[Previous] Hackers Use New Phishing Methods | great tips for all ...

 [Next] iTunes Users Victims of PayPal Phishing Scam | Security ....

Some related posts from Technorati and Google.

[Blog about Web Design] web design workshops 2009, | Blog about Web Design: With the help key cryptography, a Botmaster can act as an entity certification, which provides an effective way to rent the botnet to others in whole or in part, by a variable amount of time, and to protect against certain tenants purposes.To malicious, it is advisable to implement a black list containing all public keys.This invalidated the blacklist is stored on the computer of each bot, and Botmaster can add or remove public keys, using its private key to sign the order. Therefore, all certificates belonging to an attacker may be revoked.

[Steve Stewart Credigy] Botnets survey with encryption: It is usually asked to submit personal or confidential information, the legitimate receiver, the URL - the same is made. These emails can be generated and sent spam via botnet mechanism .

[CNET News.com] Bank Trojan botnet targets Facebook users | InSecurity Complex ...: Elinor Mills became fascinated with hacker culture when she was sent to Las Vegas to cover DefCon in 1995. Since then, script kiddies have given way to cyber criminals targeting bank passwords, and privacy risks are everywhere, from Google to Facebook and the iPhone.

[FireEye Malware Intelligence Lab] FireEye Malware Intelligence Lab: Smashing the Mega-d/Ozdok botnet ...: Or get some seed money and Payoff and empower 1 or 2 of the largest with bribes, implants into their organization or coersion, to get them to roll or ratt out the leadership on say the bottom 8 botnets. Typically if they are going to be Russian Eastern Europa based, all the hackers primarily know each other in the under ground over there.

[scot hacker's foobar blog] Botnets on the Rampage ”” scot hacker's foobar blog: I see a future where everything is so locked down that all of the fun participatory stuff becomes impossibly difficult. I worry that someday email will only be feasible with whitelisting, that registration with identity verification will be required for all participatory web features, and that the concept of anonymity will ultimately become untenable.

[Latest articles from SC Magazine US] Busting bots: Defending against botnets - SC Magazine US: Network security provider Arbor Networks, in its annual Worldwide Infrastructure Security Report, published in November, said botnets are the single greatest threat facing network operators because many resources are being spent to deflect prevalent and sophisticated botnet-driven DDoS attacks. The report also mentioned growing concern around IPv6 threats.

[Neowin.net] Neowin.net - Zombie botnet targets iPhone buyers: now as for Telling the ISP that a user on their network has a bot, ISP blocks said bot, user that had no idea they even had a bot gets real mad because they can't get email, moves to different ISP BOT still on their machine, New ISP blocks said user poor user has no idea he even has a bot. oh yeah problem not resolved as bot still exists on said users computer, now said user just can't access anything on the net.

[threatpost - The First Stop for Security News] Remember Aurora--and Other Botnets | threatpost: Finally, I think it’s valuable to point out that Damballa researchers have been in constant communication with customers that have been (and continue to be) targeted by the “Operation Aurora” criminal campaigns, and we’re providing our expertise to several of the victims that also fell prey to the newly redefined “Aurora Lite” attacks. Our experience with CnC discovery and how dynamic DNS is abused for CnC management, combined with the historical information necessary for building attack timelines, has proven very useful for tracking down the criminal operators behind the threat.

[BadwareBusters - Discussion Topics] Omg-omg-damn-funny.com - BadwareBusters: You might want to report through Windows Live Support again, and provide a link to this conversation and encourage them to find a way for Microsoft to flag the site for phishing so that a warning will appear for users of Internet Explorer.

[BBC NEWS | The Editors] BBC - The Editors: Click's botnet experiment: In my opinion, and that of other security professionals, the BBC has condoned illegal activities and should be investigated by the police not only in the UK but also in the countries where the botnet victims reside. The computer misuse act 1990 is quite clear about permission and there is no evidence to suggest that the BBC gained prior, written permission for access from the ~21,000 botnet victims.

[Charlie's Diary] Where we went wrong - Charlie's Diary: VMS had two things that no PC system, and no version of Unix I know about, ever did: first, a provably airtight kernel (probably because VMS was used for things like nuclear reactor design, where the government actually required provably bug-free code), and more importantly in this case, a whole array of privileges that can be handed out selectively (to a user and/or a process rather than just the all-or-nothing "superuser" status that Unix and other common operating systems use. For example, you can give a process the power to access certain restricted objects (say, the console printer or the fast batch queue) but not the power to modify files belonging to others.

[Making Light] Making Light: Phishing/Scam: On the other hand, email addresses of people who have eBay accounts - and/or Paypal accounts - and who will momentarily believe complaints about negative feedback to be personally directed to them - that's a valuable resource. Some small fraction of that group will be susceptible to phishing or social engineering attacks - "please log in and check your account!" - and that fraction is rapidly convertible to large cash transfers.

[CNET News.com] Phishing, worms spike this year, say Microsoft and McAfee ...: McAfee's report showed the U.S. as the top country when it comes to the number of compromised computers that are zombies used in botnets to do things like send spam, followed by China and Brazil. The U.S. also is the top distributor of spam and has the most servers hosting malware, McAfee said.

Reflected tags on Technorati: Blog, Phishing, Global Security Watch