The Enterprise Security Supersite NewsFactor Sites:       NewsFactor.com     Enterprise Security Today     CRM Daily     Business Report     Sci-Tech Today  
   
Home Network Security Viruses & Malware Cybercrime Security Solutions More Topics...
Build Apps 5x Faster
For Half the Cost
Enterprise Cloud Computing

On Force.com
You are here: Home / Network Security / New Security Threats Keep IT Busy
DDoS Protection Powered By Verisign
New Security Threats Keep IT Busy this Week
New Security Threats Keep IT Busy this Week
By Jennifer LeClaire / Enterprise Security Today Like this on Facebook Tweet this Link thison Linkedin Link this on Google Plus
PUBLISHED:
FEBRUARY
08
2013


It's been a busy week in the hacking and malware world. Anonymous posted sensitive information of more than 4,600 banking executives to a government Web site on Sunday. Then, the Federal Reserve admitted it was hacked Tuesday morning.

Symantec is warning about fake FedEx e-mails circulating the Internet. According to Symantec, the e-mails claim the user must print out a receipt by clicking on a link and then physically go to the nearest FedEx office to receive their parcel.

"Obviously the parcel does not exist and those who click on the link will be greeted by a PostalReceipt.zip file containing a malicious PostalReceipt.exe executable file," said security researcher Shunichi Imano at Symantec. "Instead of receiving a parcel, which the user did not order in the first place, Trojan.Smoaler is delivered to the computer."

Don't Take a Nap

The Trojan Nap also wreaked havoc online this week. Nap is a malicious downloader that works to steal information from victim machines. But Manos Antonakakis, senior director of research at Damballa Labs, told us there is nothing new about Nap.

"Botnets have been using fluxing techniques for years in order to evade statically compiled black lists. Also, anti-VM [virtual machine] analysis techniques are not an infrequent phenomenon in the current malware landscape," Antonakakis said. "If a company employs legacy signature-based systems, then both anti-VM techniques and fluxing botnets -- both from the IP or domain name side -- will evade their perimeter defenses."

Based on previous analysis of this malware from the community, and according to Damballa datasets, he believes this particular threat is related to the Kelihos botnet. The fast flux network, domain registration, and name servers being used all point back to the Kelihos botnet operators. Antonakakis believes the downloader being used is just one component in this campaign.

"AV people should be paying attention to the network behavior and the ecosystem around Internet threats," Antonakakis said. "Binaries employ several different obfuscation techniques, so tracking them in the context of botnets is extremely hard. Let's put it another way: If you rely on seeing the malware, you have already lost the war."

Bamital Bites Browsers

The security roundup would not be complete without a look at the Bamital botnet. The Bamital botnet hijacked search results across various Web browsers offered by companies such as Google, Yahoo and Microsoft. Bamital also fraudulently charged businesses for online advertisement clicks and took control of users computers, allowing Bamital's organizers to install viruses that could engage in identity theft.

Mark Elliott, executive vice president of products at Quarri Technologies, told us the Bamital botnet poses a threat to users across multiple widely used Web browsers.

"While the botnet's takedown removed the cybercriminals' ability to hijack users' browsing sessions, there is a high probability that many end users were unaware the problem existed while the botnet was still functioning," Elliot said. "The availability of free tools and tips to assist users in uninstalling the botnet is a positive development, but many still don't know that they have Bamital installed on their computer."

As Elliot sees it, this accentuates the issue of Web browser security and the dangers end users face if they don't take the proper security measures. He said it also demonstrates the critical need for organizations to provide and enforce the use of a secure, hardened browser session to protect their Web applications from malware.

"This step is critical to protect their most sensitive browser-delivered information," he said, "and prevent unauthorized use and replication of confidential data."

Tell Us What You Think
Comment:

Name:

Like Us on FacebookFollow Us on Twitter
TOP STORIES NOW
MAY BE OF INTEREST
Salesforce.com is the market and technology leader in Software-as-a-Service. Its award-winning CRM solution helps 82,400 customers worldwide manage and share business information over the Internet. Experience CRM success. Click here for a FREE 30-day trial.
MORE IN NETWORK SECURITY
Product Information and Resources for Technology You Can Use To Boost Your Business

Network Security Spotlight
Are Government Spies Tipping Off Tor?
Less than a month ago, tech news headlines heralded a Tor Project breach. Now, some are saying that government spies are sharing information with Tor to help it prevent future breaches.
 
Backoff Malware Hits 1,000+ Businesses, Likely More
More than 1,000 businesses across the U.S. might have been affected by Backoff, a new kind of point-of-sale (PoS) malware, according to the Department of Homeland Security.
 
PlayStation Network Back Online After Attack
Sony’s PlayStation and Entertainment Network are back online after a distributed denial of service (DDoS) attack crashed the systems on Sunday. But Sony says no personal info was accessed.
 

Enterprise Hardware Spotlight
Alert: HP Recalls 5 Million Notebook AC Power Cords
HP is recalling about 5.6 million notebook computer AC power cords in the U.S. and another 446,700 in Canada because of possible overheating, which can pose a fire and burn hazard.
 
Acer's New Desktop Box Rides the Chrome OS Wave
Filling out its Chrome OS line, Acer is following the introduction of a larger Chromebook line earlier this month with a new tiny $180 desktop Chromebox and also a smaller Chromebook.
 
Feds OK $2.3 Billion IBM-Lenovo x86 Server Deal
IBM and Lenovo are celebrating U.S. approval of their x86-based server deal, having cleared some major security hurdles. The deal makes Lenovo a major player for enterprise data centers.
 

Mobile Technology Spotlight
Verizon Hops on the Voice-Over-LTE Bandwagon
Wireless provider Verizon is gearing up for a nationwide launch of its Voice-over-LTE service over the next several weeks, promising clearer and crisper phone calls and a Skype-like video service.
 
Smartphone 'Kill Switch' Law in California; Will Other States Follow?
California’s new law -- signed by Gov. Jerry Brown on Monday -- aimed at deterring cellphone theft could mean most mobile phones sold in the U.S. will soon include similar “kill-switch” tech.
 
Apple To Replace 'Small Percentage' of iPhone 5 Batteries
If you've noticed your iPhone 5 isn't acting right, it might be because of a bad battery -- and you might be eligible for a replacement. Apple is offering new batteries, though only for a small percentage of users.
 

Navigation
Enterprise Security Today
Home/Top News | Network Security | Viruses & Malware | Cybercrime | Security Solutions | Mobile Security | Disaster Recovery | Windows Security
Data Security | EST Press Releases
NewsFactor Network Enterprise I.T. Sites
NewsFactor Technology News | Enterprise Security Today | CRM Daily

NewsFactor Business and Innovation Sites
Sci-Tech Today | NewsFactor Business Report

NewsFactor Services
FreeNewsFeed | Free Newsletters

About NewsFactor Network | How To Contact Us | Article Reprints | Careers @ NewsFactor | Services for PR Pros | Top Tech Wire | How To Advertise

Privacy Policy | Terms of Service
© Copyright 2000-2014 NewsFactor Network. All rights reserved. Article rating technology by Blogowogo. Member of Accuserve Ad Network.