Botnet

Microsoft Looks To Courts For Botnet Takedowns 93

angry tapir writes "Microsoft has seen a dramatic drop in the number of computers infected with Waledac, a piece of malicious software affiliated with a botnet that was once responsible for a massive amount of spam. In the second quarter of this year, the company cleaned only 29,816 computers infected with Waledac, down from 83,580 computers in the first quarter of the year. The drop in the number of infected machines shows the success of the legal action Microsoft took earlier in the year, according to the company."
Security

Spammers Using Soft Hyphen To Hide Malicious URLs 162

Trailrunner7 writes with this excerpt from ThreatPost illustrating the ongoing Spy-vs.-Spy battle between spammers and the rest of us: "Spammers have jumped on the little-used soft hyphen (or SHY character) to fool URL filtering devices. According to researchers, spammers are larding up URLs for sites they promote with the soft hyphen character, which many browsers ignore. Spammers aren't shy about jumping humans flexible cognitive abilities to slip past the notice of spam filters (H3rb41 V14gr4, anyone?). ... The latest trend involves the use of an obscure character called the soft hyphen or 'SHY' character to obscure malicious URLs in spam messages. Writing on the Symantec Connect blog, researcher Samir Patil said that the company has seen recent spam messages that insert the HTML symbol for the soft hyphen to obfuscate URLs for Web pages promoted by the spammers."
Spam

Canadian Spammer Fined Over $1 Billion 379

innocent_white_lamb writes "A man has been fined ONE BEELYUN DOLLARS (yes, really) for sending 4,366,386 spam messages that were posted on Facebook. He was fined $100 for each message, and including punitive damages he now owes $1,068,928,721.46. A ruling by a US District Court judge in San Jose, California has now been upheld by the Quebec Superior Court (the defendant lives in Montreal)."
Google

Google URL Shortener Opened To the Public 244

Anonymusing writes "Just what the world needs, another URL shortener, right? Google seems to think so, and it's making its own widely available to anyone — complete with tracking and statistics — for free. As noted on its blog: 'There are many shorteners out there with great features, so some people may wonder whether the world really needs yet another. As we said late last year, we built goo.gl with a focus on quality. With goo.gl, every time you shorten a URL, you know it will work, it will work fast, and it will keep working. You also know that when you click a goo.gl shortened URL, you're protected against malware, phishing and spam using the same industry-leading technology we use in search and other products.' Is bit.ly shaking in its boots?"
Security

Attack Targets LinkedIn Users With Fake Contact Requests 122

wiredmikey writes "On Monday morning, cybercriminals began sending massive volumes of spam email messages targeting LinkedIn users. Starting at approximately 10am GMT, users of the popular business-focused social networking site began receiving emails with a fake contact request containing a malicious link. According to Cisco Security Intelligence, these messages accounted for as much as 24% of all spam sent within a 15-minute interval today. If users click, they are taken to a web page that says 'PLEASE WAITING.... 4 SECONDS..' and then redirected to Google, appearing as if nothing has happened. During those four seconds, the site attempted to infect the victim's PC with the ZeuS Malware via a 'drive-by download' – something that requires little or no user interaction to infect a system."
Image

Drupal E-commerce With Ubercart 2.x Screenshot-sm 65

Michael J. Ross writes "In the past, a Web developer tasked with building an online store would most likely do so using a dedicated e-commerce system, instead of a content management system (CMS), because even though the leading CMSs offered more features and flexibility, they did not provide robust e-commerce capabilities, such as product listings, bulk import, pricing in multiple currencies, a built-in shopping cart, and integration with tax and shipping information sources. Since that time, e-commerce systems have become more like CMSs, by adding features such as blogging and forums. At the same time, CMSs are continually expanding their e-commerce potential, usually in the form of developers adding plug-ins. For developers using Drupal, there traditionally have been two major e-commerce plug-ins (known as "modules"): Ubercart and e-Commerce. The former has emerged as the leader, and is explored in Drupal E-commerce with Ubercart 2.x." Read on for the rest of Michael's review.
Security

Microsoft Helps Adobe Block PDF Zero-Day Exploit 93

CWmike writes "Microsoft has urged Windows users to block ongoing attacks against Adobe's popular PDF viewer by deploying one of Microsoft's enterprise tools. Adobe echoed Microsoft's advice, saying the Enhanced Migration Experience Toolkit (EMET) would stymie attacks targeting Reader and Acrobat. Called 'scary' and 'clever,' the in-the-wild exploit went public last week when security researcher Mila Parkour reported it to Adobe after analyzing a rogue PDF document attached to spam. Adobe first warned users Wednesday of the threat, but at the time gave users no advice on how to protect themselves until a patch was ready. Microsoft stepped in on Friday. 'The good news is that if you have EMET enabled ... it blocks this exploit,' said Fermin Serna and Andrew Roths, two engineers with the Microsoft Security Response Center in an entry on the group's blog." A Symantec blog post suggests the people exploiting this vulnerability may be the 'Aurora' group responsible for the attacks on Google late last year.
Worms

Anti-US Hacker Takes Credit For Worm 221

angry tapir writes "Credit for the "Here You Have" worm (recently discussed on Slashdot), has been taken by a hacker known as 'Iraq Resistance' who says the worm was designed, in part, as a propaganda tool. He said he had not expected the worm to spread as broadly as it had, and noted that he could have done much more damage to victims. 'I could smash all those infected but I wouldn't,' said the hacker. 'I hope all people understand that I am not negative person!' In other parts of the message, he was critical of the US war in Iraq. For a brief period early the worm accounted for about 10 percent of the spam on the Internet."
Crime

Rogue Employees Sell World Cup Fans' Passport Data 128

An anonymous reader writes "Reports are coming in that the Information Commissioner's Office has started investigating FIFA, the world football governing body, over allegations that details of thousands of World Cup fans' — including their passport data — were accessed by one or more members of staff and then sold on the black market. It is alleged that the details of more than 35,000 English fans — who visited Germany for the 2006 World Cup — had their passport and allied data sold to ticket touts for marketing purposes."
Bug

Facebook Glitch Let Spammer Post To Walls 63

angry tapir writes "A clever spammer found a glitch in Facebook's photo upload system and used it to post thousands of unwanted Wall messages last week. Facebook confirmed the bug Friday, after notifying affected users of the issue. Most of the messages promised 'Free iPhones,' a common spam message on Facebook these days. Facebook says that the spammer hit thousands of profiles before the company removed the spammy photos and notified affected users. No accounts were compromised as a result of the bug."
Spam

Spammers Attack Apple's Ping Social Network 85

An anonymous reader writes "Scammers and spammers have deluged the new Ping musical social network, created by Apple and built into the new version of iTunes. Sophos researchers have found that Ping is being overrun by scams and spam messages. 'Apple seems to have anticipated a certain degree of malfeasance, as profile pictures that you upload will not appear until approved by Apple. They are likely filtering for other offensive content as well, so they probably have means in place they could use to stop the spam.' It's ironic that the most common scams on Ping right now revolve around Apple's own iPhone." The Sophos blog post adds that Apple is doing their best to clamp down on the spam, manually deleting many of the offending messages for now. Reader Tootech adds that Facebook integration was quickly disabled, possibly because of blocked API access.
Botnet

Researchers Cripple Pushdo Botnet 129

Trailrunner7 writes with this from ThreatPost: "Researchers have made a huge dent in the Pushdo botnet, virtually crippling the network, by working with hosting providers to take down about two thirds of the command-and-control servers involved in the botnet. Pushdo for years has been one of the major producers of spam and other malicious activity, and researchers have been monitoring the botnet and looking for ways to do some damage to it since at least 2007. Now, researchers at Last Line of Defense, a security intelligence firm, have made some serious progress in crushing the botnet's spam operations. After doing an analysis of Pushdo's command-and-control infrastructure, the researchers identified about 30 servers that were serving as C&C machines for the botnet. Working with the hosting providers who maintained the servers in question, the LLOD researchers were able to get 20 of the C&C servers taken offline, the company said."
Spam

Rustock Botnet Responsible For 40% of Spam 250

angry tapir writes "More than 40 percent of the world's spam is coming from a single network of computers that computer security experts continue to battle, according to new statistics from Symantec's MessageLabs' division. The Rustock botnet has shrunk since April, when about 2.5 million computers were infected with its malicious software that sent about 43 billion spam e-mails per day. Much of it is pharmaceutical spam."
Security

"Dislike" Button Scam Hits Facebook Users 179

An anonymous reader writes "A message saying 'I just got the Dislike button, so now I can dislike all of your dumb posts lol!!' is spreading rapidly on Facebook, tempting unsuspecting users into believing that they will be able to "dislike" posts as well as "like" them. However, security researchers say that it is just the latest 'survey scam', tricking Facebook users into into giving a rogue Facebook application permission to access their profile, and posting spam messages from their account. The rogue application requires victims to complete an online survey (which makes money for the scammers) before ultimately redirecting to a Firefox browser add-on for a Facebook dislike button developed by FaceMod. "As far as we can tell, FaceMod aren't connected with the scam — their browser add-on is simply being used as bait," says Sophos security blogger Graham Cluley."
Government

MP Wants Official Email Address Kept Private 179

nk497 writes "An MP in the UK has had his official email address removed from the parliamentary website, because he's tired of getting 'nuisance' emails via online campaign websites. MP Dominic Raab's parliamentary.uk email is currently not listed on the House of Commons' website following a spat with online campaigners 38 Degrees. 'Just processing the emails from your website absorbs a disproportionate amount of time and effort, which we may wish to spend on higher priorities, such as helping constituents in real need or other local or Parliamentary business,' he said, threatening to report the group to the government's data and privacy watchdog if they didn't remove the details from their own website. 38 Degrees says Raab gave them his personal email address during the election: 'it's only since he became a member of parliament with a taxpayer funded email address that he's now said he doesn't want to hear from people,' unless they're willing to shell out for a stamp to write him a letter. The lobby group said Raab likely averaged fewer than two emails from their site each day."
Social Networks

Buried By The Brigade At Digg 624

Slashdot regular Bennett Haselton writes in with an essay on a subject we've dealt with internally at Slashdot for years: user abuses of social news... this time at Digg. He starts "Alternet uncovers evidence of a 'bury brigade' coordinating efforts to 'bury' left-leaning stories on Digg. Digg had previously announced that the 'bury' button will be removed from the next version of their site, to prevent these types of abuses, but that won't fix the real underlying issue — you can show mathematically that artificially promoting stories is just as harmful in the long run. Here's a simple fix that would address the real problem."
Security

ReCAPTCHA.net Now Vulnerable to Algorithmic Attack 251

n3ond4x writes "reCAPTCHA.net algorithms have been developed to solve the current CAPTCHA at an efficacy of 30%. The algorithms were disclosed at DEFCON 18 over the weekend and have since been made available online. Also available is a video demonstration of random reCAPTCHA.net CAPTCHAs being subjected to the algorithms." There's probably an excellent Firefox plugin to render this page's color scheme more bearable. Note: the PowerPoint presentation linked opens fine in OpenOffice, and the video speaks for itself.
Image

Beautiful Data Screenshot-sm 18

eldavojohn writes "Beautiful Data: The Stories Behind Elegant Data Solutions is an addition to six or so other books in the 'Beautiful' series that O'Reilly has put out. It is not a comprehensive guide on data but instead a glimpse into success stories about twenty different projects that succeeded in displaying data — oftentimes in areas where others have failed. While this provides, for the most part, disjointed stories, it is a very readable book compared to most technical books. Beautiful Data proves to be quite the cover-to-cover page turner for anyone involved in building interfaces for data or the statistician at a loss for the best way to intuitively and effectively relay knowledge when given voluminous amounts of raw data. That said, it took me almost two months to make it through this book, as each chapter revealed a data repository or tool I had no idea existed. I felt like a child with an attention deficit disorder trying my hand at nearly everything. While the book isn't designed to relay complete theory on data (like Tufte), it is a great series of short success stories revolving around the entire real world practice of consuming, aggregating, realizing and making beautiful data." Keep reading for the rest of eldavojohn's review.
Patents

Company Claims Patent On Spam Filtering, Sues World 186

EvilAlphonso notes news of a "Texas" IP holding company suing 36 actual companies for violating its claimed patent on spam filtering. Techdirt deconstructs the patent itself, No. 6,018,761, which seems to amount to little more than a database lookup. It was filed in 1996 and issued in 2000 (despite the lawyers' press release claiming that it "was awarded... nearly 15 years ago"). Among the companies being sued are 3Com, Apple, Google, AOL, Yahoo, J.C.Penney, IBM, Dell, Citigroup, and RIM. Not Comcast, Verizon, AT&T, or Microsoft, oddly enough.

Slashdot Top Deals