Malware On The Run

July 17, 2014 — Leave a comment

According to the recent findings of the Anti-Phishing Group more than one third of all world’s computers could have been infected with some form of malware by now. Who or what is responsible for this unprecedented malware explosion? Well, the things have changed immensely in the meantime.

Not so long ago you had only one virus, which attacked thousand computers. Nowadays, you thousands and thousands of completely different types of viruses, which attack only one computer. This was a rather simplified illustration of the problem, but very nice one for you to get the right picture.

Here is one more thing to contribute strongly to the dawn of the malware rule. The catch is to do your thing without being detected in the first place. Compared to the “traditional” viruses the modern day malware may cause less damage, but they are extremely hard to be detected by the anti-virus programs.

So, what can we do about it? There is a good news in this endless pessimistic sea filled with trouble. The modern day malware always knocks at your device’s door. This way or another you take part in your own IT doom, if you are not careful enough. Think about it.

Bank Fraudsters World Cup

July 15, 2014 — Leave a comment

It seems that the German football team was not the only trouble to hit the Brazilians this summer. While they were watching their national team’s unparalleled embarrassment, there were some busy little bees with no interest in football at all. So, what happened?

Well, the most popular online banking system in Brazil called Boleto Bancario suffered a serious damage as a result of a malware doings. Unfortunately, the hackers picked up the moment of the greatest possible vulnerability. Yes, they were working like crazy during a match between Brazil and Germany.

As a result Brazilians lost a little bit of their national pride, and a lot of their money. Now, they have to fight back the ugly memories and unwanted financial losses. Could all of these been prevented in the first place? Well, you can eliminate a threat, but you can certainly diminish it.

Can we predict something like this? Absolutely, you do not have to be a rocket scientist to expect that major events attract major security threats with a magnetic force. Someone has to be always on a watch. If we have to watch a game, our software solutions certainly do not have to.

The Philippino Storm

July 15, 2014 — Leave a comment

This one you have to hear. It seems that the Internet frauds are as efficient as we are willing to believe them. Yes, they are that simple and shameless, because sometimes we can be so naive that it hurts. So, here goes our story. We are talking about a group of scammers from China and Taiwan.

The Philippines were their base of operations, but they were targeting their countrymen in this case. The funny or sad part of this story is that they were able to convince their victims that the bank accounts used, were under a tremendous jeopardy. What happened next?

Believe it or not, these poor people bought their story that the safest way for them to save the money was to transfer to this group. Maybe, you do not have to be a rocket scientist to learn some hacking 101. But, to be able to convince people about this one is really a magical manipulation.

So, why did they choose to operate from the Philippines? Well, someone told them that there they will be safe from prosecution there. It was their turn to be ridiculously naive. What is the moral of this story? Do not worry about hackers do your best to detect liars on time.

Emergency Surveillance Laws. Invisible Claws.

July 14, 2014 — Leave a comment

Is not this a crazy world we live in? In the USA the Supreme Court orders the police to keep their hands away from your smartphone. On the other side of the ocean, the UK lawmakers are busy little bees. In a blink of an eye, they have passed some important data surveillance laws.

The bloody attacks in London were the very trigger for the UK security plans. It has not been an easy thing to make telecommunication companies and Internet providers to keep a record of data for as long as it may be necessary for the police. And, now you have it the main boxing event privacy vs security.

Security and police officers in the UK can access your phone data and Internet records more easily. And, there is not too much you can do about it. To make things even worse this story is the stubbornness of both parties. Both privacy and security protectors feel strong about their causes.

And yes, they want more authority. What does it mean? A little bit of less warranty requirements can improve our security. We all know where this one leads, don’t we? There has to be some compromising solution, but it seems we cannot find it for the time being. Until then, stay safe and eyes open all the time.

Cyber Terror. Human Error.

July 13, 2014 — Leave a comment

According to the recent findings of the Ponemon institute for “The State of Data Centric Security” human errors and attitudes remain to be the biggest problem for the adequate IT security. The statistical percentages in this field are simply too depressing and discouraging to handle.

Although, the companies which took part in this survey recognized the threats and even suffered from cyber-attacks, more than 60% of them missed to take a serious action about it. Really hard to believe, and almost impossible to justify. There are so many excuses to simply paralyze all your efforts instantaneously.

We do not have enough qualified personnel. Our budget is limited. Other projects are our priority right now. We do not have time to do it right now. Do these excuses sound.familiar to you? What kind of a catastrophic damage we have to suffer from in order to come to our senses?

We can create a state of the art security solution all in vain. What is the use, if there is no one to use it properly or on time? Unfortunately, a human error still remains to be cyber-cryme’s most helpful ally. What do we have to do to change all of that? Think about it. Will you?

Are You Talking To My Smartphone?

July 12, 2014 — Leave a comment

This is how it should be done. No warrant – no smartphone. According to the Supreme Court’s decision police will not longer be able to examine the very content of your smartphone without a proper warrant. Well, it is about time. This news is much more serious than you might have thought.

Here is a name of case, which started an entire avalanche in this story, Riley v. California. The person from this case with a name Riley got himself convicted for a murder based on the evidences found by the police in his smartphone. The Supreme Court Judges were prety much determined about this one.

For them modern smartphones were much more than one additional gadget at our disposal. They have a greater legal potential in terms of evidences compared to your wallet or purse, for instance. No one can enter your home without a warrant, and no one can examine your smartphone without a warrant.

This is quite an unexpected, but extremely important recognition, which will definitely shake things a little bit. Police will from now on think twice once they get their hands on your smartphone this way or another. We have just won a battle in an endless war for our privacy.

A Phishing Season is Open

July 10, 2014 — Leave a comment

It seems, that the guys at the Anti-Phishing Working Group (APWG) were busy little bees. They gave us some cold shower data for the first quarter of this year. The phishing activities have apparently reached the 10% increase in this period. Have not we thought something out of it?

The business is going well for the phishing industry. What do you know they have even decided to spread their activities. For some time, we thought that the phishing targets will only be major financial and bank related websites. Unfortunately, nowadays you can easily get caught on some grocery chain’s website.

There is one more intriguing fact in this story. More than one half of all phishing websites in the world are located in the USA. On the other hand, the absolute majority of all victims comes from the USA, as well. Do not get the wrong idea that the phishing is mainly the US domestic problem.

New problems definitely ask for new genuine solutions. We should do something about it, but what exactly? That is not quite sure for the moment. Here is a challenge worth accepting for the IT security industry. We need a hero, who will bring down the phishing threat to zero.

The “CosmicDuke” Hits Like A Nuke

July 9, 2014 — Leave a comment

What do you know even the viruses have to be updated every now and then. It seems that the “white software” rules apply more or less in the same way for the “black software”. So, what happened? Well, the former MiniDuke has evolved into a CosmicDuke. And, that is only the beginning of this story.

According to the findings of Kaspersky Lab experts, we can expect improved features of this espionage Trojan. In addition, for these particular purposes hackers were willing to cooperate and even share the source codes among themselves. Apparently the CosmicDuke has borrowed, some things from an older malware guy called Cosmu.

This malware has a remarkable one.decade long history. It definitely has some useful materials to contribute in CosmicDuke’s unlawful quest. The funny thing about this one, though, is that the priorities have changed. While MiniDuke was targeted specifically the governments, its younger version CosmicDuke has different objectivess.

As a matter of fact, the CosmicDuke has a specific target group, which includes people involved in the distribution of hormones and steroids. Therefore, there are some rumors that a pharmaceutical industry is responsible for the very birth of the CosmicDuke. How about that for a change?

High-level Talks. High-level Hacking.

July 8, 2014 — Leave a comment

Well, when it comes to this one we are not surprised at all. For the next high-level talks between the USA and China the issues associated with the IT security will not be treated as the secondary ones. It seems that the time has finally come to treat IT security with some decent respect it truly deserves.

So, what seems to be the problem here? Maybe it is better to ask, are there any areas which are not under the heavy burden of extremely compromised IT security? Hacking, Internet censorship, corporate data theft, cyber espionage, and you name it, they certainlyy have on their list.

So, what can we expect? Well, if you think that the Chinese are going to apologize and correct all consequences of their previous wrongful doings, then you are at least saying naive. China is the only country in the entire world, which has the capacity to run an entirely independent Internet of their own.

Let us be realistic about this one for a change, shall we? To recognize these problems and give them a top priority shoulder to shoulder with other sensitive political, economy, and military related problems is undoubtedly an impressive achievement. Let us hope they can do a little bit more than just talking and smiling for the cameras.

Hackers Hollywood

July 7, 2014 — Leave a comment

How real and accurate are the Hollywood movies about hackers and hacking? What is your favorite one? Here are some interesting choices and recommendations mentioned by Dark Reading, which specializes for the security issues and news. It is not only enough to mention hacking, the whole movie has to be about it.

Disney’s Tron and Tron Legacy were definitely all about it. Although, we have to add, this was rather a simplified and romantic story about cyber pirates of the modern age. There is one move worth of our attention in this matter. Swordfish with John Travolta. Nevertheless, this movie was not about him at all from the IT perspective.

With all due respect to IT experts all over the world Hugh Jackman was too good looking for a hacker. You simply do not have computer gigs, who look like models. For what is worth, the timeless classic WarGames is still the number one representative for Hackers Hollywood. Its story is far from outdated, as well.

Last but not least, there are so many documentaries, which do not fit strictly into this category, but provide a nice inside view into the world of hackers. For the time being, Hollywood has some troubles of its own. They are still making a movie about online piracy, if you know what we mean.

IMELA Software Blog

4 out of 5 dentists recommend this WordPress.com site

IT Security