun activiteit van Internet door de Chinese overheid wordt gecontroleerd.

Lees meer

Bloeit financieel Gemotiveerde Malware
Aangezien malware meer wordt

†œWe verdenkt een onbevoegde transactie voor uw rekening.   Om ervoor te zorgen dat uw rekening niet wordt gecompromitteerd, te klikken gelieve hieronder de verbinding en te bevestig uw identity.†�

Een e-mailmededeling die als dit leest is waarschijnlijk in uw inbox onlangs verschenen.   De ambtenaar van geluiden, doesn†™t het?   Oordelend van header op e-mail, heeft een vertrouwde op bron het â een „€overheidsagentschap, uw bank, uw dienstverlener van Internet verzonden.

Wat u zult doen?

Anytime you receive an online request for personal information, you should treat it with a healthy dose of suspicion.  What appears to be a trusted source may, in fact, not be what it claims to be.  Chances are high that you have become a target of a highly individualized and persuasive attempt to steal your personal information for malicious purposes.  Phishing, as this type of attack is called, has become increasingly common.

A phishing attack can originate when personal data is stolen. Not much is required.  Bits of data can be simple enough, such as your e-mail address, telephone number and birthday. But those bits hold the potential for creating a profile of you that can be easily expanded through access to other sources of online information.

Resumes and CVs are a reservoir of

Engage with a social networking site such as MySpace or Facebook, and you will undoubtedly change the way you spend your time online. Every time you visit and interact, you will leave a trace behind.  You will expand your digital footprint. As you do this, you will acquire an online identity.Your digital profile will be born.

However unassuming or grand your digital profile is, however private or public, you can be certain of one thing:  Your nuggets of information can be turned against you by hackers with malicious motives.

The tables have turned.  2006 was the year that cyber criminals shifted their attention from e-mail to web traffic.  In that year, the ScanSafe Annual Global Threat Report noted an increase in spyware of 254 percent.  The motives shifted as well.  Over 65 percent of web virus attacks in 2006 aimed at gaining a financial benefit from unsuspecting users.  Displaying technical prowess or causing online chaos was no longer the main driving factor for attacks.

It is little wonder that social networking sites, with attention grabbing headlines that by turns praise and condemn the social changes they are helping bring about, are gaining the attention of hackers looking to spread their malware.

The so-called

By Joe Wells, CTO of Lavasoft ABCall them shortcuts. Call them rules of thumb. Call them heuristics. Herein I will call them triggers.

We all have these triggers, we all use them, and, in fact, we all need them to survive in today’s world. Robert Cialdini gives an excellent description of these triggers in his book “Influence: Science and Practice.� He writes:

“You and I exist in an extraordinarily complicated environment, easily the most rapidly moving and complex that has ever existed on this planet. To deal with it we need shortcuts. We can’t be expected to recognize and analyze all the aspects in each person, event, and situation we encounter in even one day. We haven’t the time, energy, or capacity for it. Instead we must very often use our stereotypes, our rules of thumb, to classify things according to a few key features and then to respond to them without thinking when one or another of these features is present.â€�¹

The above description involves good triggers; the ones we need to survive and thrive in today’s world. However, when these automatic responses are exploited against us, they become bad triggers.

The “science� of exploiting triggers is called social engineering; though

3 October, 2007

Great news! LiveSecurity subscribers can download new training videos every Wednesday in October, free of charge, as part of WatchGuard’s participation in National Cyber-Security Awareness Month.

To kick off this innovative passel of edutainment, the LiveSecurity analysts and writers conclude the popular Malware Analysis video series. The Malware Analysis premise is simple: you can hear about hacker attacks, read about hacker attacks, and understand the concepts behind them, but nothing ignites your understanding like seeing the attack right before your eyes. When you understand the threat, understanding the defense is much easier.

Previous Malware Analysis videos have shown the real-world malicious code and techniques behind drive-by downloads and rootkits. Now, joining the four videos that have drawn so many hundreds of emails from enthused viewers, we present a full course on (drumroll please)… botnets.

In “Malware Analysis: Botnets (Part 1),” Network Security Analyst Corey Nachreiner and his Magic White Board cover topics both beginning and advanced:

• What a “botnet” is
• How an attacker builds a bot client
• How an attacker controls and commands remote bots
• How crooks recruit an army of bots and become bot herders

Save the date! If your nonprofit or public library is looking to streamline the time-consuming tasks associated with fundraising and donor management, you’ll want to mark October 17 on your calendar. On that day for 8 hours only, TechSoup Stock and Telosa are pleased to offer a special discount on the Exceed!

Basic 2.0 fundraising software. Read on for more details or visit http://ga0.org/ct/spLRaAn1SSG7/.

 

Also this month, I am excited to announce the new CitySoft donation program at TechSoup Stock. CitySoft’s Community Enterprise is easy-to-use Web-based software that empowers social sector organizations to better manage their membership base, online content, and more. Details about this program and its eligibility requirements are below.

 

Finally, see what the top 10 most requested products from the Microsoft Software Donation Program are — perhaps one of them can also help your organization.

 

============================================

TELOSA SPECIAL EVENT: OCTOBER 17

============================================

Get ready for your end-of-year fundraising effort with specially discounted Telosa Exceed! Basic fundraising software!

 

For 8 hours on October 17, from 8 a.m. to 4 p.m. Pacific time

(11 a.m. to 7 p.m.