2011 expected in increased of security threats on mobile devices

Security firm McAfee believes that Apple products, mobile devices and social media services will be at the top of the list of targets for cybercriminals in 2011.

"We've seen significant advancements in device and social network adoption, placing a bulls-eye on the platforms and services users are embracing the most," said Vincent Weafer, senior vice-president of McAfee Labs in a statement to the press.

Platforms and services that rose to popularity in 2010 will be at the forefront of the attacks, says McAfee.
Google's Android OS, Apple's iPhone, Foursquare, Google TV and the Mac OS X platform are on cybercriminals' radars says McAfee.


"These platforms and services have become very popular in a short amount of time, and we're already seeing a significant increase in vulnerabilities, attacks and data loss," said Weafer.

URL-shortening services are at the top of the security company's threat predictions for 2011 thanks to their use on social media sites like Twitter and Facebook.

"The use of abbreviated URLs on sites like Twitter makes it easy for cybercriminals to mask and direct users to malicious websites," explains McAfee.

"With more than 3,000 shortened URLs per minute being generated, McAfee Labs expects to see a growing number used for spam, scamming and other malicious purposes." Geolocation services are an easy target too.

The services make it easy for strangers to search for lucrative (for cybercriminals) information such as users' location, interests, and operating systems.

McAfee believes that rise in popularity of both sophisticated mobile OS's and the Mac OS means these platforms will no longer fly under the radar.

"The popularity of iPads and iPhones in business environments, combined with the lack of user understanding of proper security for these devices, will increase the risk for data and identity exposure, and will make Apple botnets and Trojans a common occurrence."

2011 expected in increased of security threats on mobile devices

Security firm McAfee believes that Apple products, mobile devices and social media services will be at the top of the list of targets for cybercriminals in 2011.

"We've seen significant advancements in device and social network adoption, placing a bulls-eye on the platforms and services users are embracing the most," said Vincent Weafer, senior vice-president of McAfee Labs in a statement to the press.

Platforms and services that rose to popularity in 2010 will be at the forefront of the attacks, says McAfee.
Google's Android OS, Apple's iPhone, Foursquare, Google TV and the Mac OS X platform are on cybercriminals' radars says McAfee.


"These platforms and services have become very popular in a short amount of time, and we're already seeing a significant increase in vulnerabilities, attacks and data loss," said Weafer.

URL-shortening services are at the top of the security company's threat predictions for 2011 thanks to their use on social media sites like Twitter and Facebook.

"The use of abbreviated URLs on sites like Twitter makes it easy for cybercriminals to mask and direct users to malicious websites," explains McAfee.

"With more than 3,000 shortened URLs per minute being generated, McAfee Labs expects to see a growing number used for spam, scamming and other malicious purposes." Geolocation services are an easy target too.

The services make it easy for strangers to search for lucrative (for cybercriminals) information such as users' location, interests, and operating systems.

McAfee believes that rise in popularity of both sophisticated mobile OS's and the Mac OS means these platforms will no longer fly under the radar.

"The popularity of iPads and iPhones in business environments, combined with the lack of user understanding of proper security for these devices, will increase the risk for data and identity exposure, and will make Apple botnets and Trojans a common occurrence."

2011 expected in increased of security threats on mobile devices

Security firm McAfee believes that Apple products, mobile devices and social media services will be at the top of the list of targets for cybercriminals in 2011.

"We've seen significant advancements in device and social network adoption, placing a bulls-eye on the platforms and services users are embracing the most," said Vincent Weafer, senior vice-president of McAfee Labs in a statement to the press.

Platforms and services that rose to popularity in 2010 will be at the forefront of the attacks, says McAfee.
Google's Android OS, Apple's iPhone, Foursquare, Google TV and the Mac OS X platform are on cybercriminals' radars says McAfee.


"These platforms and services have become very popular in a short amount of time, and we're already seeing a significant increase in vulnerabilities, attacks and data loss," said Weafer.

URL-shortening services are at the top of the security company's threat predictions for 2011 thanks to their use on social media sites like Twitter and Facebook.

"The use of abbreviated URLs on sites like Twitter makes it easy for cybercriminals to mask and direct users to malicious websites," explains McAfee.

"With more than 3,000 shortened URLs per minute being generated, McAfee Labs expects to see a growing number used for spam, scamming and other malicious purposes." Geolocation services are an easy target too.

The services make it easy for strangers to search for lucrative (for cybercriminals) information such as users' location, interests, and operating systems.

McAfee believes that rise in popularity of both sophisticated mobile OS's and the Mac OS means these platforms will no longer fly under the radar.

"The popularity of iPads and iPhones in business environments, combined with the lack of user understanding of proper security for these devices, will increase the risk for data and identity exposure, and will make Apple botnets and Trojans a common occurrence."

McAfee uncovers riskiest domains

Red means danger. And orange offers plenty of risk, too.

(Credit: McAfee)

McAfee's third annual "Mapping the Mal Web" report, released Wednesday, looks at riskiest and safest domains across the globe. The small nation on the west coast of Africa reached the top spot this year with 36.7 percent of its sites posing a security risk. Because .cm is often a typo for .com, McAfee said, cybercrooks like to use that domain to set up typo-squatted sites to hit you with malware.You may want to think twice if you hit a site with a .cm extension. That belongs to Cameroon, pegged by McAfee as the world's riskiest domain.

The generic and widely used .com domain itself isn't much safer, according to McAfee, jumping from ninth last year to second this year in riskiness, with 32.2 percent of its sites potentially hazardous to your PC's health.

(Credit: McAfee)

Romania (.ro) is tagged as the riskiest domain for malicious downloads, with 21 percent of its sites delivering payloads of viruses, spyware, and adware. The information (.info) domain is seen by McAfee as the most "spammy," with 17.2 percent of its sites generating junk mail.

On the positive side, the government (.gov) is the safest generic domain with essentially 0 percent risk, while Japan (.jp) proved the safest country domain with a rating of only 0.1 percent. Last year's riskiest domain, Hong Kong (.hk) dropped to 34th place with a risk rating of only 1.1 percent, which McAfee attributed to the country's aggressive steps to stop scam-related domain registrations.

(Credit: McAfee)

"This report underscores how quickly cybercriminals change tactics to lure in the most victims and avoid being caught. Last year, Hong Kong was the riskiest domain and this year it is dramatically safer," Mike Gallagher, chief technology officer for McAfee Labs, said in a statement. "Cybercriminals target regions where registering sites is cheap and convenient, and pose the least risk of being caught."

Overall, looking at 27 million Web sites and 104 top-level domains, McAfee found that 1.5 million sites, or 5.8 percent, were risky. That's up from 4.1 percent from the past two years, although the comparison is not direct since McAfee said it changed its rating methodology since then.

McAfee noted that cybercriminals who create domains to scam people prefer registrars with cheap prices, volume discounts, and hefty refund policies. Crooks also like registrars with a "no questions asked" policy and that act slowly or not at all when informed of malicious domains.

Source : http://news.cnet.com/

McAfee uncovers riskiest domains

Red means danger. And orange offers plenty of risk, too.

(Credit: McAfee)

McAfee's third annual "Mapping the Mal Web" report, released Wednesday, looks at riskiest and safest domains across the globe. The small nation on the west coast of Africa reached the top spot this year with 36.7 percent of its sites posing a security risk. Because .cm is often a typo for .com, McAfee said, cybercrooks like to use that domain to set up typo-squatted sites to hit you with malware.You may want to think twice if you hit a site with a .cm extension. That belongs to Cameroon, pegged by McAfee as the world's riskiest domain.

The generic and widely used .com domain itself isn't much safer, according to McAfee, jumping from ninth last year to second this year in riskiness, with 32.2 percent of its sites potentially hazardous to your PC's health.

(Credit: McAfee)

Romania (.ro) is tagged as the riskiest domain for malicious downloads, with 21 percent of its sites delivering payloads of viruses, spyware, and adware. The information (.info) domain is seen by McAfee as the most "spammy," with 17.2 percent of its sites generating junk mail.

On the positive side, the government (.gov) is the safest generic domain with essentially 0 percent risk, while Japan (.jp) proved the safest country domain with a rating of only 0.1 percent. Last year's riskiest domain, Hong Kong (.hk) dropped to 34th place with a risk rating of only 1.1 percent, which McAfee attributed to the country's aggressive steps to stop scam-related domain registrations.

(Credit: McAfee)

"This report underscores how quickly cybercriminals change tactics to lure in the most victims and avoid being caught. Last year, Hong Kong was the riskiest domain and this year it is dramatically safer," Mike Gallagher, chief technology officer for McAfee Labs, said in a statement. "Cybercriminals target regions where registering sites is cheap and convenient, and pose the least risk of being caught."

Overall, looking at 27 million Web sites and 104 top-level domains, McAfee found that 1.5 million sites, or 5.8 percent, were risky. That's up from 4.1 percent from the past two years, although the comparison is not direct since McAfee said it changed its rating methodology since then.

McAfee noted that cybercriminals who create domains to scam people prefer registrars with cheap prices, volume discounts, and hefty refund policies. Crooks also like registrars with a "no questions asked" policy and that act slowly or not at all when informed of malicious domains.

Source : http://news.cnet.com/

McAfee uncovers riskiest domains

Red means danger. And orange offers plenty of risk, too.

(Credit: McAfee)

McAfee's third annual "Mapping the Mal Web" report, released Wednesday, looks at riskiest and safest domains across the globe. The small nation on the west coast of Africa reached the top spot this year with 36.7 percent of its sites posing a security risk. Because .cm is often a typo for .com, McAfee said, cybercrooks like to use that domain to set up typo-squatted sites to hit you with malware.You may want to think twice if you hit a site with a .cm extension. That belongs to Cameroon, pegged by McAfee as the world's riskiest domain.

The generic and widely used .com domain itself isn't much safer, according to McAfee, jumping from ninth last year to second this year in riskiness, with 32.2 percent of its sites potentially hazardous to your PC's health.

(Credit: McAfee)

Romania (.ro) is tagged as the riskiest domain for malicious downloads, with 21 percent of its sites delivering payloads of viruses, spyware, and adware. The information (.info) domain is seen by McAfee as the most "spammy," with 17.2 percent of its sites generating junk mail.

On the positive side, the government (.gov) is the safest generic domain with essentially 0 percent risk, while Japan (.jp) proved the safest country domain with a rating of only 0.1 percent. Last year's riskiest domain, Hong Kong (.hk) dropped to 34th place with a risk rating of only 1.1 percent, which McAfee attributed to the country's aggressive steps to stop scam-related domain registrations.

(Credit: McAfee)

"This report underscores how quickly cybercriminals change tactics to lure in the most victims and avoid being caught. Last year, Hong Kong was the riskiest domain and this year it is dramatically safer," Mike Gallagher, chief technology officer for McAfee Labs, said in a statement. "Cybercriminals target regions where registering sites is cheap and convenient, and pose the least risk of being caught."

Overall, looking at 27 million Web sites and 104 top-level domains, McAfee found that 1.5 million sites, or 5.8 percent, were risky. That's up from 4.1 percent from the past two years, although the comparison is not direct since McAfee said it changed its rating methodology since then.

McAfee noted that cybercriminals who create domains to scam people prefer registrars with cheap prices, volume discounts, and hefty refund policies. Crooks also like registrars with a "no questions asked" policy and that act slowly or not at all when informed of malicious domains.

Source : http://news.cnet.com/

IT Security Alert : Beware of "CONFICKER.C" Worm

The worm Conficker.C has been activated on 1st April 2009.

The worm when infects the PC will query about 30,000 websites for further instructions, thus when the PC queries 30,000 sites your Network most probably will be congested and users will be experiencing high latency in internet.

1. WHAT is the symptoms:

    So far, the worm is new, there's no unique signature, but basically, look for these:
   * task manager disabled
   * regedit disabled
   * user cannot view my network
   * network is up, but microsoft sites and all antivirus sites cannot be open


2. HOW to avoid..
 For Microsoft users,  please follow link below
 http://www.microsoft.com/technet/security/bulletin/ms08-067.mspx


3.HOW to clean the worms
     Refer to table below

Removal Instructions
Microsoft:  http://support.microsoft.com/kb/962007
Kaspersky:  http://support.kaspersky.com/faq/
BitDefender: http://www.bitdefender.com/VIRUS-1000462-en--Win32.Worm.Downadup.Gen.html
TrendMicro: http://www.trendmicro.com/vinfo/virusencyclo/default5.asp

To be able to access Anti-Virus vendors and SANS, Microsoft and others, from an infected Conficker.C machine, TrendMicro suggests to use "net stop dnscache" from the command line.
Sophos:  http://www.sophos.com/support/knowledgebase/article/51416.html

Removal Tools

Microsoft MSRT:  http://www.microsoft.com/security/malwareremove/default.mspx
F-Secure:  ftp://ftp.f-secure.com/anti-virus/tools/beta/f-downadup.zip
AhnLab:  http://global.ahnlab.com/global/file_removeal_down.jsp?filename=12371830475821&down_filename=v3conficker.zip
Symantec:  http://www.symantec.com/business/security_response/writeup.jsp?docid=2009-011316-0247-99
McAfee:  http://vil.nai.com/vil/stinger/
ESET:  http://download.eset.com/special/EConfickerRemover.exe
BitDefender:  http://www.bdtools.net/
Kaspersky:  http://data2.kaspersky-labs.com:8080/special/KidoKiller_v3.3.3.zip
TrendMicro:  https://securecloud.com/support/sysclean
Sophos:  https://secure.sophos.com/products/free-tools/conficker-removal-tool-network/download (registration required)

Other Related Post About Conficker.C : ERM Blog

IT Security Alert : Beware of "CONFICKER.C" Worm

The worm Conficker.C has been activated on 1st April 2009.

The worm when infects the PC will query about 30,000 websites for further instructions, thus when the PC queries 30,000 sites your Network most probably will be congested and users will be experiencing high latency in internet.

1. WHAT is the symptoms:

    So far, the worm is new, there's no unique signature, but basically, look for these:
   * task manager disabled
   * regedit disabled
   * user cannot view my network
   * network is up, but microsoft sites and all antivirus sites cannot be open


2. HOW to avoid..
 For Microsoft users,  please follow link below
 http://www.microsoft.com/technet/security/bulletin/ms08-067.mspx


3.HOW to clean the worms
     Refer to table below

Removal Instructions
Microsoft:  http://support.microsoft.com/kb/962007
Kaspersky:  http://support.kaspersky.com/faq/
BitDefender: http://www.bitdefender.com/VIRUS-1000462-en--Win32.Worm.Downadup.Gen.html
TrendMicro: http://www.trendmicro.com/vinfo/virusencyclo/default5.asp

To be able to access Anti-Virus vendors and SANS, Microsoft and others, from an infected Conficker.C machine, TrendMicro suggests to use "net stop dnscache" from the command line.
Sophos:  http://www.sophos.com/support/knowledgebase/article/51416.html

Removal Tools

Microsoft MSRT:  http://www.microsoft.com/security/malwareremove/default.mspx
F-Secure:  ftp://ftp.f-secure.com/anti-virus/tools/beta/f-downadup.zip
AhnLab:  http://global.ahnlab.com/global/file_removeal_down.jsp?filename=12371830475821&down_filename=v3conficker.zip
Symantec:  http://www.symantec.com/business/security_response/writeup.jsp?docid=2009-011316-0247-99
McAfee:  http://vil.nai.com/vil/stinger/
ESET:  http://download.eset.com/special/EConfickerRemover.exe
BitDefender:  http://www.bdtools.net/
Kaspersky:  http://data2.kaspersky-labs.com:8080/special/KidoKiller_v3.3.3.zip
TrendMicro:  https://securecloud.com/support/sysclean
Sophos:  https://secure.sophos.com/products/free-tools/conficker-removal-tool-network/download (registration required)

Other Related Post About Conficker.C : ERM Blog

IT Security Alert : Beware of "CONFICKER.C" Worm

The worm Conficker.C has been activated on 1st April 2009.

The worm when infects the PC will query about 30,000 websites for further instructions, thus when the PC queries 30,000 sites your Network most probably will be congested and users will be experiencing high latency in internet.

1. WHAT is the symptoms:

    So far, the worm is new, there's no unique signature, but basically, look for these:
   * task manager disabled
   * regedit disabled
   * user cannot view my network
   * network is up, but microsoft sites and all antivirus sites cannot be open


2. HOW to avoid..
 For Microsoft users,  please follow link below
 http://www.microsoft.com/technet/security/bulletin/ms08-067.mspx


3.HOW to clean the worms
     Refer to table below

Removal Instructions
Microsoft:  http://support.microsoft.com/kb/962007
Kaspersky:  http://support.kaspersky.com/faq/
BitDefender: http://www.bitdefender.com/VIRUS-1000462-en--Win32.Worm.Downadup.Gen.html
TrendMicro: http://www.trendmicro.com/vinfo/virusencyclo/default5.asp

To be able to access Anti-Virus vendors and SANS, Microsoft and others, from an infected Conficker.C machine, TrendMicro suggests to use "net stop dnscache" from the command line.
Sophos:  http://www.sophos.com/support/knowledgebase/article/51416.html

Removal Tools

Microsoft MSRT:  http://www.microsoft.com/security/malwareremove/default.mspx
F-Secure:  ftp://ftp.f-secure.com/anti-virus/tools/beta/f-downadup.zip
AhnLab:  http://global.ahnlab.com/global/file_removeal_down.jsp?filename=12371830475821&down_filename=v3conficker.zip
Symantec:  http://www.symantec.com/business/security_response/writeup.jsp?docid=2009-011316-0247-99
McAfee:  http://vil.nai.com/vil/stinger/
ESET:  http://download.eset.com/special/EConfickerRemover.exe
BitDefender:  http://www.bdtools.net/
Kaspersky:  http://data2.kaspersky-labs.com:8080/special/KidoKiller_v3.3.3.zip
TrendMicro:  https://securecloud.com/support/sysclean
Sophos:  https://secure.sophos.com/products/free-tools/conficker-removal-tool-network/download (registration required)

Other Related Post About Conficker.C : ERM Blog