The Conficker worm has re-emerged as the top e-threat on BitDefender’s Top Ten E-Threats for August, a countdown of the month’s most popular pieces of malware. Conficker Worm Accounts For Most Infections The Conficker worm has re-emerged as the top e-threat on BitDefender’s Top Ten E-Threats for August, a countdown of the month’s most popular pieces of malware. After more than eight months since it first entered the top 10, Conficker ranks first accounting for 43 percent of infected machines. The worm restricts access to websites associated with IT security vendors. The latest version of the worm installs rogue security software on the compromised machines. Second place belongs to Win32.Induc.A, malware that infects applications built with Borland (now Embarcadero) Delphi versions 4 through 7. Ranking third is WIN32.Sality.OG, a polymorphic file infector that appends its encrypted code to executable files. In fourth place is Worm.Autorun.VHG, an Internet/network worm that exploits the Windows MS08-067 vulnerability in order to execute itself remotely by using a specially crafted RPC (remote procedure call) package. Ranking fifth is WIN.Virtob.Gen, a file infector written in assembly language. This piece of malware hides its presence by injecting hooks into other Windows processes, but avoids compromising system files. BitDefender’s August 2009 Top 10 E-Threat list includes: Pos name % 1. Win32.Worm.Downadup 43 2. Win32.Induc.A 15 3. Win32.Sality.OG 14 4. Worm.Autorun.VHG 9 5. Win32.Virtob.Gen 5 6. Packer.Malware.NSAnti.1 4 7. Win32.Worm.AutoIT.AC 3 8. Win32.Sality.2.OE 3 9. GEN:TDSS.Patched.1 2 10. Win32.Worm.Downadup.Gen 2

More here:
Conficker Worm Accounts For Most Infections

The Department of Justice has announced it has indicted Albert Gonzalez, 28, of Miami, Fla., for allegedly hacking into the computer networks of major American retail and financial organizations and stealing more than 130 million credit and debit card numbers. DOJ Charges Man In Largest U.S. Hacking Case In a two-count indictment alleging conspiracy and conspiracy to engage in wire fraud, Gonzalez, AKA “soupnazi” online is charged, along with two unnamed co-conspirators, with using an SQL injection attack to steal credit and debit card information. The businesses targeted in the attack include Heartland Payment Systems, a New Jersey-based card payment processor, 7-Eleven and Hannaford Brothers, a Maine-based supermarket chain. The DOJ says it’s the largest alleged credit and debit card breach ever in the United States. If convicted, Gonzalez faces up to 20 years in prison on the wire fraud conspiracy charge and an additional five years in prison on the conspiracy charge, as well as a fine of $250,000 for each charge. Gonzalez is currently in federal custody for his alleged role in the hacking of a computer network run by a national restaurant chain. Trial on those charges is scheduled to begin in September. In August of 2008, the Justice Department announced an additional series of indictments against Gonzalez and others for a number of retail hacks affecting eight major retailers and involving the theft of data related to 40 million credit cards. Those charges were filed in the District of Massachusetts. Gonzalez is scheduled for trial on those charges in 2010.

Read more:
DOJ Charges Man In Largest U.S. Hacking Case

Smartphone users need to do more to protect themselves from a variety of Web threats, according to a new survey from security firm Trend Micro. Smartphone Users Take Web Threats Lightly Trend Micro surveyed over 1,000 smartphone and iPhone owners and found that 44 percent feel that surfing the Internet on their mobile devices is just as safe, if not safer, as surfing on their PC. Less than a quarter (23%) of smartphone users utilize security software already installed on their smartphone. One out of five respondents don’t think installing a security software program on their phones would be very effective, since they believe there is limited risk in smartphone surfing. Most smartphone users are aware of the types of Web threats that could infect their smartphones and almost half of respondents have been infected with malware. Phishing is the most familiar threat term among smartphone users with 80 percent of them know what it is and 20 percent have encountered a scam. Almost half of the respondents have received spam emails on their phone in the past 3 months; 17 percent say the number of spam emails has increased. Half of those surveyed have opened email attachments on their smartphones during the last month and nearly 40 percent have clicked on a URL link in an email received on their phone.

See original here: 
Smartphone Users Take Web Threats Lightly

Symantec has released a new report that identifies what it calls the “Dirtiest Web Sites of Summer 2009,” the 100 sites with the most threats. The Dirtiest Websites To Avoid Nearly 50 percent (48%) of the dirtiest websites feature adult content while the remainder of the list contains subject matter generally not associated with risk, including sites focused on deer hunting, figure skating, legal services, and buying electronics. Malware is the most common threat represented on the dirtiest list , followed by security risks and browser exploits. Just by visiting one of these sites, without downloading anything, could put users at risk of exposing their computer to infection or identity theft. “This list underscores what our research shows- there has been exponential growth in the number of online threats that are constantly evolving as cybercriminals look for new ways to target your money, identity or assets. In 2008, most new infections occurred while people were surfing the Web,” said Rowan Trollope, senior vice president, Consumer Business Unit, Symantec. “Norton Safe Web provides visual ratings that let consumers know about potential risks before visiting a site. Armed with this information, consumers are empowered to make informed decisions about which sites to visit.” Among the dirty sites, the average malware count is 18,000 threats per site. This increases to 20,000 for the top 40 on the list, with 75 percent of all sites on the list distributing malware for more than six months.

Original post:
The Dirtiest Websites To Avoid

Employers are gradually putting more restrictions on what websites their employees can view and are increasingly choosing to block access to popular social networking sites, according to a new report from security firm ScanSafe. More Employers Blocking Social Networks “When Web filtering first became an option for companies we generally saw them block access to typical categories such as pornography, illegal activities and hate and discrimination,” said Spencer Parker, director of product management at ScanSafe . “In recent months, employers are obviously wising up to the dangers and negative impact on productivity linked to certain sites and more and more of our customers have chosen to block social networking, online banking and Webmail.” The report found a 20 percent increase in the number of companies blocking social networking sites in the last six months. Currently, 76 percent of companies are blocking social networks and it is now a more popular category to block than online shopping (52%), weapons (75%), alcohol (64%), sports (51%) and Webmail (58%). ScanSafe specifically found an increase in the number of customers choosing to block the below categories in the last 6 months. 28% increase in travel 27% increase in restaurants and bars 26% increase in sports 26% increase in online shopping 19% increase in Job Searches 16% increase in Webmail “Social networking sites can expose businesses to malware and if not used for business purposes can be a drain on productivity and bandwidth,” says Parker. “Given the option, companies are increasingly taking a sterner approach to the sites that their employees are allowed to access. I imagine before long, social networking will be up there with pornography in terms of categories blocked.”

See the original post here:
More Employers Blocking Social Networks

Hackers hit a prominent email marketing company this weekend, and now some details have been released for public consumption. It seems that some Campaign Monitor accounts were compromised, and many advertising campaigns may now face a bit of an uphill climb. Email Marketers Attacked By Hackers Let’s start by describing the story’s main victim. Campaign Monitor is based in Australia, and has worked with impressive corporations including Apple, Facebook, and McDonald’s. Plus noteworthy entities like the Harvard Business School and the World Wildlife Federation. As for the details of the attack, a post on Campaign Monitor’s blog stated, “The main attack took place over this weekend, for a few hours on Saturday and Sunday and continuing into this week. . . . [O]ne of our servers was compromised, and that gave the hacker enough access to be able to get into a few customer accounts.” So the hackers might have acquired some sensitive info, and they definitely sent out some spam. This has led to a concern that Campaign Monitor communications may have been added to several spam blacklists, which could affect marketing efforts. Campaign Monitor is trying to sort out the mess, though, and has notified the clients whose particular accounts were accessed.

Read more from the original source: 
Email Marketers Attacked By Hackers