Author Archives: Slippery Slim

Kelihos Botnet Coming Back to Life

Kelihos Botnet Coming Back to Life A botnet that was crippled by Microsoft and Kaspersky Lab last September is spamming once again and experts have no recourse to stop it. Source Kelihos was never big compared to a lot of the botnets. Despite it’s size, it was extremely active. Spam and malware go hand in hand. Much of it is infected links in email which is the easiest way to infect the individual computer user. The hard way that provides more computers for the bot-herder is injecting a web site. Not just any website will do. Google and most search engines, carry a list of known infection sites to block …

Continue reading

Posted in Thoughts.

Android.Counterclank Found in Official Android Market

Symantec has identified multiple publisher IDs on the Android Market that are being used to push out Android.Counterclank. This is a minor modification of Android.Tonclank, a bot-like threat that can receive commands to carry out certain actions, as well as steal information from the device. Source What started out as a way to provide a cheaper phone is now becoming a headache. Licensing is a heavy hitter in the cost of a phone. Manufactures pay serious money to use propitiatory software by Apple or Microsoft. Using Android, a derivative of Linux sourcing, provides FLOSS software. The headache with it is that the changes in OSS must be posted to the …

Continue reading

Posted in Thoughts.

Woeful SCADA Security

The talk presented the findings of “Project Basecamp,” a volunteer-led security audit of leading programmable logic controllers (PLCs). The audit found that decrepit hardware, buggy software and pitiful or nonexistent security features make thousands of PLCs vulnerable to trivial attacks by external hackers that could cause PLC devices to crash or run malicious code. Source This opens a whole new field of malware attack area of opportunity. It’s been coming for a long time with claims surfacing of possible hacker attacks into infrastructure that could literally effect your way of life. To start out with, SCADA (Supervisory Control and Data Acquisition) and it’s hand in hand component PLC (Programmable Logic …

Continue reading

Posted in Thoughts.

Tokyo, we have a problem

Tokyo, we have a problem Japanese space engineers have admitted one of their computers has been infected by a Trojan that may have leaked sensitive data, including system login information, to hackers. Data exposed by the breach may have included emails, technical specifications and operational information as well as login credentials. The space agency has reset potentially exposed passwords while it continues to investigate the scope of the breach. Source It’s often in today’s connected world that we hear of servers, networks, and individual computers hacked into or that have picked up some malware. Mostly it tends to deal with money, banks, and financial houses. Ever so often it deals …

Continue reading

Posted in Thoughts.

Viruses stole City College of S.F. data for years

Viruses stole City College of S.F. data for years Personal banking information and other data from perhaps tens of thousands of students, faculty and administrators at City College of San Francisco have been stolen in what is being called “an infestation” of computer viruses with origins in criminal networks in Russia, China and other countries, The Chronicle has learned. “Given the outright mismanagement of our networks, if someone’s information is stolen, are we liable for that?” Jackson asked. Source So for 10 years or so, the Russian Business Network has been in the data banks of City College, along with the other usual suspects. What none of the antivirus/malware programs …

Continue reading

Posted in Thoughts.

Facebook Evading Privacy Questions

Joe Barton, a Texas Republican, and Edward Markey, a Massachusetts Democrat, are complaining Facebook is not answering questions about how the company tracks its users via cookies. Source In my mind, security and privacy are two sides of the same coin. To have privacy means you must have security to obtain it. Should security demand access to your data for security reasons, then privacy is invaded. A good demonstration of that in practice, is laws on the books involving sexual harassment, the liability that corporations bear in providing emails and communications between workers, and the ability to disprove sexual harassment charges by being able to show the source info through …

Continue reading

Posted in Thoughts.

A Prime Target for Cybercrime

This infographic in the source link provides clues to why Facebook is such a prime target. Source It all has to do with numbers; who has the most to have malware target. Why turn to a small community when you have millions of folk to target for the same effort. Microsoft battled all comers during the days of DOS to become the over-all winner. The results of that winning the battle of the Operating Systems has resulted in what is called the computer monoculture. According to Wikipedia, during Aug of 2011, personal computer users were using these OSes. Microsoft accounted for 87.1% worldwide Apple accounted for 6.7% Linux accounted for …

Continue reading

Posted in Thoughts.