Spammers step up "hit-and-run" operations

Around 90 per cent of all spam messages are now URL based, according to a recent report from IBM's Internet Security Systems (ISS) X-Force, Big Blue's Internet threat research and development team. More...

Web Flaw Leaves Personal Info in the Open

The flaw in the Internet's routing system, which experts said threatened the integrity of much of the Internet, was actually discovered in March. The stunning realization was kept secret while computer security experts tried to figure out a remedy. More...

Airline E-ticket Email Attack

US-CERT is aware of public reports indicating that a new email attackis circulating. This attack uses email messages that appear to be fromlegitimate airlines and contain information about a bogus e-ticket.These email messages instruct the user to open the attachment toobtain the e-ticket. If a user opens this attachment, a file may beexecuted to infect the user's system with malicious code.Reports, including a posting by Sophos, indicate that these messageshave the following characteristics. Please note that these attributesmay change at any time.

* The subject line "E-Ticket#XXXXXXXXXX"
* An attachment named "eTicket#XXXX.zip"US-CERT encourages users and administrators to take the followingpreventative measures to help mitigate the security risks:
* Install anti-virus software, and keep its virus signature file up to date.
* Do not open attachments in unsolicited email messages.
* Refer to the Recognizing and Avoiding Email Scams (pdf) document for more information on avoiding email scams.
* Refer to the Avoiding Social Engineering and Phishing Attacks document for more information on social engineering attacks.

Storm worm spoofs FBI story

The Storm worm is trying a new tactic to lure users by hiding its malware within a fake news story about the FBI and Facebook. Spam messages contain such headlines as 'FBI may strike Facebook', 'FBI are spying on your Facebook profiles' and 'Facebook's FBI ties'. More...

Hackers infiltrate legitimate websites

The latest State of the Internet Report (PDF) from Websense warns that many popular social networking, search engine and web 2.0 sites have suffered temporary infection with cyber-tricks such as data-stealing code and hidden redirects. More...

The Costly Price of Cyber Crime

A new study from Telus in partnership with the Rotman School of Management released yesterday shows that IT security breaches are costing publicly traded Canadian companies an average loss of more than $637,000 annually. More...

Hackers Getting Faster at Cooking Up New Attacks

Computer hackers are whipping out exploits at an accelerating rate, according to a new IBM security report. They're able to come up with ways to attack newly discovered vulnerabilities faster thanks to automated programs, and they also benefit from well-intentioned security researchers who make too much information available too soon, according to the report. More...

Spammers deliver bogus invoices

The messages tell the user that a package sent on 1 July could not be delivered and that the user should open the attached file and collect the package from a local post office. More...

For every card fraud that is reported, a further 8 attempted frauds go unreported

The most comprehensive picture of card fraud in the UK has been revealed as experts in the fight against credit card crime reveal the true extent and nature of the problem facing innocent consumers and retailers. More...

DNS Exploit Means Quick Patches Are Critical

Researchers have released software that exploits the recently leaked flaw in the Internet's Domain Name System (DNS) software. That may mean IT admins are in for a long weekend of implementing and testing the patch. More...

RU SIRIUS interviewed Bruce Schneier

Click here for transcript

Phishing up 180 percent in six months

According to APACS, the UK payments association, the number of people banking online has risen by 505 percent in the last seven years. However, in just the last six months alone the number of reported phishing incidents has risen by 180 percent in the UK. More...

Hackers might have got hold of critical flaw in internet

DNS is used by every computer that links to the Internet and works similar to a telephone system routing calls to proper numbers, in this case the online numerical addresses of websites. More...

Social networking sites a bonanza for spammers

Web sites for career networking are proving a virtual bonanza for cybercriminals. As the users of corresponding social network platforms often reveal many personal details, the pages provide a rich source for spammers to gather data. More...

6 Jailed In Metro Farecard Scheme

The thieves traded in counterfeit paper Farecards in Metro Farecard machines to receive legitimate ones, or used the counterfeit ones to add value to electronic SmarTrip cards, officials said. More...

Security Flaws Widespread in Online Banking

More than 75 percent of the bank Web sites surveyed in a University of Michigan study had at least one design flaw that could make customers vulnerable to cyber thieves after their money or even their identity. More...

From Traditional Anti-Virus to Security-as-a-Service

What was once a market consisting of very few players has evolved into a multi-billion dollar enterprise consisting of dozens of companies with huge assortment of anti-virus products varying in focus and quality. More...

iPhone vulnerable to phishing, spamming flaws

By creating a specially crafted URL, and sending it via an email, an attacker can convince the user that the spoofed URL, showed in the mail application, is from a trusted domain (e.g. Bank, PayPal, Social Networks, etc.). More...

Software makers should take responsibility

Security professionals are quick to blame users who don't use the latest update and install every patch. "Keeping up is critical for security," they say, and "if someone doesn't update their system, it's their own fault that they get hacked." More...

No excuses -- encrypt all laptops

Every year, more than 5,000 laptops are lost in taxis in London, New York, Chicago and other large cities. According to our research, in 2008 companies' topmost security investment was laptop encryption. More...

Casting a net for spear phishers

Spear phishing is a targeted form of cyber crime whereby e-mail messages appear to come from a highly trusted source, such as someone in a position of authority in the recipient's own organization. More...

No URLs in Recent Phishing Attempts

A run of the mill phishing attempt involves the user receiving a spam message that directs that user to a phishing site. More...

DHS seeks cybersecurity capability info

DHS asked companies interested in assisting with ongoing efforts to reduce the number access points that agencies use to connect to the Internet and efforts to further monitor and analyze agency networks to submit their qualifications by July 22. More...

THE QUIXOTIC QUEST FOR INVULNERABILITY

ASSESSING THE COSTS, BENEFITS, AND PROBABILITIES OF PROTECTING THE HOMELAND. An Interesting paper. Click here

New worm transcodes MP3s to try to infect PCs

A new kind of malicious software could pose a danger to Windows users who download music files on peer-to-peer networks. More...

Don't let spammers get your cell number

Text messaging has become a huge phenomenon, with upwards of 45 million text messages flying between cellphones and BlackBerrys every day. More...

Internet flaw could let hackers take over the Web

Major software and hardware makers worked in secret for months to create a software "patch" released on Tuesday to repair the problem, which is in the way computers are routed to web page addresses. More...

Cyber Security: 'It's What We Don't Know that Worries Us'

This is the message from the current and past chairmen of the Financial Services Sector Coordinating Council for Critical Infrastructure Protection and Homeland Security (FSSCC). More...

I've Seen the Future, and It Has a Kill Switch

It used to be that just the entertainment industries wanted to control your computers -- and televisions and iPods and everything else -- to ensure that you didn't violate any copyright rules. But now everyone else wants to get their hooks into your gear. More...

Understanding the Web browser threat

I found the link to this interesting paper on Bruce Schneier's blog. Very interesting.

HMRC warns of phishing tax rebate scam

The scam involves an 'official-looking document asking for bank or credit cards details so that HMRC can make a repayment of overpaid tax. More...

SMS Phishing On the Increase

Technology is used to protect people and companies against fraud but unfortunately it can also be used to assist fraudsters during a scam, especially when certain technologies are used widely among businesses to send communications. More...