You probably haven’t heard of HD Moore, but up to a few weeks ago every Internet device in the world, perhaps including some in your own home, was contacted roughly three times a day by a stack of computers that sit overheating his spare room. “I have a lot of cooling equipment to make sure my house doesn’t catch on fire,” says Moore, who leads research at computer security company Rapid7. In February last year he decided to carry out a personal census of every device on the Internet as a hobby. “This is not my day job; it’s what I do for fun,” he says.
Organized hackers in Ukraine and Russia stole more than $1 million from a public hospital in Washington state earlier this month. The costly cyberheist was carried out with the help of nearly 100 different accomplices in the United States who were hired through work-at-home job scams run by a crime gang that has been fleecing businesses for the past five years.
In itself, a distributed denial of service, or DDoS, attack on a bank’s website is little more than costly hooliganism. It essentially consists of hackers ordering a bunch of infected computers to “click” on a bank’s website until it’s too overwhelmed to respond to legitimate users.
IDG News Service – Researchers from security firm FireEye claim that attackers are actively using a remote code execution exploit that works against the latest versions of Adobe Reader 9, 10 and 11.
Apple users who think they’re immune to malware and other bugs need to pay attention: A new Trojan is infecting Apple computers in order to obtain victims’ phone numbers and rob them via unexpected premium SMS charges.
You’ve probably never heard the name Kristy Ross before, but we’re willing to bet you’re very familiar with her work. You may have even given her money. For the last five years (at least), Ross has been flooding the internet with pop-up ad after pop-up ad, all claiming that your computer — yes, yours specifically — is infected with viruses. That’s illegal, and it turns out the law has finally caught up to her: The Federal Trade Commission has just fined Ross a staggering $163 million dollars for her crimes.
Microsoft is urging Windows users who browse the Web with Internet Explorer to use a free tool called EMET to block attacks against a newly-discovered and unpatched critical security hole in IE versions 7, 8 and 9. But some experts say that advice falls short, and that users can better protect themselves by surfing with an alternative browser until Microsoft issues a proper patch for the vulnerability.
Earlier this week, the U.S. District Court for the Eastern District of Virginia granted Microsoft’s Digital Crimes Unit permission to disrupt more than 500 different strains of malware with the potential for targeting millions of innocent people. Codenamed “Operation b70,” this legal action and technical disruption proceeded from a Microsoft study which found that cybercriminals infiltrate unsecure supply chains to introduce counterfeit software embedded with malware for the purpose of secretly infecting people’s computers. In disrupting these malware strains, we helped significantly limit the spread of the developing Nitol botnet, our second botnet disruption in the last six months.
Joshua Liberman has a warning for those who have their heads—and business applications—in the clouds. If cloud services or the connectivity to them are down, then so are your users. And since either a service or broadband failure alone can bring productivity to a halt, the perceived availability rate even for well-managed cloud offerings can effectively be 99 percent or less. That translates to days of downtime a year.