MicroHelp, Inc.

Nasty Data-Stealing Bug Haunts Internet Explorer 8

MicroHelp — Sat, 04 Sep 2010 15:05:09 +0000

There's an unpatched vulnerability in Internet Explorer 8 that enables simple data-stealing attacks by Web-based attackers and could lead to an attacker hijacking a user's authenticated session on a third-party site. The flaw, which a researcher said may have been known since 2008, lies in the way that IE 8 handles CSS style sheets.

Shorten URL: . Click to copy to clipboard or post to Twitter

Former Employees a Rich Target in Social Engineering Contest

MicroHelp — Fri, 03 Sep 2010 21:40:53 +0000

The results of a hacking contest at the DEFCON conference shows that the largest U.S. corporations have a lot to learn. "If any of these targets had hired us to do a social engineering audit, we would have failed them," an organizer said.

Shorten URL: . Click to copy to clipboard or post to Twitter

Google Overhauls Privacy Policy

MicroHelp — Fri, 03 Sep 2010 19:54:50 +0000

Google is planning to overhaul its main privacy policy in an effort to make the document more readable and usable for normal people. In addition, Google also is eliminating privacy policies for some of its individual products and services, which it deemed redundant.

Shorten URL: . Click to copy to clipboard or post to Twitter

Long a Target, Sony’s PS3 Faces Pirate Onslaught

MicroHelp — Fri, 03 Sep 2010 19:23:22 +0000

A run on programmable USB boards suggests that an open source version of the recent PSJailbreak could make it tough for Sony to stamp out PS3 piracy.

Shorten URL: . Click to copy to clipboard or post to Twitter

New Threats Will Emerge in IPv6

MicroHelp — Fri, 03 Sep 2010 15:54:10 +0000

The countdown to the saturation of the IPv4 address supply is now down to a matter of months: and along with the vast address space of the next-generation IPv6 architecture comes more built-in network security as well as some new potential security threats. Read the full article. [Dark Reading]

Shorten URL: . Click to copy to clipboard or post to Twitter

New Survey Scams In Apple’s iTunes Social Network

MicroHelp — Fri, 03 Sep 2010 15:51:31 +0000

Spammers have been quick off the mark in exploiting Apple's new iTunes social network to punt survey scams. Read the full article. [The Register]

Shorten URL: . Click to copy to clipboard or post to Twitter

Users Still Making Life Easy for Scareware Crews

MicroHelp — Fri, 03 Sep 2010 14:50:21 +0000

Scareware and rogue AV programs have enjoyed a very good run in the last few years, making millions of dollars for their creators and generally making life miserable for victims. And while there's been some innovation recently in the mechanisms attackers use to keep the programs resident on infected machines, researchers say that for the most part, users' lack of security savvy and laziness about updating their PCs essentially obviates the need for the use of novel techniques to make these scams work.

Shorten URL: . Click to copy to clipboard or post to Twitter

The Winlock numbers, the Winlock laws

MicroHelp — Fri, 03 Sep 2010 12:48:00 +0000

While Eugene’s busy taking bets (wonder how much he’s going to make?), I’ve been having a think about the Winlock case.

Russian law enforcement is estimating that the bad guys could have raked in as much as $1 billion. While it’s difficult to be certain about the exact amounts involved (obviously they spread their money across a lot of different accounts to avoid attracting attention), a little bit of simple math makes me think this figure isn’t as crazy as it might sound.

Our statistical analysis tells us there could be around a million people who’ve been infected. 10 cybercriminals, each getting a cut of a ransom between $10 and $30 - even though they were paying out $3 per infection to the people willing to spread this malware, the numbers add up pretty quickly.

Understanding Current Trends in the Fake Anti-Virus/Scareware Ecosystem

MicroHelp — Thu, 02 Sep 2010 21:35:00 +0000

The cyber-criminal groups behind fake anti-virus (scareware/rogueware) infections have run into some significant roadblocks over the last few years, but there is much more to the overall story.

Some groups have been arrested. Some have had their operations and entire call support centers
shut down.

Some groups attracted too much attention, picked off
the low hanging fruit and eventually walked away from their botnets.

In some cases, the groups just weren't very skilled
at developing anti-anti-malware techniques, blackhat SEO, and malware distribution. They couldn't keep up with the changes in anti-malware technologies,
weren't exactly dedicated to the effort, and simply fell off the map.

However, some of the remaining scareware distribution gangs upped the ante and are aggressively developing difficult-to-detect polymorphic installers and difficult-to-remove support components. And the newest of these malware components include some of the first ITW 64-bit malware components to be taken seriously. But, for the most part, the scareware program itself remains the same. The development continues to change and progress, all for the purpose of evading anti-malware solutions and helping coerce the end-user to pay for the fake product, including support/rootkit components like TDSS (and its extreme complexities) or the more recent Black Internet (also known as "Trojan-Clicker.Win32.Cycler") support/rootkit components. These complex Mbr infectors and other rootkit components meant to maintain money-making scareware on the system are signs of this somewhat extreme development effort.

Microsoft Releases New Version of EMET Exploit Mitigation Toolkit

MicroHelp — Thu, 02 Sep 2010 18:54:26 +0000

Mitigation has become the word of the moment at Microsoft, and the company on Thursday continued its recent flow of tools designed to lessen the effectiveness of certain attacks with the release of version 2.0 of its Enhanced Mitigation Experience Toolkit.

Shorten URL: . Click to copy to clipboard or post to Twitter