Archive | online security RSS feed for this section

AFA Congratulates Advancing Teams in CyberPatriot Competition

3 Jan

Finally FastTech News from the Finally Fast Team

The Air Force Association’s CyberPatriot recently announced the top scoring teams who will be advancing to the third and final preliminary round of the nation’s largest high school cyber defense competition.

CyberPatriot, an education initiative produced by AFA in 2008, is a one-of-a-kind cyber defense competition that provides students hands-on learning about cyber security. CyberPatriot IV brought in more than 1,000 team registrations from all 50 states, U.S. Department of Defense Dependent Schools in Europe and the Pacific, and Canada in the two-track competition. Teams have registered from public, private, parochial and home schools in the Open Division, and JROTC units of all Services and Civil Air Patrol squadrons filled the All-Service Division.

 

During the second round of competition, held the first and third weekends of December, teams set out once again to defend virtualized networks of computers. Teams were scored according to how quickly and effectively they established and maintained secure networks. The scores of the first and second preliminary rounds were aggregated to determine which teams moved forward.

“There was a tremendous amount of effort being displayed by all the teams who participated in CyberPatriot IV, and we congratulate them for their hard work,” said Bernie Skoch, CyberPatriot Commissioner. “As these students are competing against their peers and having fun, they are also building skills and key knowledge in an area that is critical to our nation’s success. We are proud to be able to provide such an energetic and exciting venue for learning, and look forward to the remainder of this year’s competition.”

After Round 3, the top 12 qualifying teams of each division receive all-expenses-paid trips to the CyberPatriot National Championship Competition held in the Washington, DC area, in March 2012.

The final preliminary round for the All Service Division teams will be on January 13, while the Open Division competes again onJanuary 27.

CyberPatriot is presented by the Northrop Grumman Foundation, with founding partners SAIC and the CIAS at the University of Texas-San Antonio. CyberPatriot is also a member of the U.S. Cyber Challenge (USCC), a national coalition of public-private sector entities collaborating to enhance the workforce with the next generation of cyber security professionals through skill development activities, mentoring, and resources, and the facilitation of scholarship, internship and employment opportunities.

The Air Force Association (AFA) is a 501(c)(3) organization that educates the public about the critical role of aerospace power in the defense of our nation, advocates aerospace power and a strong national defense, and supports the United States Air Force, the Air Force family and aerospace education. AFA has more than 200 chapters nationally and internationally representing more than 119,000 members.

Photo Credit

Tags: , , , ,

Threat Report Reveals Google replaces Microsoft as Number One Vendor for Vulnerabilities

16 Nov

Finally FastInternet safety tips from the Finally Fast team

Google replaced Microsoft as the number one vendor for reported vulnerabilities, with a total of 82, due to existing vulnerabilities in Chrome as the browser grows in popularity. Oracle came in second, with 63; Microsoft fell to third place, with 58, all according to Trend Micro’s Third Quarter Threat Report.

Trend Micro threat researchers also witnessed a significant shift from mass compromises to targeted attacks, particularly against large enterprises and government institutions. Their work led them to the uncovering of one of the most notable groups of targeted attacks during the third quarter – the LURID downloader.

These attacks, which were classified by Trend Micro as advanced persistent threats (APTs), targeted major companies and institutions in over 60 countries, including Russia, Kazakhstan, and the Ukraine. The cybercriminals behind these attacks launched over 300 malware campaigns in order to obtain confidential data from and take full control of affected users’ systems over an extended period of time. LURID was successful because it was targeted by its nature. By zoning in on specific geographic locations and entities, LURID compromised as many as 1,465 systems.

Other notable security attacks, scams, breaches and exploits

Trend Micro threat analysts came across a new DroidDreamLight variant with enhanced capabilities and routines. Disguised as battery-monitoring or task-listing tools or apps that allow users to see a list of permissions that installed apps utilize, copies of this new Android malware littered a Chinese third-party app store.

In the first half of July, Trend Micro researchers spotted a page that enticed users to click a link to get free invitations to Google’s latest stab at taking a slice of the social media pie—Google+. Instead of invitations to join the site, however, all the users got was an “opportunity” to take part in a survey that put them at risk.

LinkedIn users were also part of a criminal scam that tricked them into clicking a malicious link to a supposed Justin Bieber video that redirected them to a malicious site.

The most notorious spam runs this quarter led to the download and execution of two banking Trojans: The first campaign featured a spam that purported to come from the Spain National Police; the second supposedly came from the Internal Revenue Service.

India and South Korea was part of the top three spam-sending countries. The United States, which commonly takes the top spot, was not on the top 10 spam-sending countries list most likely due to the arrest of several spambot operators.

Notable security research wins

In addition to the discovery of the LURID downloader, Trend Micro and other global security teams made impressive takedowns in Q3:

After months of monitoring, Trend Micro researchers uncovered a SpyEye operation controlled by a cybercriminal residing in Russia with the handle, “Soldier,” and his accomplice in Hollywood, California. This botnet operation, which amassed more than US$3.2 million within six months, targeted large enterprises and government institutions in the United States, as well as organizations in Canada, the United Kingdom, India, and Mexico. More details on this win can be found in Trend Micro’s research paper, “From Russia to Hollywood: Turning Tables on a SpyEye Cybercrime Ring.”

Trend Micro researchers were also able to gather in-depth information on two of the largest FAKEAV affiliate networks to date—BeeCoin and MoneyBeat. More details on how FAKEAV affiliate networks work can be found in the research paper,”Targeting the Source: FAKEAV Affiliate Networks.”

Photo Credit

Tags: , , , , , ,

HBGary Federal CEO steps down, Anonymous claims victory

1 Mar

 From the FinallyFast Help Desk:

HBGary Federal CEO Aaron Barr recently announced he is stepping down from his position following an embarrassing battle with the Anonymous hacking organization.

“I need to focus on taking care of my family and rebuilding my reputation,” Barr said in a phone interview with Kaspersky Labs’ Threatpost. “It’s been a challenge to do that and run a company. And, given that I’ve been the focus of much of bad press, I hope that, by leaving, HBGary and HBGary Federal can get away from some of that. I’m confident they’ll be able to weather this storm.”

Barr and HBGary Federal previously collaborated with the FBI on an investigation into the hacking organziation known as Anonymous. Barr claimed in an interview with the Financial Times that he obtained the identity of two members of Anonymous residing in the United States, and scheduled an address at this month’s RSA Security Conference in which he was expected to reveal these identities.

Before the conference began, Barr’s personal Twitter account was breached, through which a hacker posted a statement on Anonymous’ motives. Meanwhile, both domain names used for the HBGary Federal website were hijacked and the home page was replaced with a similar statement from Anonymous. Then, news broke that Anonymous stole 60,000 company emails and immediately began publishing them on the internet.

“Today we taught everyone a lesson. When we actually decide to bite back against those who try to bring us down, we bite hard,” the hackers posted from Barr’s Twitter account.

HBGary Federal proceeded in light of the data breach, with Barr still scheduled to speak at the RSA Security conference. However, after the first two days at RSA brought hecklers to the HBGary Federal showcase tent and death threats against Barr and his family, the company vacated the conference. Shortly after, in place of an HBGary Federal sign explaining its sudden departure, a large white sign claiming victory in the name of Anonymous was found in the place where HBGary Federal’s tent was set up.

Now, after Barr announced he is stepping down, a Twitter account by the name of Topiary, which claims to be an “online activist” and “supporter of anonymous operations, WikiLeaks and maintaining freedom on the internet” declared “victory” in a Tweet with the link to news about Barr’s departure attached.

Anonymous has grown into one of the world’s most influential hacking organizations in a short time. The group emerged shortly after the international persecution of WikiLeaks and its founder Julian Assange, defending both by lashing out at the organizations that condemned either. Anonymous has claimed responsibility for distributed denial-of-service attacks that have successfully brought down the MasterCard website, as well as targeted online payment service PayPal and Visa, after each declared they would stop processing donations to WikiLeaks.

Tags: , , , , ,

What Makes People Susceptible to Scams

14 Feb

From the FinallyFast help Desk:

How do you protect PC and your information? Below shows the ways that you can get tricked by  Cyber criminals. (Click on the image to make it larger.)

Tags: , , , ,

Malware and How to Protect your PC

8 Feb

From the FinallyFast Help Desk:

There is a war going on. Behind the scenes cyber criminals are attacking your PC and stealing personal information. Whether is Malware, Spyware, or a Trojan horse, it’s important to keep your PC safe. Programs like FinallyFast and SpywareStriker are great ways to keep your PC clean and your information secure.

What is Malware?

Malware is a malicious software which is designed to access a computer without the owner’s consent.  Spyware, Trojan horses, viruses and worms are all considered Malware. Malware is usually a part of cyber crime, by stealing information like bank accounts from your PC. Malware is usually passed from user to user by email and more recently through social networking sites like Facebook.

What is Spyware?

Spyware does what it sounds like; it spies on your PC. Whether it is to steal your information like credit cards and bank account information, or simply to get passwords, Spyware is a huge security threat and a huge issue for computers. Often times Spyware will be completely hidden from the user of the PC and is very difficult to detect. As Spyware works it slowly steals various types of personal information, it can also change computer settings, install other software and redirect browser activity on the Web. A AOL and National Cyber-Security Alliance, study in 2005, found 61 percent of users’ computers were infected with spyware of some form (“AOL/NCSA Online Safety Study”, America Online & The National Cyber Security Alliance. 2005.) Spyware is not like viruses and worms in that it does not self-replicate usually. For more information check out http://en.wikipedia.org/wiki/Spyware#cite_ref-aolstudy_2-0

What is a Trojan Horse?

You might think a Trojan Horse was just a part of a book where the Greeks had fun playing a trick on the Trojan’s. A computer Trojan works much the same way as the Greeks famous Horse, it pretends to be something else. Most computer users click on what they think is a desired program and install it and never become wiser. The Trojan horse will conceal a harmful or malicious payload (meaning another program like spyware, worms, or viruses). The payload goes to work immediately. For more information check out http://en.wikipedia.org/wiki/Malware

What Can You Do?

Although firewalls and anti-viruses can stop many things from getting into your PC, there are many things that can get through those systems. Many programs that run behind-the-scenes can often get around firewalls and anti-virus software. The best thing is to get a Spyware Scan that can look things that are hiding in your system behind the scenes, undetected. SpywareStriker Pro is an amazing Spyware Scan that eliminates Spyware and Malware from your system. Spyware Striker Pro includes CounterSpy scan engine. This Award-Winning scan has been awarded the CNET Editor’s Choice Award as: “the only antispyware product that correctly identified every piece of spyware… It did very well in active scanning, on-demand detection, and complete spyware removal.” In another words it is kind of like James Bond for your PC. You can check out SpywareStriker Pro at FinallyFast or by clicking here.

Tags: , , , , ,

Finally Fast Report: Cyber criminals will invest in cash mules

26 Jan

From the Finally Fast Security Desk:

Cash flow

Cash flow will be the main focus in cyber crime, as hackers try to expand and exploit new technologies.
According to Cisco’s recently released 2010 Annual Security Report, hackers are pursuing new avenues to sustain the financial aspects of cyber crime. The company conducted its study on the economics of cyber crime in its Return on Investment Matrix. Because many scams steal money, and cyber criminals need to find a way to hide that money without government or legal pressure, money muling has become a common trade on the web.
“When it comes to the success of [banking Trojans] like Zeus, the bottleneck is not getting a Trojan on people’s machines. There’s a surplus on that side quite frankly,” Scott Olechowski, manager of Cisco’s Threat Research Group, said. “The challenge that criminals are facing now is getting that money. That’s why [money] muling has really become one of the biggest bottlenecks in that type of crime.”

Muling

For muling, cyber criminals seek out individuals willing to deposit money stolen via online scams in their bank accounts, or even create entirely new accounts for cyber crime profits.
So far, this process has been unsuccessful, according to Olechowski. He said that most mules work only for a day, after which they are caught by law enforcement or ditched by their cyber criminal employer.
However, because the study predicts international spam and botnet scams will continue to generate substantial revenue for cyber crime organizations, money muling efforts are likely to change and become more sophisticated.
“Money muling is an area that we’re confident will be a really big area of investment for criminals this year,” Olechowski said.
Many have already begun, according to the report. Online offers targeting the unemployed, which are high in number in the U.S. since the onset of the economic recession in 2008, have recruited previously innocent web users into cyber criminals by association.
“The more sophisticated cash-out organizations act as legitimate financial services firms,” Cisco’s report explained. “Individuals who come in contact with these operations usually have no idea they are being recruited as money mules, and believe they are dealing with a recruiter for a legitimate company.”
According to the report, these ads go as far as providing legitimate titles, including “regional assistant” and “payment processor.” After complying with the job posting, unsuspecting web users are often apprehended by police and take the blame for a cyber criminal employer, who has already covered his tracks and evaded law enforcement.
Others have been more brash in their tactics. Earlier this month, two Vietnamese exchange students studying at Winona State University in Minnesota were arrested by federal agents for muling funds for a multi-million dollar eBay scam.

Protecting Your PC

No matter how the cyber criminal is getting their money, through muling or other tactics, its important to make sure that you are not losing money or information to Cyber crime. Products like Finally Fast, an Ascentive featured site, can help detect dangerous programs before consumers’ security is violated. As Scott Olechowski says “the bottleneck is not getting a Trojan on people’s machines,” so make sure you are making it hard for cyber criminal’s to get your information.

Tags: , , , ,

Research finds more than 1 million HTML spam attacks per day

28 Sep

Cyber criminals have been using HTML to exploit innocent users with malware for years. According to a recent study, this technique has been on the rise lately.

Security company Barracuda Networks recently released its research that found email spam attacks have increasingly been using malicious HTML file attachments to infiltrate their messages’ recipients. The lab found “well over 1 million instances a day” of email spam messages that contain malicious HTML attachments.

These kinds of email spam attacks present an attachment, or a pop up, with an HTML file that launches a JavaScript attack. In some cases, a back-door virus can be sent, infiltrating computers even if users close the web browser without clicking on the file.

“So yes, a seemingly innocent HTML email attachment can do plenty of damage, and while quite stealthy, definitely not harmless,” Dave Michmerhuizen, Barracuda Labs’ researcher, said.

The issue that makes HTML so effective for cyber criminals surrounds the format of many legitimate files sent in emails today. As Michmerhuizen explains on the company’s blog, most users unknowingly click on HTML files within emails because they are so used to seeing them as attachments in their personal and work emails.

“Users have been warned of the potential dangers associated with clicking on a file or link that arrives in an email. But many people assume that an HTML file is just a webpage and that webpages are safe,” Michmerhuizen explained. “This assumption is misleading, and the examples … show why HTML attachments are just as serious of a threat as other attachment types.”

The research organization’s report also highlighted some of the other common media cyber criminals leverage to send malicious HTML files. Recent search engine results have been linked to dangerous HTML files, exposing innocent web surfers to malware when they use Google, the world’s leading search engine.

“Google hot topic search results frequently are littered with links to hacked sites that serve up malicious JavaScript,” Michmerhuizen said.

However, cyber criminals have built off the search engine trend, linking the same malicious attacks into email spam to spread the attack into a medium in which users are more likely to click on the file.

“Now, the attackers are taking that a step further and not requiring the user to come to their hacked sites but rather simply emailing the same malicious JavaScript sites straight to an inbox,” Michmerhuizen added.

As the recent influx of HTML target some of the most commonly used internet tools, the internet would be relatively useless to users who simply try to avoid these malware-ridden sources. Integrating the most updated anti-malware software can allow users to freely surf the web and check their email without worrying about malware crippling their PCs.

Tags: ,

Follow

Get every new post delivered to your Inbox.

%d bloggers like this: