Canada

Docs With Malicious Macros Deliver Fileless Malware (csoonline.com) 39

Posted by BeauHD from the monthly-subscription-to-malicious-malware dept.
itwbennett writes: Researchers from Palo Alto Networks warn that attackers are using Word documents with malicious macros and PowerShell to infect computers with fileless malware. The rogue PowerShell script performs a variety of checks on the computer aimed at finding systems that are used to conduct financial transactions and to avoid systems that belong to security researchers as well as medical and educational institutions. "Due to the target-specific details contained within the spam emails and the use of memory-resident malware, this particular campaign should be treated as a high threat," the Palo Alto researchers said in a blog post. A similar combination of PowerShell and fileless malware was observed last week by researchers from the SANS Institute's Internet Storm Center.
Google

No More Public Access To Google PageRank Scores 43

Posted by timothy from the mixed-feelings-about-bad-rubbish dept.
campuscodi writes: Google has confirmed with Search Engine Land that it is removing PageRank scores from the Google toolbar, which was the last place where someone could check their site's PageRank status. Many SEO experts are extremely happy at this point, since it seems that PageRank is responsible for all the SEO spam we see today.
Security

Cloud Security Startup ProtectWise Creates Network DVR To Analyze Threats (hothardware.com) 41

Posted by BeauHD from the into-the-matrix dept.
MojoKid writes: A Denver-based security startup called ProtectWise has a rather interesting twist on a security as a service platform that also incorporates an innovative threat detection and management user interface. The ProtectWise security platform runs on a cloud-based infrastructure that currently utilizes Amazon AWS for storage and processing. ProtectWise is an all software solution comprised of a "Cloud Network DVR" platform made-up of virtual cameras in the cloud that record all traffic on the network. The sensors (12MB install package) record all network traffic wherever they're installed and stream it up to the ProtectWise platform where it is securely stored and the threat analysis is performed. The sensors can be configured with profiles to capture just light metadata like netflow or headers (source, destination etc.) all the way to the full payload. You can then playback the traffic from the ProtectWise cloud analytics platform, going months back if needed, and analyze the data for threats. You can go back in time and see if, where and how you've been compromised retrospectively. There's also a ProtectWise HUD that visualizes and renders network threat location and progression, allowing you to make better use of all the data recorded. It has a 'KillBox' that visually shows attack event progression across the network area. The only question has to do with compliance for financial applications since it is cloud-based. Currently, ProtectWise has 100 or so deployments of its product in the market with customers like Netflix, Hulu, Expedia, Pandora and Universal Music.
Spam

BT Announces Free Service To Screen Nuisance Callers (thestack.com) 69

Posted by timothy from the personally-answered-by-john-cleese-too dept.
An anonymous reader writes: British telco BT is launching a free landline service for UK customers which promises to divert millions of unwanted calls. A dedicated team at BT will monitor calls made to UK numbers, across its network of over 10 million domestic landlines, to identify suspicious patterns, which could help to filter out nuisance callers. The flagged numbers will then be directed to a junk voicemail box. The company has estimated that the voicemail 'net' will catch up to 25 million cold calls every week. It explained that to achieve this success rate, it would be deploying enormous amounts of compute power to monitor and analyse large amounts of data in real-time.
Communications

A Bot That Drives Robocallers Insane 253

Posted by timothy from the letting-them-off-easy dept.
Trailrunner7 writes: Robocalls are among the more annoying modern inventions, and consumers and businesses have tried just about every strategy for defeating them over the years, with little success. But one man has come up with a bot of his own that sends robocallers into a maddening hall of mirrors designed to frustrate them into surrender. The bot is called the Jolly Roger Telephone Company, and it's the work of Roger Anderson, a veteran of the phone industry himself who had grown tired of the repeated harassment from telemarketers and robocallers. Anderson started out by building a system that sat in front of his home landlines and would tell human callers to press a key to ring through to his actual phone line; robocallers were routed directly to an answering system. He would then white-list the numbers of humans who got through. Sometimes the Jolly Roger bot will press buttons to be transferred to a human agent and other times it will just talk back if a human is on the other end of the line to begin with.
Spam

Ask Slashdot: Why Are Major Companies Exiting the Spam Filtering Business? (slashdot.org) 244

Posted by timothy from the lie-back-and-think-of-england dept.
broswell writes: For years we used Postini for spam filtering. Google bought Postini in 2007, operated it for 5 years and then began shutting it down. Then we moved to MX Logic. McAfee bought MX Logic, and McAfee was purchased by Intel. Now Intel is shutting down the service. Neither company chose to raise prices, or spin off the division. Anyone want to speculate on the reasons?
Privacy

DOJ and 4 States Want $24 Billion In Fines From Dish Network For Telemarketing (arstechnica.com) 117

Posted by timothy from the prince-albert-a-running-refrigerator-and-thou dept.
walterbyrd writes: The DOJ as well as Ohio, Illinois, California, and North Carolina say that Dish disregarded federal laws on call etiquette. US lawyers are asking for $900 million in civil penalties, and the four states are asking for $23.5 billion in fines, according to the Denver Post. 'Laws against phoning people on do-not-call lists and using recorded messages allow penalties of up to $16,000 per violation,' the Post added.
Advertising

Google Says It Killed 780 Million 'Bad Ads' In 2015 (cio.com) 92

Posted by timothy from the yeah-but-who's-counting? dept.
itwbennett writes: According to a new Google report, the search giant disabled more than 780 million "bad ads," including include ads for counterfeit products, misleading or unapproved pharmaceuticals, weight loss scams, phishing ploys, unwanted software and "trick-to-click" cons, globally last year. This marks a 49 percent increase over 2014. For perspective, it would take an individual nearly 25 years to look at the 780 million ads Google removed last year for just one second each, according to Google. If the trend continues, Google's team of more than 1,000 staffers dedicated to killing spam will be even busier in 2016, and they could disable more than a billion junky ads.
Facebook

Fake Facebook Emails Deliver Malware Masquerading As Audio Message 47

Posted by timothy from the you've-got-voicemail dept.
An anonymous reader writes: A new spam campaign is targeting Facebook users. It uses the same approach as the recent one aimed at WhatsApp users, and Comodo researchers believe that the authors of both campaigns are likely the same. The fake emails are made to look like an official communication from the popular social network, and their goal is to make the victims believe they have received a voice message. The attachment that the recipients are urged to download and open contains a malicious executable — a variant of the Nivdort information-stealing Trojan.
Spam

E-Mail Spam Goes Artisanal (bloomberg.com) 68

Posted by samzenpus from the made-just-for-you dept.
An anonymous reader writes: Spam filters have come a long way over the past two decades — but spammers have, too. Though email providers are better than ever at blocking spam, it's still big business, with a lot of money to be made. Security researchers are seeing a new trend in spam: less volume, and better targeting. The article mentions "snowshoe" attacks, which occupy the middle ground between massive spam campaigns and tiny phishing attacks. "Craig Williams, a senior manager at Talos, said the amount of snowshoe spam has more than doubled in the past two years and now accounts for more than 15 percent of all junk messages distributed globally." Security researchers have been pushing for a unified registry to help deal with these mid-range spammers, but it's hard to get a significant portion of providers on the same page, particularly when many are fond of running their own solutions.
Verizon

Verizon Accused of Helping Spammers By Routing Millions of Stolen IP Addresses (spamhaus.org) 120

Posted by Soulskill from the turning-a-blind-IP dept.
An anonymous reader writes: Spamhaus, an international non-profit organization that hunts down spammers, is accusing Verizon of indifference and facilitation of cybercrime because it failed for the past six months to take down stolen IP routes hosted on its network from where spam emails originated. Spamhaus detected over 4 million IP addresses, mainly stolen from China and Korea, and routed on Verizon's servers with forged paperwork. Spamhaus says, "For a start, it seems very strange that a large US-based ISP can be so easily convinced by abusers to route huge IP address blocks assigned to entities in the Asian-Pacific area. Such blocks are not something that can go unnoticed in the noise of everyday activity. They are very anomalous, and should call for an immediate accurate verification of the customer. Internal vetting processes at large ISPs should easily catch situations so far from normality."
Government

Debt Collectors Sneaking Robocall Exemptions Into Budget Bill 216

Posted by Soulskill from the making-lawsausages dept.
TCPALaw writes: Hate robocalls? In July, the FCC tightened the rules regarding robocalls to cell phones, especially debt collection calls (in particular limiting calls to wrong numbers or to anyone who is not the debtor). Now the debt collection industry is getting their revenge by sneaking in a massive exemption (see section 301 on page 10 to the PDF) to the the FCC's rules that would expressly permit debt collection robocalls to cell phones (and even collect calls!) for student loans, mortgages, taxes, and any other debt owed or guaranteed by the government. Time to make a few phone calls myself to some senators. The Senate switchboard is (202) 224-3121 or go to senate.gov to find the number for your senators. This may come up for a vote in 24 hours or less.
Intel

Intel Pulling the Plug On McAfee/MX Logic Anti-Spam (mcafee.com) 42

Posted by Soulskill from the it's-the-circle-of-life dept.
New submitter d4nimal writes: Intel today announced that it is killing the MX Logic/McAfee/Intel Security spam protection service (PDF). The last date of service is January, 2017. This comes on the heels of numerous outages and a general rise in user and admin dissatisfaction. Intel purchased the service as part of its McAfee acquisition in 2010. MX Logic was bought by McAfee less than a year earlier.
Communications

The Hostile Email Landscape (liminality.xyz) 217

Posted by Soulskill from the collateral-damage-in-the-war-on-spam dept.
An anonymous reader writes: As we consolidate on just a few major email services, it becomes more and more difficult to launch your own mail server. From the article: "Email perfectly embodies the spirit of the internet: independent mail hosts exchanging messages, no host more or less important than any other. Joining the network is as easy as installing Sendmail and slapping on an MX record. At least, that used to be the case. If you were to launch a new mail server right now, many networks would simply refuse to speak to you. The problem: reputation. ... Earlier this year I moved my personal email from Google Apps to a self-hosted server, with hopes of launching a paid mail service à la Fastmail on the same infrastructure. ... I had no issues sending to other servers running Postfix or Exim; SpamAssassin happily gave me a 0.0 score, but most big services and corporate mail servers were rejecting my mail, or flagging it as spam: Outlook.com accepted my email, but discarded it. GMail flagged me as spam. MimeCast put my mail into a perpetual greylist. Corporate networks using Microsoft's Online Exchange Protection bounced my mail."
Privacy

If You're Not Paranoid About Your Privacy, You're Crazy (theatlantic.com) 373

Posted by samzenpus from the stop-listening dept.
Muad'Dave writes: Here's an interesting article at The Atlantic about the prevalence of surveillance and the recent uptick in 'deja-vu' moments where devices seemingly hear your conversations and then attempt to market to you. From the article: "One night the previous summer, I’d driven to meet a friend at an art gallery in Hollywood, my first visit to a gallery in years. The next morning, in my inbox, several spam e-mails urged me to invest in art. That was an easy one to figure out: I’d typed the name of the gallery into Google Maps. Another simple one to trace was the stream of invitations to drug and alcohol rehab centers that I’d been getting ever since I’d consulted an online calendar of Los Angeles–area Alcoholics Anonymous meetings. Since membership in AA is supposed to be confidential, these emails irked me. Their presumptuous, heart-to-heart tone bugged me too. Was I tired of my misery and hopelessness? Hadn’t I caused my loved ones enough pain? Some of these disconcerting prompts were harder to explain. For example, the appearance on my Facebook page, under the heading “People You May Know,” of a California musician whom I’d bumped into six or seven times at AA meetings in a private home. In accordance with AA custom, he had never told me his last name nor inquired about mine. And as far as I knew, we had just one friend in common, a notably solitary older novelist who avoided computers altogether. I did some research in an online technology forum and learned that by entering my number into his smartphone’s address book (compiling phone lists to use in times of trouble is an AA ritual), the musician had probably triggered the program that placed his full name and photo on my page."
Businesses

First Legal Union of Illegal Street Vendors Created In Barcelona 61

Posted by samzenpus from the join-the-guild dept.
dkatana writes: Street vendors across Barcelona's tourist districts last week created their own union to negotiate with city officials. Barcelona has a new mayor, and new policies dealing with the "Top Manta" (for the blankets — or mantas — they spread out on the sidewalk). The recently-elected left-leaning administration in this Mediterranean city is taking a new — and controversial — approach to this complex issue. They argue that the real fault is the government's for not having a more comprehensive immigration policy. Mayor Ada Colau has welcomed the newly created Popular Union for Street Vendors (Sindicato Popular de Vendedores Ambulantes), established by the illegal vendors themselves.
Bitcoin

Man Behind Week-Long Bitcoin Attacks Reveals Himself 71

Posted by samzenpus from the out-of-the-shadows dept.
An anonymous reader writes: A Russian man that calls himself "Alister Maclin" has been disrupting the Bitcoin network for over a week, creating duplicate transactions, and annoying users. According to Bitcoin experts, the attack was not dangerous and is the equivalent of "spam" on the Bitcoin blockchain servers, known in the industry as a "malleability attack," creating duplicate transactions, but not affecting Bitcoin funds. Maclin recently gave an interview to Vice.
United States

NSF Awards $74.5 Million To Support Interdisciplinary Cybersecurity Research (nsf.gov) 9

Posted by samzenpus from the getting-paid dept.
aarondubrow writes: The National Science Foundation announced $74.5 million in grants for basic research in cybersecurity. Among the awards are projects to understand and offer reliability to cryptocurrencies; invent technologies to broadly scan large swaths of the Internet and automate the detection and patching of vulnerabilities; and establish the science of censorship resistance by developing accurate models of the capabilities of censors. According to NSF, long-term support for fundamental cybersecurity research has resulted in public key encryption, software security bug detection, spam filtering and more.
Crime

Citadel Botnet Operator Gets 4.5 Years In Prison 42

Posted by Soulskill from the in-the-jailhouse-now dept.
An anonymous reader writes: The U.S. Department of Justice has announced that Dimitry Belorossov, a.k.a. Rainerfox, an operator of the "Citadel" malware, has been sentenced to 4.5 years in prison following a guilty plea. Citadel was a banking trojan capable of stealing financial information. Belorossov and others distributed it through spam emails and malvertising schemes. He operated a 7,000-strong botnet with the malware, and also collaborated to improve it. The U.S. government estimates Citadel was responsible for $500 million in losses worldwide. Belorossov will have to pay over $320,000 in restitution.
Google

Hackers' Latest Targets: Google's Webmaster Tools 19

Posted by samzenpus from the prime-target dept.
jfruh writes: The latest attack vector hackers are taking advantage of: Google's Webmaster tools, which allow domain owners to index new pages for searching and react quickly to Google-detected malware. It's that last capability that hackers are after, tweaking things to keep infected sites under their control longer. From the ITWorld story: "According to the Sucuri researchers, by becoming verified owners for compromised websites, attackers can track how well their BHSEO campaigns perform in Google Search. They can also submit new spam pages to be indexed faster instead of waiting for them to be discovered naturally by Google's search robots, they can receive alerts if Google flags the websites as compromised, and, most importantly, they can remove legitimate owners of the site from the Search Console."

Slashdot Top Deals