Threatpost

Rocra Espionage Malware Campaign Uncovered After Five Years of...

Mon, 14 Jan 2013 11:26:00 -0500

Rocra Espionage Malware Campaign Uncovered After Five Years of Activity

For five years, it hid in the weeds of networks used by Eastern European diplomats, government employees and scientific research organizations, stealing data and infecting more machines in an espionage campaign rivaling Flame and others of its ilk. The campaign, called Rocra or Red October by researchers at Kaspersky Lab, focused not only on workstations, but mobile devices and networking gear to gain a foothold inside strategic organizations. Once inside, attackers pivoted internally and stole everything from files on desktops, smartphones and FTP servers, to email databases using exploits developed in China and Russian malware, Kaspersky researchers said.

Image via Securelist

How-To: Tips for Shopping Online Black Friday and the Monday...

Tue, 20 Nov 2012 10:09:23 -0500

How-To: Tips for Shopping Online

Black Friday and the Monday that follows, which we have somewhat recently taken to calling Cyber Monday, are two of the biggest shopping days of the year. The tradition of getting off to a fast start on your holiday shopping by getting out there on the Friday after Thanksgiving that most Americans take as a vacation day dates back to the 1960’s. Cyber Monday, on the other hand, was created by online retailers sometime in the last decade in an attempt at squeezing one more day of shopping mania out of consumers.

These manufactured holidays are probably detracting from the quaintness of what used to be a perfectly Rockwellian day of football and food and football. But the deals, they’re just so good, you would have to be made of stone to resist! So we produced this short video to help consumers stay safe online, not just on Cyber Monday and Black Friday, but throughout the holiday shopping season.

Via Threatpost

How-To Video: Facebook Privacy In the previous video in our...

Tue, 13 Nov 2012 13:44:00 -0500

How-To Video: Facebook Privacy

In the previous video in our how-to series, Securing Facebook, we reported that the social networking giant was rapidly approaching one billion active users. Facebook has since surpassed that mark. Considering that, we produced a video detailing and explaining how to implement some simple, built-in features on the world’s largest social network that should help keep your profiles as private as possible.

via Threatpost

Spear Phishing Remains Most Difficult Attack to Defend...

Wed, 10 Oct 2012 15:20:19 -0400

Spear Phishing Remains Most Difficult Attack to Defend Against

Spear-phishers, like the ones that compromised a White House network last week, are implementing new evasion tactics, fundamentally changing their attack strategies, and revolutionizing the targeted threat model. One of the newer attack strategies is the relatively recent ‘watering hole’ technique, but the changes also include an increased focus on victim behavior, and the adoption of successful tactics used by other factions of the cybercriminal world, specifically scareware and ransomware.

Infographic via Websense

Securing Your Facebook Facebook’s active-user count is rapidly...

Tue, 18 Sep 2012 13:12:33 -0400

Securing Your Facebook

Facebook’s active-user count is rapidly approaching one billion. The world’s largest social network, which has long been a popular target and platform for attackers, will only become a more relevant outlet for scams and other fraud as it continues to grow. While the target grows, so too does the need to secure our accounts. With that in mind, we will discuss some simple ways of bolstering the security of our Facebook accounts in the second installment of our how-to video series.

Locking Down and Securing Your iPhone Considering the rapid ...

Tue, 14 Aug 2012 16:20:14 -0400

Locking Down and Securing Your iPhone

Considering the rapid proliferation of smartpones and tablets and the vast wealth of personal and financial data many of us store on them, it is increasingly important that we find ways of securing our mobile devices. With that in mind, we decided there was no better way to kick-off a series of security tutorials than with a short step by step video explaining simple ways of securing your iOS device.

Check Threatpost for more original videos moving forward

Ted Talk: Your phone company is watching What kind of data is...

Wed, 25 Jul 2012 15:26:09 -0400

Ted Talk: Your phone company is watching

What kind of data is your cell phone company collecting? Malte Spitz wasn’t too worried when he asked his operator in Germany to share information stored about him. Multiple unanswered requests and a lawsuit later, Spitz received 35,830 lines of code — a detailed, nearly minute-by-minute account of half a year of his life.

Geographical Visualization of Blacklisted Websites by Hosting...

Thu, 12 Jul 2012 10:53:00 -0400

Geographical Visualization of Blacklisted Websites by Hosting Country

Via Zscaler

ZScaler’s Julien Sobrier analyzed the geographical distribution of the top 1,000,000 websites blacklisted by Google Safe Browsing. The first graphic (top) illustrates the distribution by raw numbers and the second (bottom) illustrates the relative distribution (number of blacklisted sites / number of sites hosted).

You’re Not as Secure as You Think Small Business Security...

Thu, 05 Jul 2012 12:38:18 -0400

You’re Not as Secure as You Think

Small Business Security Infographic via Veracode

Stay informed with Threatpost’s small and mid-sized business coverage.

Android Malware: A Threat Rising at a Meteoric Rate Infographic...

Thu, 28 Jun 2012 11:20:38 -0400

Android Malware: A Threat Rising at a Meteoric Rate

Infographic via Kaspersky Lab

Check out Threatpost’s mobile security coverage for the specifics.

A Graph of the Increase in Computer Security Jobs Posted...

Fri, 15 Jun 2012 10:15:23 -0400

A Graph of the Increase in Computer Security Jobs Posted Online

via Forbes

Visualizing Botnets via Unveillance Check out Threatpost’s...

Fri, 15 Jun 2012 10:03:49 -0400

Visualizing Botnets via Unveillance

Check out Threatpost’s botnet coverage here.

State of the Internet infographic via Online Schools.

Tue, 12 Jun 2012 11:26:43 -0400

State of the Internet infographic via Online Schools.

CYBER-ATTACK!? Who told? U.S. Attorney General Eric Holder is on...

Tue, 12 Jun 2012 11:01:19 -0400

CYBER-ATTACK!? Who told? U.S. Attorney General Eric Holder is on the case!

theeconomist:

KAL’s cartoon: this week, some history.

Tumblr Users Should Beware of Cookie Thieves

Tue, 12 Jun 2012 10:31:35 -0400

Tumblr Users Should Beware of Cookie Thieves

Think You’re Not at Risk of Experiencing a Security Breach?

Thu, 07 Jun 2012 10:18:59 -0400

Think You’re Not at Risk of Experiencing a Security Breach? :

visualoop:

Via

Cloudflare CEO: AT&T Voicemail Hack Key To Compromise Loose...

Tue, 05 Jun 2012 14:30:03 -0400

Cloudflare CEO: AT&T Voicemail Hack Key To Compromise

Loose security protecting voice mailboxes at mobile carrier AT&T provided a key element necessary to successfully hack the Google Enterprise Apps account of tech firm CloudFlare, according to an account of the hack posted by CEO Matthew Prince.

Infographic via Cloudflare

Flame Malware C&C Timeline Infographic via...

Mon, 04 Jun 2012 16:17:00 -0400

Flame Malware C&C Timeline

Infographic via OpenDNS

Background:

“Researchers at Kaspersky Lab, domain registrar GoDaddy and OpenDNS have taken steps to cut off Internet access for machines infected with the Flame worm. In the process, the researchers say they uncovered a large and complex command and control infrastructure of more than 80 Web domains and collected clues that put the origins of Flame as early as 2008.”

Continue reading at Threatpost.com

Protect Your Computer & Help Stop Botnets

Thu, 31 May 2012 11:59:18 -0400

Protect Your Computer & Help Stop Botnets:

Make sure you also check out Threatpost’s reporting on the White House push to better mitigate botnets.

jetcityorange:

An unprotected machine is fodder for botnets. Don’t let the bad guys kidnap your computer or those of the ones around you.

Exploring ‘The Deep Web’ The Deep or Invisible Web...

Thu, 31 May 2012 09:59:00 -0400

Exploring ‘The Deep Web’

The Deep or Invisible Web consists of the parts of the Internet that are not reported by normal search engines. Researches claim that standard search engines index only a small portion of the overall web, the remaining parts of which remain largely unknown.

-Security Affairs