YourITDepo Archives

All Platinum Categories

  • Security
  • Service

    All Platinum Tags

    Archive for October, 2011

    Malware Attacks Increasing Through Malicious Online Advertising

    Posted on Wednesday, October 5th, 2011

    Popular websites, blogs and ad networks are fast becoming the preferred means of cybercriminals, identity thieves, and hackers to steal consumer information and distribute malicious content.

    The most common attacks today are made possible by Web site / server hacks, against which publishers, with the exception of their off-site links, are probably best protected, and by user-contributed content, advertising and cross-site widgets.

    However, virtually none of these Web sites or advertising companies has an effective means to uncover and identify the “drive-by” downloads, malicious software, and other fraudulent content that infect their properties through the plethora of user-contributed pages and the stream of advertising that is added to their sites on a daily basis.

    In May, digital advertising technology company, the Rubicon Project, revealed some insight into emerging industry trends and market shifts that occurred in the first quarter of 2010 in its Online Advertising Market Report series.

    The report showed that with the continued growth in online advertising, there is also an increasing trend in online threats through “malvertising,” a growing method used to distribute malware via advertising tags served through an unsuspecting publisher’s Web site, blog comments, forums and other forms of user generated content, allowing cybercriminals to create content that used to carry out a wide range of malicious attacks.

    Google, in response to the increasing level of threats, setup,  a Web site they call an “Investigative Research Engine.” The site, setup in June 2009, checks a variety of independent, third party sites that track possible attempts to distribute malware through advertising and serve as a resource to educating Internet users, ad network operators and publishers about the problems. Google also employs a “Head of Anti-Malvertising,” Eric Davis, who has been in the role since 2008.

    “For publishers, advertising is about making money, but malicious ads change the equation. Publishers need better solutions to protect their customers from malvertising and the potential for malicious content on their Web sites,” noted Rob Lipschutz, co-founder and CEO of SiteScout, a company acquired by the Rubicon Project in May 2010 that helps protect publishers against malicious ads and other dangerous Web content. “The advertising ecosystem faces a stiff challenge and the problem is widespread and found in both direct advertising as well as more distributed ad networks. New ad formats also make the problem increasingly complex.”

    Many of the digital ad serving platforms being used today were developed over a decade ago and not designed to cope with today’s massive volume of transactions from buyers and sellers around the world, creating a constant stream of new vulnerabilities in the system.

    Advertisers and agencies often utilize “third party ad tags”, allowing them to control and monitor their ads which removing the ability for publishers to be able to control what ads are served. With larger publishers, ad networks and exchanges having thousands of different ad tags running at any given time, monitoring all campaigns and creative being served is a challenge. These disparate systems have had no universal quality control because nothing is tied together, driving the need for automation and technology innovation to eradicate the vulnerabilities of this process.

    The need is clear for a solution aimed at publishers and advertising companies, the producers of content, rather than end-users, that provides visibility and advanced protection against the new kinds of attacks to prevent direct loss of revenue or risk to brand (leads to loss of revenue). In January, the Rubicon Project launched Rubicon Security, its first foray into protection against malware attacks on publisher customers’ sites. Combined with the acquisition of SiteScout,  the Rubicon Project has established a comprehensive solution to help combat malvertising within its platform.

    Dasient, another company that protects businesses from web-based malware attacks, provides a Web Anti-Malware (WAM) service that can automatically identify and quarantine malware on websites, helping businesses avoid losses of traffic, reputation, and revenue.

    The issue of malware will only increase as a key risk to publishers’ advertising businesses – and to the consumers driving those businesses – in the months ahead.

    Posted in Security by | Comments Off on Malware Attacks Increasing Through Malicious Online Advertising

    HTC confirms hole in its Android phones

    Posted on Tuesday, October 4th, 2011

    HTC on Tuesday confirmed a gaping vulnerability in its Android phones that could be exploited by a third-party to steal personal information from users.

    The company said it was not aware of any customers yet impacted by the flaw, but that it was “diligently” working on a fix.

    “Following a short testing period by our carrier partners, the patch will be sent over-the-air to customers, who will be notified to download and install it,” the statement said.

    The flaw, affecting several HTC Android smartphone models, was discovered by researcher Trevor Eckhart, who alerted the company about it on Sept. 24 and received no response for five days before going public with the issue on Friday, according to the blog AndroidPolice, which first reported the news.

    The bug stems from a recently added program, HTCLoggers.apk, which logs large amounts of information from the phones, according to Eckhart. The program enables any third-party app that requests permission to connect to the web to easily access data that has been logged. This information includes user accounts, email addresses, GPS locations, SMS data, phone numbers and system logs.

    HTC Android phones, including the EVO 3D, EVO 4G and Thunderbolt, among others, are affected, Eckhart said.

    In its statement, HTC advised customers to “use caution when downloading, using, installing and updating applications from untrusted sources.”

    Posted in Security by | Comments Off on HTC confirms hole in its Android phones

    Malicious security assaults increased 650% in past five years, Feds say

    Posted on Tuesday, October 4th, 2011

    Cybercriminals and other villains intent on stealing all manner of personal and government data are bombarding federal government agencies.

    Over the past 5 years, the number of incidents reported by federal agencies to US-CERT (United States Computer Emergency Readiness Team) has increased from 5,503 incidents in fiscal year 2006 to 41,776 incidents in fiscal year 2010 —
    including a more than tripling of the volume of malicious software since 2009 — an increase of over 650%, according to a Government Accountability Office security report out this week.

    US-CERT aggregates and disseminates cybersecurity information to improve warning and response to incidents, increase coordination of response information, reduce vulnerabilities, and enhance prevention and protection, the GAO added.

    “Reported attacks and unintentional incidents involving federal systems and critical infrastructure systems demonstrate that a serious attack could be devastating. Agencies have experienced a wide range of incidents involving data loss or theft, computer intrusions, and privacy breaches, underscoring the need for improved security practices,” the GAO stated.

    The good news is perhaps that according to US-CERT, the growth in the gross number of incidents is attributable, at least in part, to agencies improving detection of security incidents on their respective networks, and then possibly implementing appropriate responsive and preventative countermeasures, the GAO stated.

    Agencies reported the following types of incidents are occurring frequently:

    • Unauthorized access: Gaining logical or physical access to a federal agency’s network, system, application, data, or other resource without permission.
    • Denial of service: Preventing or impairing the normal authorized functionality of networks, systems, or applications by exhausting resources. This activity includes being the victim of or participating in a denial of service attack.
    • Malicious code: Installing malicious software (e.g., virus, worm, Trojan horse, or other code-based malicious entity) that infects an operating system or application. Agencies are not required to report malicious logic that has been successfully quarantined by antivirus software.
    • Improper usage: Violating acceptable computing use policies. Scans/probes/attempted access: Accessing or identifying a federal agency computer, open ports, protocols, service, or any combination of these for later exploit. This activity does not directly result in a compromise or denial of service.

    Posted in Security by | Comments Off on Malicious security assaults increased 650% in past five years, Feds say

    Facebook actually does something about malware links.

    Posted on Monday, October 3rd, 2011

    Facebook is adding a Websense Web link blacklist service to its arsenal of  defenses designed to protect users from clicking on links that lead to sites  hosting malware.

    The social-networking site will be using Websense ThreatSeeker Cloud  service, which warns people when they click on a link on Facebook that could be  malicious, the companies announced today. Facebook will start rolling out the  service today.

    The partnership follows one that Facebook announced in May with the free Web of Trust  safe surfing service. Facebook also has its own blacklist. The larger the pool  of blacklists the better the chances users will be protected from malware,  basically.

    When users click on a link, the online blacklist databases are checked to  see if the link is flagged. If the link is deemed unsafe, users will see a  warning and be given the option of ignoring the alert, returning to the previous  page, or getting more information.


    Posted in Security by | Comments Off on Facebook actually does something about malware links.