IT Workforce in the US: 4 Million or 24 Million?
For now, BLS classifies most infosec pros in one of the eight computer occupations.) Our latest analysis based on the household survey, IT Employment Ends ...
SMS ransomware surfaces in Russia, charges $12 ransom
By Ryan Cloutier, Contributor
The black hat community is always on the lookout for a way to profit from its illicit activities. On the Web, Trojans and worms disguised as freeware present an easy way for even a moderately skilled hacker to capitalize on the naiveté and lack of experience of many internet users.
According to Nart Villeneuve at Trend Labs’ Malware Blog, recent techniques in the field of cybercrime often involve taking a user’s computer hostage. The malware does this by denying users access to their desktop and files until they dial an SMS number and enter a code.
In the latest ransomware campaign detected by Trend Labs, the SMS agency charges the user the equivalent of $12 before giving them the code to free their systems.
Villeneuve said an ongoing campaign has netted the responsible cybercriminal $29,435 over the last five weeks. He goes on to note mathematically this indicates that 2,500 people have paid the hacker’s ransom.
Cybercrime is a serious matter for cybercriminals who run these campaigns much like ordinary businesses and keep financial records for their own reference. In our research, we were able to access a panel that was used to keep track of the specific income generated by at least 60 phone numbers used in ransomware campaigns.
Villeneuve also notes users downloaded the specific file, identified by Trend Micro as WORM_RIXOBOT.A., more than 100,000 times in December. This means there is most likely a great deal of money going to that criminal.
Back in November, UK researchers detected a drive-by attack that encrypted media files and Microsoft Office documents and then demanded a $120 payment to have the files decrypted.
Several government and educational websites redirect visitors to fake stores.
By Ryan Cloutier, Contributor
Security researchers at ZScaler Inc. have provided a list of government websites that have been hijacked, redirecting visitors to Google searches.
Government web properties are not the only targets of these internet villains, some university websites, including those linked to Harvard, MIT and Stanford have fallen as well. According to Julien Sobrier, a researcher at zScaler, the list of hijacked sites includes:
There are also governmental sites in the list, from the U.S., China and other countries:
In zScaler’s research blog, Sobrier wrote that visitors are redirected to no ordinary Google search results; the results seem to consist entirely of fake online stores. The stores “sell” software at a discounted price. However, they all seem to have odd URLs and some of the sites are running SEO spam topics such as Viagra and U.S. student Visa.
Contemporary wisdom suggests these types of locations will not be kind to your bank accounts, Sobrier said.
Once again spammers have managed to poison search results for popular searches. This specific spam was reported a month ago, but it still shows up in the first page of results for multiple searches.
There also seem to be various domain names for the fake stores. The domain names run the gamut from the seemingly malicious software-supreme.com to the seemingly less threatening sacon.org. All in all the fake stores encompass at least 75 domains and each site looks slightly different.
What makes this attempt unique from your typical black hat attempt to turn Google’s algorithms against the common person is that the search engine optimization is in multiple languages. Usually spam SEO comes in English but this time we are seeing French, German and other varieties.
Posted by InfoSec News on Jan 14Forwarded from: Guofei Gu <guofei (at) cse.tamu.edu>
Posted by InfoSec News on Jan 14http://www.unionleader.com/article.aspx?articleId=6add3fd7-0f3f-4680-aa61-232503e7eaca&headline=Scandinavian+gamers+hack+NH+medical+center+to+play+Call+of+Duty%3b+compromise+records+of+230%2c000
Posted by InfoSec News on Jan 14http://www.tri-cityherald.com/2011/01/13/1324988/kadlec-computer-servers-hacked.html
Posted by InfoSec News on Jan 14http://www.news9.com/Global/story.asp?S=13833909
Posted by InfoSec News on Jan 14========================================================================
Posted by InfoSec News on Jan 14http://www.networkworld.com/news/2011/011311-cybersecurity-challenges-electrical-grid.html