You’ve seen the spam for Viagra, Cialis and other modern-day wonder drugs. Well, there’s a new kid on the block. Spammers have now figured out they may be able to scam you out of your hard earned cash by scaring you about the Swine Flu pandemic, or H1N1.
Linked to Russia
John Leyden recently reported: “Russian cybercrooks have laid the groundwork needed to build a business cashing in on swine flu panic-buying. Tamiflu sales from dodgy unlicensed pharmaceutical websites are being promoted through spam email, search engine manipulation and a variety of other underhand techniques. Web affiliates, commonly based in Russia where they are called Partnerka, are driving traffic to dodgy pharmaceutical sites using a variety of spam and adware-related marketing tactics.”
Spam prevention the best cure
I’m not really sure who would fall for these email scams. Who in the world self-inoculates against the flu? At any rate, Mailprotector protects users from exactly this kind of junk mail. We block spam, viruses, Trojans, phishing attacks and other email borne malware for reaching your Exchange server, or any mail server, so users won’t be tempted to purchase their own swine flu vaccine.
The Mega-D botnet was disabled last week by a team of white hat hackers. It may have had up to a quarter million infected machines under it’s control before it was disrupted. The botnet was estimated to be responsible for a third of the world’s spam output. It was knocked out of commission last week by employees of security firm FireEye.
How they did it
Dan Goodin reported: “After unplugging the Mega-D master control channels, the researchers set up a benign ’sinkhole’ channel for the bots to report to and waited to see what would happen.
Over five days, 487,340 unique IP addresses reported to the ad-hoc server. Using findings derived from last year’s take-down of the separate Srizbi botnet, FireEye estimates that the figure translates to 248,590 unique machines. Unlike Mega-D, Srizbi included an accounting mechanism that identified each infected machine. They then analyzed the number of IP addresses and noted that after five days, it was about double the number of individual Srizbi victims.”
Size hard to judge
FireEye’s Todd Rosenberry said “Any botnet size estimate should be taken with a grain of salt as they are notoriously hard to calculate and there is a lot of conflicting data out there.”
Effects felt worldwide
The researchers estimated that Brazil was the most infected country (11.5 percent of the victims), followed closely by India and Viet Nam. 214 countries were represented.
Still under watchful eye
Mega-D is still being monitored. There are plans to turn over maintenance of the sinkhole server to Shadowserver. These volunteers have established infrastructure and relationships with ISPs and Computer Emergency Response Teams, or CERTS, globally.
About Mailprotector
Mailprotector’s services are ideal for protecting your Exchange server, or any mail server, against spammers attempts to flood your inbox with their junk: spam, viruses, trojans, phishing attacks and other email borne malware and threats.
The UK is going all out against state-sponsored hackers and are in the process of recruiting a cyber army. Baroness Crawley says the Cyber Security Operations Centre (CSOC) will be located at GCHQ in Cheltenham and will have an initial staff of 19. Sounds like a jolly good start and us yanks are glad to have you in the fight with us. I can envision the CSOC now: it will be a bunch of computer geeks sitting at their terminals and they will look just like Bond, James Bond or Austin Powers. Yea, baby, yea!
About Mailprotector
Mailprotector offers SaaS email security and Hosted Exchange 2007. We’re in this battle for you to fight against spam, viruses, Trojans, phishing attacks and other email borne malware. It’s simple to use, highly effective and extremely affordable.
Today’s Washington Post shows how aggressive the Chinese have been in probing US systems and interests. There have been reports in the past that the Chinese have trained North Koreans in advanced hacking techniques. South Korea and the US experienced DDoS attacks last summer that originated in North Korea. There have also been numerous reports about repeated hacks and probes into US government networks with many of them being successful in extracting sensitive information.
Attempting to even the playing field
These state run hackers are fighting on a new front to try to level the “playing field” in the event that a shooting war breaks out. The US has the most technologically advanced military in the world. The thought is that if China, North Korea or another enemy can disrupt US military networks and critical infrastructure systems then it may give them a better chance of fighting against the US.
A flurry of preparation
Last month there were reports that NASA’s IT systems lacked thorough security systems. There is a report from yesterday that the Department of Interior failed a recent cybersecurity audit. Rod Beckstrom quit the US cybersecurity post he had been in for a few months due to political infighting. Obama has yet to name a replacement even though he has promised it is a priority of his. Department of Homeland Security and the NSA are spending huge sums of money to increase their staff and datacenters.
About Mailprotector
Mailprotector provides protection from the Chinese, North Koreans and other hackers that want to access your email systems. We block spam, viruses, Trojans, phishing attacks and other email borne malware from getting to your users and disrupting their vital communications. It’s easy to get started (and affordable too).
Today marks the 26th birthday of the computer virus. On November 10th 1983 Fred Cohen, a University of Southern California graduate student, provided a proof-of-concept during a security seminar at Lehigh University. 26 years later the computer virus is still going strong.
My first virus
I recall my first computer virus experience, “Melissa“, back in 1999. I was working for another company in London at the time and we started getting lots of email with the same subject line from multiple European and far eastern affiliates. Before long, many of our users were sending loads of email out that they never initiated. Our network admin “pulled the plug” on our local Exchange server until he could resolve the issue. I called our US headquarters to give them a heads-up but they still had numerous users opening and infecting their mail systems. That was a wake up call and dealing with email-borne malware provided an experience that I’ll never forget.
My how you’ve grown!
Email malware has gotten a lot nastier since then. It presents huge problems for users and admins. Computers can be hijacked and used for nefarious purposes. Information can be stolen and bank accounts drained. The FBI has released a warning about the threat to online cyber fraud. Some figures estimate cyber fraud losses to be upwards of $100 million year-to-date.
About Mailprotector
Mailprotector’s services have been squashing spam, viruses, Trojans, phishing attacks and other email-borne malware for nearly 10 years. It’s affordable, easy to set up and simple to use.
Vivek Kundra, federal CIO, outlined plans for new cybersecurity metrics and a dashboard for tracking progress in testimony to Congress. “Historically, the federal government has not been as effective as necessary in its cyber defense,” Kundra said to the Senate Homeland Security and Governmental Affairs Committee’s Subcommittee on Federal Financial Management, Government Information, Federal Services, and International Security.
“An inadequate cybersecurity workforce, a focus on compliance rather than outcomes, and a cumbersome and time-consuming process for collecting information hindered our cybersecurity management capabilities.”
A Different Focus
Kundra hopes new initiatives will focus more on performance rather than on paperwork. “The metrics will be focused on game changing ways to address real security,” he said. “It is not necessarily asking the question, do you have patch management program, but how long does it take for you to patch those systems? We are in early phases in terms of deploying a government-wide approach.”
CyberScope
The Office of Management and Budget released a new tool called CyberScope a few weeks ago. It lets federal agencies report FISMA compliance via an authenticated Web-based reporting tool rather than sending spreadsheets via e-mail.
Annual report required
This year agencies are required to report detailed spending information on cybersecurity. That information will make its way to a federal cybersecurity dashboard similar to the IT Dashboard launched earlier this year, a public Web site that tracks federal IT spending and project performance. “Just as the IT dashboard took us from a static, paper based environment to a dynamic digital environment, the new cybersecurity dashboard will provide the government with a real-time view of threats facing us and our vulnerabilities,” Kundra said.
About Mailprotector
Mailprotector’s service provides a web console so you can view your email security whenever you want. You’ll be able to monitor things such as what is being blocked: spam, viruses, Trojans, phishing attacks and other email borne malware. You can get granular reporting down to the user by specific date ranges. You can implement your own specific email compliance policy within the console. You don’t have to wait on our dashboard to be developed – it’s ready and we’re able to get you going now.
The National Security Agency (NSA) will soon break ground in Utah for a new cyber security data center that’s budgeted at $1.5 billion. The NSA facility will provide cybersecurity intelligence and warnings as well as provide support to defense and civilian agency networks.
“Our country must continue to advance its national security efforts and that includes improvements in cybersecurity. As we rely more and more on our communications networks for business, government and everyday use, we must be vigilant and provide agencies with the necessary resources to protect our country from a cyber attack.”
-Sen. Robert Bennett, R-Utah
Offering a hand to Homeland
They will also lend technical assistance to the Department of Homeland Security, according to a transcript of remarks by Glenn Gaffney, deputy director of national intelligence for collection, who is responsible for oversight of cyber intelligence activities in the Office of the Director of National Intelligence.
Located in Utah
The data center will be built a few miles south of Salt Lake City at Camp Williams, a National Guard training center. It was chosen for its access to cheap power, communications infrastructure, and availability of space, Gaffney said. The complex will comprise up to 1.5 million square feet of building space on between 120 to 200 acres, according to news sources.
About Mailprotector
Mailprotector operates in redundant data centers that provide plenty of horsepower to protect your email systems from spam, viruses, Trojans, phishing attacks and other email borne malware. So if you want to get your email systems protected at affordable prices then give us a call.
Security researchers recently found a Trojan that uses Facebook to communicate with its command and control server. The Trojan malware is being spread via e-mail through “documents (PDF, or MS Office formats) containing exploits for known vulnerabilities,” writes Andrea Lelli, a security analyst with Symantec Security Response. The malware works by contacting the mobile version of Facebook and using its Notes section.
Clues in the title
By analyzing the Trojan’s code, Lelli found that the Trojan will perform four different actions, depending on the notes’ titles that are found. If the title is Wells, the note will contain the timedate stamp for when a machine was infected. If it is WebServer, however, the note will contain a URL to be contacted from which the Trojan will receive commands, Lelli wrote.
“The real command and data processing is done through the remote URL that was received from the notes, and this URL may point anywhere,” Lelli blogged. “However … one could use a Facebook account as a C&C [command and control] server and this Trojan is able to successfully parse the Facebook html data, retrieve the wanted data from it, and also post new data to it (it may for example send stolen data to it in the form of a note in the same [way] as it sends a timedate stamp).”
The flipside
Social networks have been used to help control malware in the past. In August, Arbor Networks researcher Jose Nazario uncovered a botnet using Twitter to communicate with its army of compromised machines.
About Mailprotector
Mailprotector’s services prevent Trojans, viruses, spam, phishing attacks and other email borne malware from getting to your inbox and spreading havoc throughout your email infrastructure.
Senator Joe Lieberman recently announced the opening of a new Cyber Center. Homeland Security spent about $9 million for the new center. It will help better coordinate the government’s response to cyber attacks. Senator Lieberman, chairman of the Senate Homeland Security and Government Affairs Committee, said legislation being drafted by his committee will require federal agencies and private companies to set up a system to share information on cyber threats.
Government lags in cyber security
The feds are playing catch up when it comes to cyber security. There have been numerous reports about coordinating efforts at various agencies to better protect the U.S. critical government and critical infrastructure. Obama has been attempting to hire a Cyber Security Czar but has been turned down by numerous executives.
About Mailprotector
Mailprotector has been providing email security for customers for nearly 10 years. It didn’t take an act of Congress to get the ball rolling either. Just an abundance of annoying junk email flooding our inboxes gave the inspiration to put a stop to that nonsense. If you’re tired of waiting on Congress, Obama and the rest of the U.S. government to get started then join us in the good fight. Mailprotector will provide protection from spam, viruses, Trojans, phishing attacks and other email borne malware from getting to your inbox.
Facebook won a victory against a notorious spammer on October 29th when a federal judge awarded them $711 million. The judge found the spammer Sanford Wallace guilty of violating the Can-Spam Act as well as a restraining order. Wallace and two others used phishing sites and other methods to take control of Facebook accounts to use in their spamming operations.
Not the first lawsuit for “Spam King”
Sanford Wallace is better known as “Spam King” and “Spamford”. He’s been sued numerous times for spam and spyware related damages. Facebook attorney Sam O’Rourke was cautious about the win:
Facebook happy with outcome
“While we don’t expect to receive the vast majority of the award, we hope that this will act as a continued deterrent against these criminals,” blogged O’Rourke, Facebook’s lead counsel for litigation and intellectual property. “Most notably, the judge referred Wallace to the U.S. Attorney’s Office with a request that Wallace be prosecuted for criminal contempt, which means that in addition to the judgment, he now faces possible jail time. This is another important victory in our fight against spam. We will continue to pursue damages against other spammers.”
About Mailprotector
Mailprotector’s services help mitigate “Spam King’s” ways by blocking spam, spyware, phishing, Trojans, viruses, and other email borne malware to your inbox.
