Data Storage Today

CIO Today Network Sites:   Top Tech News  |   CIO Today   |   Mobile Tech Today   |   Data Storage Today
News & Information for Data Storage Professionals
Vblock™ Systems:
Advanced converged infrastructure
increases productivity & lowers costs.

www.vce.com
Thursday, April 24th 
24/7/365 Network Uptime!
Trending Topics:   Security Heartbleed Big Data Cloud Computing Windows XP Data Centers OS X Mavericks
Home
Data Centers
Storage Solutions
Storage Networks
Data Storage Issues
Data Security
DST Press Releases
 
Free Newsletters
Top CIO News
 
Mobile Tech Today
 

Data Security

New Security Threats Keep IT Busy this Week

New Security Threats Keep IT Busy this Week
February 8, 2013 10:46AM

Bookmark and Share
Among the threats in the news this week: fake Federal Express e-mails that encourage users to download a malicious file; the Trojan Nap virus, which works to steal data from victims' machines; and the Bamital botnet, which although it has been taken down, has left malicious code on users' computers that makes them vulnerable to future attacks.

Your Next Generation Data Center Is Here! Vblock™ Systems: the world's most advanced converged infrastructure are built on the Cisco Unified Computing System with Intel® Xeon® processors. Vblock™ Systems deliver extraordinary time to market, ROI and TCO, and flexibility to meet your continually changing demands with 5X faster deployment, 96% less downtime, and 1/2 the cost. Click here to learn more.

It's been a busy week in the hacking and malware world. Anonymous posted sensitive information of more than 4,600 banking executives to a government Web site on Sunday. Then, the Federal Reserve admitted it was hacked Tuesday morning.

Symantec is warning about fake FedEx e-mails circulating the Internet. According to Symantec, the e-mails claim the user must print out a receipt by clicking on a link and then physically go to the nearest FedEx office to receive their parcel.

"Obviously the parcel does not exist and those who click on the link will be greeted by a PostalReceipt.zip file containing a malicious PostalReceipt.exe executable file," said security researcher Shunichi Imano at Symantec. "Instead of receiving a parcel, which the user did not order in the first place, Trojan.Smoaler is delivered to the computer."

Don't Take a Nap

The Trojan Nap also wreaked havoc online this week. Nap is a malicious downloader that works to steal information from victim machines. But Manos Antonakakis, senior director of research at Damballa Labs, told us there is nothing new about Nap.

"Botnets have been using fluxing techniques for years in order to evade statically compiled black lists. Also, anti-VM [virtual machine] analysis techniques are not an infrequent phenomenon in the current malware landscape," Antonakakis said. "If a company employs legacy signature-based systems, then both anti-VM techniques and fluxing botnets -- both from the IP or domain name side -- will evade their perimeter defenses."

Based on previous analysis of this malware from the community, and according to Damballa datasets, he believes this particular threat is related to the Kelihos botnet. The fast flux network, domain registration, and name servers being used all point back to the Kelihos botnet operators. Antonakakis believes the downloader being used is just one component in this campaign.

"AV people should be paying attention to the network behavior and the ecosystem around Internet threats," Antonakakis said. "Binaries employ several different obfuscation techniques, so tracking them in the context of botnets is extremely hard. Let's put it another way: If you rely on seeing the malware, you have already lost the war."

Bamital Bites Browsers

The security roundup would not be complete without a look at the Bamital botnet. The Bamital botnet hijacked search results across various Web browsers offered by companies such as Google, Yahoo and Microsoft. Bamital also fraudulently charged businesses for online advertisement clicks and took control of users computers, allowing Bamital's organizers to install viruses that could engage in identity theft.

Mark Elliott, executive vice president of products at Quarri Technologies, told us the Bamital botnet poses a threat to users across multiple widely used Web browsers.

"While the botnet's takedown removed the cybercriminals' ability to hijack users' browsing sessions, there is a high probability that many end users were unaware the problem existed while the botnet was still functioning," Elliot said. "The availability of free tools and tips to assist users in uninstalling the botnet is a positive development, but many still don't know that they have Bamital installed on their computer."

As Elliot sees it, this accentuates the issue of Web browser security and the dangers end users face if they don't take the proper security measures. He said it also demonstrates the critical need for organizations to provide and enforce the use of a secure, hardened browser session to protect their Web applications from malware.

"This step is critical to protect their most sensitive browser-delivered information," he said, "and prevent unauthorized use and replication of confidential data."

Tell Us What You Think
Comment:

Name:



 Data Security
1. Fund Seeks To Head Off Heartbleeds
2. Lessons from Verizon's Threat Report
3. Verizon Report Exposes Cyberthreats
4. Heartbleed Exploit Could Cost Millions
5. Michaels: Nearly 3M Cards Breached




 Most Popular Articles
1. Intel Bets on Cloudera for Big Data Analytics
2. SAP HANA Data Warehouse App Gets Faster Analytics
3. Fast Seagate 6 TB Drive Offered for Enterprise Data Centers
4. Resetting All Passwords Now May Be Worst Heartbleed Fix
5. ManageEngine Plug-In Monitors Data Center Security


Have an informed opinion on this story?
Send a Letter to the Editor.
We want to know what you think.
Send us your Feedback.

 Related Topics  Latest News & Special Reports

  IBM Targets Big Data with Power8 Line
  Fund Seeks To Head Off Heartbleeds
  Lessons from Verizon's Threat Report
  Officials Reveal Microsoft Data Center
  Verizon Report Exposes Cyberthreats

 Technology Marketplace
Business Intelligence
Get real-time, cloud-based information services with Neustar.
 
Cloud Computing
Next Generation Data Center Is Here! Vblock™ Systems from VCE
 
Contact Centers
HP delivers the future of the contact center with HP Qfiniti 10.
 
Data Storage
Next Generation Data Center Is Here! Vblock™ Systems from VCE
Barium Ferrite (BaFe) is the future of tape.
2.5" Enterprise-class SATA & SAS SSDs for server & storage applications
 
Enterprise Hardware
Barium Ferrite (BaFe) is the future of tape.
2.5" Enterprise-class SATA & SAS SSDs for server & storage applications
 
Hardware
Protect your network with APC Smart-UPS battery backup
 
Network Security
Protect your network with APC Smart-UPS battery backup
 

Network Security Spotlight
Tech Giants Fund Initiative To Prevent Future Heartbleeds
Can more funding prevent Heartbleed vulnerabilities in future open-source software? A new Core Infrastructure Initiative at the Linux Foundation is attempting to find out.
 
What Verizon's Data Breach Report Can Teach Enterprises
It’s probably not a jaw-dropper, but cyberespionage is officially on the rise. And the use of stolen or misused credentials is still the leading way the bad guys gain access to corporate information.
 
Top Cyberthreats Exposed by Verizon Report
Beyond Heartbleed, there are cyberthreats vying to take down enterprise networks, corrupt smartphones, and wreak havoc on businesses. Verizon is exposing these threats in a new report.
 
Navigation
Data Storage Today
Home/Top News | Data Centers | Storage Solutions | Storage Networks | Data Storage Issues | Data Security | DST Press Releases
Also visit these Enterprise Technology Sites
Top Tech News | CIO Today | Mobile Tech Today | Data Storage Today

Services:
FreeNewsFeed | Free Newsletters | XML/RSS Feed

About CIO Today Network | How To Contact Us | Article Reprints | Services for PR Pros (In partnership with NewsFactor) | Top Tech Wire | How To Advertise

Privacy Policy | Terms of Service
© Copyright 2000-2014 Data Storage Today. All rights reserved. Article rating technology by Blogowogo. Member of Accuserve Ad Network.