Conficker: ‘Headless Botnet’ Still Infecting Windows Users

Researchers say the notorious Windows worm has created a “headless botnet” – but one that continues to maintain a hold of millions of computers. A year after the infamous April 1 doomsday deadline, the investigation into the masterminds of the worm continues.

Read the rest of this article at eWeek

Identity Crisis?

What if confidence in a person’s identity were eroded to such a degree that it became impossible to prove who you are anymore?

If trust were eroded to such an extent that no one had the confidence necessary to trust a “proof” of identity, what would be the outcome? Would the local and even global financial system collapse as the risk of lending became too great? Would the world of online consumer commerce carry on regardless, asserting that “reception of funds is sufficient proof to ship” thus furthering the crisis of confidence as everyone’s bank accounts became a public and shared utility?

Read the rest of this article at Rik Fergusons blog

Apple IPad Hits Stores in the US

Apple Computer on Saturday started selling the iPad tablet, a handheld device through which users can view movies, surf the Internet, read e-books and play games.

Lines formed outside the Apple store in New York with customers eager to purchase the product, which is one of the most hotly anticipated devices since the iPhone was launched in 2007. The lines weren’t as long as they were for the iPhone, but buyers seemed ecstatic after getting the iPad in their hands.

Read the rest of this article at  PCWorld

Will Feds Use Letter Sent by Sovereign Citizen Group to Stage False Flag?

“…the government is looking for the right situation in order to crack down on the patriot movement. The establishment is infamous for staging fake terror and criminal events as a pretext to take drastic action against those who oppose their plans.”

Read the rest of the article at PrisonPlanet

Flawed Assumptions in the Albert Gonzalez Case

As attorneys and retailers argued recently about the sentencing and secrecy of Albert Gonzalez’s criminal empire, various fundamental retail realities were forgotten.

Consider, for example, arguments on both sides that JCPenney and Wet Seal would have their stock prices seriously hurt if word of their involvement leaked out. The federal judge overseeing that discussion said any stock impact from the retailer’s own doing, but he neglected to point out that there is absolutely no reason to believe that there will be any stock impact.

Read the rest of this article at CBS news

Until next time — Stay safe online!

Serial killer Fred West created a Facebook Fan Page for Graham Cluley  – should he be worried?

Two years ago someone posted a mock up photograph of Graham (Security expert from Sophos) along with offensive materials on Facebook indicating that he might be a pedophile.

As a consequence of the perpetrators actions some people threatened to burn down Graham’s house and even issued a death threat against his wife.

Read the rest of this article at Graham Cluley’s Blog and don’t forget to watch the video.

IRS uses Facebook, Twitter for tax audits
Government uses social networking sites for investigations

Advocacy group the Electronic Frontier Foundation has obtained documents showing how law enforcement agencies and the Internal Revenue Service are gathering information from social networking sites for their investigations.The documents were obtained via a Freedom of Information Act (FOIA) lawsuit filed last December by the EFF and the University of California, Berkeley’s Samuelson Clinic. The lawsuit was filed against six federal agencies and sought information on their use of social networking sites for data collection and surveillance purposes.

Read the rest of this article at computerworld

Mafia don suspect tracked down via Facebook
Capo gets poked and cuffed

Italian police successfully used Facebook to track down a Mafia suspect.

Pasquale Manfredi, 33, who reportedly calls himself Scarface and allegedly runs the ‘Ndrangheta mafia, was captured in Calabria using intelligence gleaned from the social networking site. Manfredi, who used the alias Georgie on Facebook, is suspected of using social networking to exchange coded instructions and stay in contact with other mobsters.

Manfredi, who was caught despite attempting to flee across the roof of an apartment building, faces charges of murder and drug trafficking, the BBC reports.

Read the rest of this article at The Register

Cybercrooks use anti-piracy tools to protect malware
Anti-piracy provisions similar to those of Microsoft’s Windows are being used to protect Zeus an anti-piracy kit responsible for millions of dollars in losses to businesses and consumers.

The newest version of Zeus, a do-it-yourself crimeware kit responsible for millions of dollars in losses by consumers and businesses, comes with anti-piracy provisions similar to those used by Microsoft’s Windows, a researcher said today.  And that’s a good thing.

Like Windows, Zeus 1.3 ties itself to a specific computer using a key code based in part on the machine’s hardware configuration, said Kevin Stevens, a security researcher with Atlanta-based SecureWorks, and a co-author of a report on Zeus published last week. “It’s just like a Windows licence,” said Stevens as he explained how the key code is generated.

Read the rest of this article at itbusiness.ca

Computer forensics tool for banks aims to trace Trojans

Transaction security firm Trusteer has launched a remote forensics service designed to allow banks to diagnose if a client’s PC has been infected with malware following incidents of suspected fraud.

The Flashlight service is designed to allow strains of malware to be quickly identified without having to physically examine a possibly compromised computer. The service can also be used to collect samples, identify cybercrime command servers and block further attacks.

Read the rest of this article at The Register

DroidSecurity Selected by 10,500 Users Within 24 Hours of Malware Found on Mobile Phones

DroidSecurity, a pioneer in smartphone security, today announced that 10,500 new users downloaded their mobile device security solution within 24 hours of the discovery of the Conficker and Mariposa viruses on new Vodafone HTC Magic smartphones. DroidSecurity customers were preemptively protected against the malware through its cloud-based malware detection technology.

The Android-based Vodafone HTC Magic smartphone was sold with the Mariposa and Conficker viruses pre-installed. Once a user plugs the smartphone into a PC using a USB connection, the malware immediately phones home to the malware writer, steals personal information and the system is converted to a bot. A Lineage password stealer was also found on the device. Specifically, the autorun.inf and autorun.exe files were infected.

Read the rest of this article at BUSINESS WIRE

Until next time — Stay safe online!

Twitter hack claimed by Iranian group

The hack that occurred on Twitter itself is significant beyond any wider political motives. It shows that what is the world’s fastest growing communication network is rather insecure.

Being able to change the DNS records of a website means that rather than simply redirecting users to a vanity page identifying the hack, hackers could actually have redirected people to a site that looked rather like Twitter itself.

In a similar way to phishing attacks that mimic online bank accounts, the hackers could have encouraged users to login, thus revealing usernames and passwords.

Expert Rik Ferguson of Trend Micro told me: “One has to wonder how quickly the attack would be noted if the dummy site was an exact replica of the victim and was simply there to harvest credentials and redirect the user then into the real site.  The hack that occurred on Twitter itself is significant beyond any wider political motives. It shows that what is the world’s fastest growing communication network is rather insecure.   –channel4news

Twitter: @channel4news |  @rik_ferguson

Web-Based Worms: How XSS Is Paving the Way for Future Malware

I first became aware of cross-site scripting (XSS) nearly a decade ago. At the time, despite being an all too prevalent bug in Web applications, the risk posed by the flaw was of limited value. It was the go-to vulnerability for any pen tester that was having trouble digging up a meaningful vulnerability to add to his audit report.

That has all changed now. Today, XSS represents a meaningful threat — a threat that is not only leveraged by attackers to harvest authentication credentials, but also is enabling a new generation of malware in the form of Web-based worms.

Depending upon whom you listen to, the statistics may be different, but virtually all agree that XSS remains the most prevalent Web application vulnerability that we face today.  –TechNewsWorld

@technewsworld on Twitter

Cisco gives Zeus, Koobface and Conficker awards

Zeus is the most audacious criminal operation of the year and Koobface the most notable criminal innovation, according to Cisco’s Annual 2009 Security Report. On a positive note, the cybercrime sign of hope award goes to the Conficker Working Group.

Cisco Systems Inc. presented its first-ever Cybercrime Showcase awards as part of its 2009 Annual Security Report, released Tuesday.

Zeus: the most audacious criminal operation – Designed for information stealing and specializing in online banking fraud, Zeus is a shrink-wrapped piece of malware that any criminal is able to buy, explained Henry Stern, senior security researcher at Cisco. Some vendors are selling it as service for about $700 a month, he said.

Koobface: the most notable criminal innovation – Koobface is a piece of malware that takes over a user’s social networking account, explained Stern. “As soon as you get infected, it will send messages to all of your friends and it will try to lure them into becoming infected as well,” he said. –ITWorldCanada

@itworldca on Twitter

New Facebook Privacy Settings Under Fire

Facebook is making major changes to its privacy settings, giving you the opportunity to share your personal information with “everyone” on the Internet. But is that wise?

Facebook’s huge user base is signing onto their favorite social network today, and viewing an important message.

They’re being encouraged to review their privacy settings, as Facebook effectively encourages its 350 million users to share more information with everybody on the Internet.

The worry is, of course, that Facebook’s recommendations may be in the best interests of Facebook — but they may not necessarily be in the best interests of all of its users.     –DarkReading

Twitter: @DarkReading |  @Gcluley

Until next time — Stay safe Online!

According to Wikipedia “Conficker, also known as Downup, Downadup and Kido, is a computer worm targeting the Microsoft Windows operating system.”

As a computer owner, it is up to each one of us to insure that we are not adding to the global security threat and turning our computers into hosts for cybercrime.  By patching our operating systems and following recommended precautions and procedures — we need to take computer ownership and security threats seriously.

Q: What are the recommended precautions and procedures that a computer owner should take in order to avoid contracting Conficker?

Five Step Conficker-Wiggle-2do-List:
The average home user should be able to get by with the first 3 steps!

1-    Always keep your operating system updated! Check that your operating system is set to auto-update.

Vista: Go to Start > All Programs > Windows Update
Install all critical and important updates and be sure to review installation history.

XP: Make sure that you have KB958644 installed.  Go to www.windowsupdate.com
And review installation history.

2-    Run good antivirus software and keep your antivirus definitions updated.

3-    Disable auto-run:

For Windows Vista Download the Ultimate Windows Tweaker (freeware Tweak UI Utility)

In the Tweaker go to Security Settings and checkmark disable autoplay for removable devices > Click on apply and reboot your computer for the changes to take effect.

For Windows XP download TweakUI XP

4- For the technically savvy geek within, block Conficker sites by editing the Windows host file!

You can go to MVPS to learn how to do this!  Next, utilize the list at dailycupoftech in step 4 to update your windows hosts file.

5- Last but not least on the Wiggle-2do-List, check in on a regular basis with the Conficker Working Group!

Until next time – Happy surfing!

More information coming soon – I’ve been busy!