被亂砍的GOP站點傳染訪客與Malware
現在臭名昭著的風暴電腦程式內的病毒使用新的分配方法攻擊信任的受害者。 那裡它在發送同樣的消息到多個新聞組曾經使用了電子郵件附件或埋置了鏈接，它在威斯康辛，美國現在轉向了網站盤剝，最近傳染個人計算機用戶通過一個共和黨網站。

讀更多

德國拘捕10在全球性互聯網詐欺襲擊
在18個月的探針，德國警察在俄國、烏克蘭和德國拘捕了10個人與也許花費了成千上萬的歐元從受害者的國際互聯網詐欺相關之後。 誘使銀行顧客的被指責的半新phishing的技術入回答假Ebay或Deutsche Telekom電子郵件，然後安裝電腦程式內的病毒記錄他們的個人數據。

讀更多

中國的偉大的防火牆更可能鏈子鏈接籬芭
研究員在加州大學在迪維斯和新墨西哥的大學證明，被取締的期限可能通過政府強加的防火牆滑倒為互聯網衝浪在中國。 以偶爾的滑動在安全，多數公民仍然避免搜尋被取締的期限和概念，以免他們的互聯網活動是由中國政府監測的。

讀更多

財政有動機的Malware興旺
malware成為更多

†œWe嫌疑犯一種未批准的交易在您的帳戶。  要保證您的帳戶沒有減弱，請點擊鏈接如下并且證實您的identity.†

像這樣讀的電子郵件通信最近大概出現於您的inbox。  聽起來正式， doesn†™t它？  從倒栽跳水判斷在電子郵件，一個被信任的來源送了它†「政府機構，您的銀行，您的網絡服務提供戶。

您將做什麼？

Anytime you receive an online request for personal information, you should treat it with a healthy dose of suspicion.  What appears to be a trusted source may, in fact, not be what it claims to be.  Chances are high that you have become a target of a highly individualized and persuasive attempt to steal your personal information for malicious purposes.  Phishing, as this type of attack is called, has become increasingly common.

A phishing attack can originate when personal data is stolen. Not much is required.  Bits of data can be simple enough, such as your e-mail address, telephone number and birthday. But those bits hold the potential for creating a profile of you that can be easily expanded through access to other sources of online information.

Resumes and CVs are a reservoir of

Engage with a social networking site such as MySpace or Facebook, and you will undoubtedly change the way you spend your time online. Every time you visit and interact, you will leave a trace behind.  You will expand your digital footprint. As you do this, you will acquire an online identity.Your digital profile will be born.

However unassuming or grand your digital profile is, however private or public, you can be certain of one thing:  Your nuggets of information can be turned against you by hackers with malicious motives.

The tables have turned.  2006 was the year that cyber criminals shifted their attention from e-mail to web traffic.  In that year, the ScanSafe Annual Global Threat Report noted an increase in spyware of 254 percent.  The motives shifted as well.  Over 65 percent of web virus attacks in 2006 aimed at gaining a financial benefit from unsuspecting users.  Displaying technical prowess or causing online chaos was no longer the main driving factor for attacks.

It is little wonder that social networking sites, with attention grabbing headlines that by turns praise and condemn the social changes they are helping bring about, are gaining the attention of hackers looking to spread their malware.

The so-called

By Joe Wells, CTO of Lavasoft ABCall them shortcuts. Call them rules of thumb. Call them heuristics. Herein I will call them triggers.

We all have these triggers, we all use them, and, in fact, we all need them to survive in today’s world. Robert Cialdini gives an excellent description of these triggers in his book “Influence: Science and Practice.” He writes:

“You and I exist in an extraordinarily complicated environment, easily the most rapidly moving and complex that has ever existed on this planet. To deal with it we need shortcuts. We can’t be expected to recognize and analyze all the aspects in each person, event, and situation we encounter in even one day. We haven’t the time, energy, or capacity for it. Instead we must very often use our stereotypes, our rules of thumb, to classify things according to a few key features and then to respond to them without thinking when one or another of these features is present.”¹

The above description involves good triggers; the ones we need to survive and thrive in today’s world. However, when these automatic responses are exploited against us, they become bad triggers.

The “science” of exploiting triggers is called social engineering; though

3 October, 2007

Great news! LiveSecurity subscribers can download new training videos every Wednesday in October, free of charge, as part of WatchGuard’s participation in National Cyber-Security Awareness Month.

To kick off this innovative passel of edutainment, the LiveSecurity analysts and writers conclude the popular Malware Analysis video series. The Malware Analysis premise is simple: you can hear about hacker attacks, read about hacker attacks, and understand the concepts behind them, but nothing ignites your understanding like seeing the attack right before your eyes. When you understand the threat, understanding the defense is much easier.

Previous Malware Analysis videos have shown the real-world malicious code and techniques behind drive-by downloads and rootkits. Now, joining the four videos that have drawn so many hundreds of emails from enthused viewers, we present a full course on (drumroll please)… botnets.

In “Malware Analysis: Botnets (Part 1),” Network Security Analyst Corey Nachreiner and his Magic White Board cover topics both beginning and advanced:

• What a “botnet” is
• How an attacker builds a bot client
• How an attacker controls and commands remote bots
• How crooks recruit an army of bots and become bot herders

Save the date! If your nonprofit or public library is looking to streamline the time-consuming tasks associated with fundraising and donor management, you’ll want to mark October 17 on your calendar. On that day for 8 hours only, TechSoup Stock and Telosa are pleased to offer a special discount on the Exceed!

Basic 2.0 fundraising software. Read on for more details or visit http://ga0.org/ct/spLRaAn1SSG7/.

 

Also this month, I am excited to announce the new CitySoft donation program at TechSoup Stock. CitySoft’s Community Enterprise is easy-to-use Web-based software that empowers social sector organizations to better manage their membership base, online content, and more. Details about this program and its eligibility requirements are below.

 

Finally, see what the top 10 most requested products from the Microsoft Software Donation Program are — perhaps one of them can also help your organization.

 

============================================

TELOSA SPECIAL EVENT: OCTOBER 17

============================================

Get ready for your end-of-year fundraising effort with specially discounted Telosa Exceed! Basic fundraising software!

 

For 8 hours on October 17, from 8 a.m. to 4 p.m. Pacific time

(11 a.m. to 7 p.m.