Thank you for being a valued part of the CNET community. As of December 1, 2020, the forums are in read-only format. In early 2021, CNET Forums will no longer be available. We are grateful for the participation and advice you have provided to one another over the years.

Thanks,

CNET Support

General discussion

NEWS - January 11, 2006

Jan 11, 2006 1:38AM PST

Malware - Future Trends

In the below link article, Dancho describes what are the driving forces behind the rise of malware? Who's behind it, and what tactics do they use? How are vendors responding, and what should organizations, researchers, and end users keep in mind for the upcoming future? These and many other questions will be discussed in this article, combining security experience, business logic, a little bit of psychology, market trends, and personal chats with knowledgeable folks from the industry.

The complete article can be downloaded from http://www.infosecwriters.com/text_resources/pdf/malware_DDanchev.pdf (PDF viewer required)

http://www.securiteam.com/securityreviews/5IP0B0AHFA.html

Discussion is locked

- Collapse -
FTC Launches Site onguardonline.gov To Fight Net Crime
Jan 11, 2006 1:49AM PST

Responding to the rising cybercrime threat, the Federal Trade Commission on Tuesday unveiled an online tool designed to help consumers avoid becoming victims of Internet scams.

At the Web site, www.onguardonline.gov, consumers can take interactive quizzes designed to enlighten them about ID theft, phishing, spam and online-shopping scams.

If the user selects a wrong answer, the program explains why that particular misconception about Internet security can lead to trouble.

http://www.newsfactor.com/news/FTC-Launches-Site-To-Fight-Net-Crime/story.xhtml?story_id=0230028NLQ1C

- Collapse -
Exposed: Dodgy domains spam message boards
Jan 11, 2006 1:58AM PST

Spammers appear to have found a new target of choice for 2006 - bombarding internet message boards with unprecedented ferocity.

The amount of message board spam has been escalating dramatically since mid-2005, according to experts and a search of Google shows a number of frequently recurring domains are appearing in bogus comments on message boards all over the internet.

Among the most common domains appearing on message boards as spam, there is a definite trend.

Domains such as 888.typo7.com, e-casinoroom.com, HobbyWorkshop.com, onlinepokerment.com, TopSitesRanking.com and g4h5.com all appear in bogus postings which reference online gaming. Many of the actual sites link through to more than one established poker site.

Typical comments often start with some fairly random text, such as "Good guess Smith" or "I agree with John", which looks like an attempt to appear part of an existing conversation on the board. They then include little more than links through to the websites, backed up with crude testimony such as "This is a great poker site", despite the fact none of the above offer any kind of gaming on their own domain.

A second trend is also apparent with these domains. The Whois information for every single one of those websites named above reveals the same registrant in each case - Moniker Privacy Services, part of domain name registrar Moniker.com, based in Florida in the US.

http://software.silicon.com/security/0,39024655,39155545,00.htm

- Collapse -
Symantec provides hiding place for hackers
Jan 11, 2006 9:37AM PST

By Joris Evers, CNET News.com
Published on ZDNet News: January 11, 2006, 5:20 PM PT

Symantec has released an update to its popular Norton SystemWorks to fix a security problem that could be abused by cybercriminals to hide malicious software.

In the PC-tuning application, a feature called the Norton Protected Recycle Bin creates a hidden directory on Windows systems. The feature is meant to help people restore modified or deleted files, but the hidden folder might not be scanned during scheduled or manual virus scans, Symantec said in an advisory released Tuesday.

"This could potentially provide a location for an attacker to hide a malicious file on a computer," Symantec said. The Cupertino, Calif., security provider is not aware of any attempts by hackers to conceal malicious code in the folder. "This update is provided proactively to eliminate the possibility of that type of activity," it said.

more here
http://news.zdnet.com/2100-1009_22-6026203.html?tag=zdnn.alert

- Collapse -
A Time to Patch
Jan 11, 2006 10:18AM PST

A Time to Patch
(Blog) by Brian Krebs

A few months back while researching a Microsoft patch from way back in 2003, I began to wonder whether anyone had ever conducted a longitudinal study of Redmond's patch process to see whether the company was indeed getting more nimble at fixing security problems...

http://blogs.washingtonpost.com/securityfix/2006/01/a_timeline_of_m.html