snydeq writes to mention that a recent survey by KPMG shows that many people feel that out-of-work IT workers will be much more tempted to turn to criminal activities due to the down economy. This, coupled with an E-crime survey that shows fraud committed by managers, employees, and customers tripled between 2007 and 2008 paints an interesting picture. "In other survey results, 45 percent of respondents who handle critical national infrastructure said they are seeing an increase in the number of attacks on their systems. Fifty-one percent of respondents from the same category said the technical sophistication of those attacks is getting better. Sixty-eight percent said that of all kinds of malicious code they felt Trojan horse programs — ones that are designed to look harmless but can steal data along with other functions — had the most impact on their businesses. Rootkits are the next highest concern, followed by spyware, worms, viruses, mobile malicious code and, finally, adware."

clover kicker writes "The CBC reports that the group managing Canada's .ca internet domain is working to foil an internet worm set to attack starting April Fool's Day. 'This is the first virus that's really focused on domain names as part of propagating the virus itself,' said Byron Holland, CEO of the Canadian Internet Registration Authority, a non-profit organization that represents those who hold a .ca domain. CIRA's strategy includes pre-emptively registering and isolating previously unregistered .ca domain names that Conficker C is expected to try and generate, said a news release issued by the group. That would make those names unavailable for anyone to register in order to set up a website to host the worm's 'command and control' file. A list of the names has been predicted by security experts based on the worm's code. In addition, CIRA is investigating and monitoring activity at names on the list that have already been registered and will 'take appropriate action if suspicious activity is detected.'"

narramissic writes "Researchers with security consultancy IOActive have created a worm that could quickly spread among Smart Grid devices, small computers connected to the power grid that give customers and power companies better control over the electricity they use. '[The worm] spread from one meter to another and then it changed the text in the LCD screen to say "pwned,"' said Travis Goodspeed, an independent security consultant who worked with the IOActive team. In the hands of a malicious hacker, this code could be used to cut power to Smart Grid devices that use a feature called 'remote disconnect,' which allows power companies to cut a customer's power via the network. The robustness of US power networks has been a hot-button issue after a technical glitch in 2003 caused a cascading power failure in the eastern United States and Canada that affected 55 million people."

meatheadmike writes to tell us that a recent Canadian court case brought against the Canadian Recording Industry Association by isoHunt Web Technologies, Inc, could drastically change the web landscape in Canada. "The question before the British Columbia Supreme Court is if a site such as isoHunt allows people to find a pirated copy of movies such as Watchmen or The Dark Knight, is it breaching Canadian copyright law? 'It's a huge can of worms," said David Fewer, acting director of the Canadian Internet Policy and Public Interest Clinic at the University of Ottawa. 'I am surprised that this litigation has gone under the radar as much as it has. I do think this is the most important copyright litigation going on right now.'"

KingofGnG writes "Conficker/Downup/Downadup/Kido malware, that according to Symantec 'is, to date, one of the most complex worms in the history of malicious code,' has been updated and this time for real. The new variant, dubbed W32.Downadup.C, adds new features to malware code and makes the threat even more dangerous and worrisome than before."

mask.of.sanity writes "BitDefender has released what it claims is the first vaccination tool to remove the notorious Conficker virus that infected some 9 million Windows machines in about three months. The worm, also known as Downadup, exploits a bug in the Windows Server service used by Windows 2000, XP, Vista, Server 2003 and Server 2008. It spreads primarily through a buffer overflow vulnerability in Windows Server Service where it disables the operating system update service, security center, including Windows Defender, and error reporting. The Romanian security vendor said its removal tool will delete all versions of Downadup and will not be detected by the virus."

nandemoari writes "A new variant of the Conficker/Downadup worm has been detected. The worm opens a backdoor on an infected machine and allows hackers remote control of infected PCs. Dubbed Conficker B++ (and not to be confused with Conficker B), the new variant of the worm opens a backdoor with auto-update functionality, allowing a hacker to distribute malware to infected machines. It's difficult to know exactly how long Conficker B++ has been circulating, but researchers first noticed it on February 6 of this year." If this seems familiar to you, it probably is.

CWmike writes "Criminals behind the widespread Conficker worm have released a new version that could signal a major shift in the way the malware operates. The new variant, dubbed Conficker B++, was spotted three days ago by SRI International researchers, who published details of the new code on Thursday. To the untrained eye, the new variant looks almost identical to the previous version of the worm, Conficker B. But the B++ variant uses new techniques to download software, giving its creators more flexibility in what they can do with infected machines."

alphadogg writes "The spreading Conficker/Downadup worm is now viewed as such a significant threat that it's inspired the formation of a posse to stop it, with Microsoft leading the charge by offering a $250,000 reward to bring the Conficker malware bad guys to justice. The money will be paid for 'information that results in the arrest and conviction of those responsible for illegally launching the Conficker malicious code on the Internet,' Microsoft said today in a statement, adding it is fostering a partnership with Internet registries and DNA providers such as ICANN, ORG, and NeuStar as well as security vendors Symantec and Arbor Networks, among others, to stop the Conficker worm once and for all. Conficker, also called Downadup, is estimated to have infected at least 10 million PCs. It has been slowly but surely spreading since November. Its main trick is to disable anti-malware protection and block access to anti-malware vendors' Web sites."

Linker3000 writes "According to The Register, OpenDNS plans to introduce an new service that will prevent PCs infected with the Conficker (aka Downadup) malware from contacting its control servers, and will also make it easy for admins to know if even a single machine under their control has been infected by Conficker: 'Starting Monday, any networks with PCs that try to connect to the Conficker addresses will be flagged on an admin's private statistics page. The service is available for free to both businesses and home users.' With the amount of trouble this worm has caused, perhaps this is a good time to take a look at OpenDNS if you haven't done so already."

As the year comes to an end, most game sites are putting up lists highlighting their favorite games of 2008. Gamasutra is no exception, but they've nicely consolidated a variety of lists, and included some of their reasons and commentary to go with them. The topics range from the best overlooked games (Soul Bubbles and Pure) to the best new gameplay mechanics (first-person parkour in Mirror's Edge and Spore's procedural content generation) to the best overall games of the year (Fallout 3, World of Goo, and LittleBigPlanet). What were your top games of 2008?

nnfiber writes "What if home owners could also own their Internet connection? Tim Wu, of New America Foundation and Derek Slater, Google's Policy Analyst, say this can be a new effective way to encourage broadband deployment — an important issue in 'America's economic growth.' In his post, Timothy B. Lee says: 'That might sound like a crazy idea at first blush, but Wu and Slater do a great job of explaining how it might work. The key idea is "condominium fiber," an arrangement in which a number of neighboring households pool their resources to install fiber to all the homes in their neighborhoods. Once constructed, each home would own its own fiber strand, while the shared costs of maintaining the "trunk" cable from the individual homes to a central switching location would be managed in the same way that condominium and homeowners' associations currently manage the shared areas of condos and gated communities.'"

In an attempt to make the entomologists in "The Silence of the Lambs" look like Cary Grant, a Japanese man released hundreds of beetle larvae inside a express train to try to scare female passengers. In his words, "I wanted to see women get scared and shake their legs." "He would go close to women on the train, any woman, and pour out the worms from containers," said a police spokesman. He had 10 containers in his backpack, estimated to contain a total of 3,600 worms.

djupedal writes "Booming like a 1980s video game, the Howler can even make liquids ripple — Oklahoma's largest ambulance company will become the first ambulance service in the nation to outfit its entire fleet with new Howler sirens, designed to emit low-frequency tones that penetrate objects within 200 feet — such as cars — to alert drivers." This is all well and fine, but I wonder what they plan to do when their sirens call up one of the big worms from deep below?

An anonymous reader points out a story in the Washington Post, which begins: "A single response from 12 million e-mails is all it takes for spammers to turn annual profits of millions of dollars promoting knockoff pharmaceuticals, according to an unprecedented new study on the economics of spam. Over a period of about a month in the Spring of 2008, researchers at the University of California, San Diego and UC Berkeley sought to measure the conversion rate of spam by quietly infiltrating the Storm worm botnet, a vast collection of compromised computers once responsible for sending an estimated 20 percent of all spam." The academic paper (PDF) is also available. We've previously discussed another group of researchers who were able to infiltrate the botnet for a different purpose.

rsiles writes "When security professionals are dealing with huge amounts of information (and who isn't nowadays?), correlation and filtering is not the easiest path (and sometimes enough) to discern what is going on. The in-depth analysis of security data and logs is a time-consuming exercise, and security visualization (SecViz) extensively helps to focus on the relevant data and reduces the amount of work required to reach to the same conclusions. It is mandatory to add the tools and techniques associated to SecViz to your arsenal, as they are basically taking advantage of the capabilities we have as humans to visualize (and at the same time analyze) data. A clear example is the insider threat and related incidents, where tons of data sources are available. The best sentence (unfortunately it is not an image ;) that describes SecViz comes from the author: 'A picture is worth a thousand log entries.'" Read on for the rest of rsiles's review.

An anonymous reader writes "'According to an email sent out by Asus, PC Advisor reports, the Eee Box's 80GB hard drive has the recycled.exe virus files hidden in the drive's D: partition. When the drive is opened, the virus activates and attempts to infect the C: drive and any removable drives connected to the system.'"

ruphus13 writes "Playing DVDs on Linux that required proprietary codecs has been a source of much pain. Ubuntu (or anyone else, for that matter) is not legally allowed to redistribute these codecs. So, users were left with sub-optimal choices. Convert the multimedia to an open format, acquire new media, or use a codec 'found' on the web, which may be illegal. In its continued effort to have a seamless and slick user experience, Canonical made the hard choice to offer the sale and support for proprietary codecs that users had to actually purchase for Ubuntu. This is not a fight Canonical can fight alone, and they are sure to get some grief for the decision."

chrb writes "BBC News is reporting that laptops taken to the International Space Station by NASA astronauts are infected with the Gammima.AG worm. The laptops have no net connection; officials suspect the worm may have been transferred via a USB flash drive owned by an astronaut. NASA have said this isn't the first time computer viruses had travelled into space."

mytrip and several other readers let us know that a judge in Boston has lifted the gag order — actually let it expire — against three MIT students who discovered flaws in the security of the local transit system, the MBTA. We've discussed the case over the last 10 days. "Judge O'Toole said he disagreed with the basic premise of the MBTA's argument: That the students' presentation was a likely violation of the Computer Fraud and Abuse Act, a 1986 federal law meant to protect computers from malicious attacks such as worms and viruses. Many had expected Tuesday's hearing to hinge on First Amendment issues and what amounts to responsible disclosure on the part of computer security researchers. Instead, O'Toole based his ruling on the narrow grounds of what constitutes a violation of the CFAA. On that basis, he said MBTA lawyers failed to convince him on two points: The students' presentation was meant to be delivered to people, and was not a computer-to-computer 'transmission.' Second, the MBTA couldn't prove the students had caused at least $5,000 damage to the transit system."