This text is replaced by the Flash movie.
 

Posts Tagged ‘ threats ’

Top Threats Targeting Mobile Devices by Symantec

By Fei on September 23, 2011

September 23, 2011

Since the first smartphone arrived in the hands of consumers, speculation about threats targeting these devices has abounded. Recently, with the growing uptake in smartphones and tablets, and their increasing connectivity and capability, there has been a corresponding increase in attention, both from threat developers and security researchers.
While the number of immediate threats to mobile devices remains relatively low in comparison to threats targeting PCs, there have been new developments in the field. As more users download and install third-party applications for these devices, the chances of installing malicious applications also increases. In addition, because most malicious code now is designed to generate revenue, there are likely to be more threats created for these devices as people increasingly use them for sensitive transactions such as online shopping and banking.
Description: Top Threats Targeting Mobile Devices
The following is a brief overview of the top threats targeting mobile devices:
·         Web-based and network-based attacks: These attacks are typically launched by malicious websites or compromised legitimate websites. The attacking website sends malformed network content to the victim’s browser, causing the browser to run malicious logic of the attacker’s choosing.
·         Malware: Malware can be broken up into three high-level categories: traditional computer viruses, computer worms, and Trojan horse programs. Traditional computer viruses work by attaching themselves to legitimate host programs; computer worms spread from device to device over a network while Trojan horse programs don’t self-replicate, but instead perform malicious actions, including compromising the confidentiality, integrity, or availability of the device or using its resources for malicious purposes.
·         Social Engineering Attacks: Social engineering attacks, such as phishing, leverage social engineering to trick the user into disclosing sensitive information. Social engineering attacks can also be used to entice a user to install malware on a mobile device.
·         Resource Abuse: The goal of many attacks is to misuse the network, computing, or identity resources of a device for unsanctioned purposes. The two most common such abuses are the sending of spam emails from compromised devices and the use of compromised devices to launch denial of service attacks on either third-party websites or perhaps on the mobile carrier’s voice or data network.
·         Data Loss: Data loss occurs when an employee or hacker exfiltrates sensitive information from a protected device or network. This loss can be either unintentional or malicious in nature. In one scenario, an enterprise employee might access their work calendar or contact list from a mobile device. If they then synchronize this device with their home PC, for example, to add music or other multimedia content to the device, the enterprise data may be unknowingly backed up onto the user’s unmanaged home computer and become a target for hackers. In an alternative scenario, a user may access a sensitive enterprise email attachment on their mobile device, and then have their device stolen. In some instances, an attacker may be able to access this sensitive attachment simply by extracting the built-in SD flash memory card from the device.
·         Data Integrity Threats: In a data integrity attack, the attacker attempts to corrupt or modify data without the permission of the data’s owner. Attackers may attempt to launch such attacks in order to disrupt the operations of an enterprise or potentially for financial gain (for example, to encrypt the user’s data until the user pays a ransom fee). In addition to such intentional attacks, data may also be corrupted or modified by natural forces (for example, by random data corruption).
  • Squidoo
  • Multiply
  • Facebook
  • Delicious
  • Digg
  • StumbleUpon
  • Twitter
  • TechNet
  • Technorati Favorites
  • MySpace
  • Share/Save/Bookmark

Malware Aims to Evade Windows 7 Safeguards

By Fei on February 1, 2010

By Erik Larkin
February 1, 2009

SAN FRANCISCO – Experts agree that Windows 7 has enhanced security to ward off attacks on vulnerabilities in old software. But what if a money-minded online scammer can persuade you to download malware onto your PC?

“Windows 7 is more secure, and upgrading to it is a big improvement,” says Chester Wisniewski, a senior security advisor with software-maker Sophos. “But it’s not going to stop malware in its tracks.”

Exploits Take a Hit

Digital crooks generally use two tactics to install malware on a PC. Exploits often take the form of a snippet of attack code hidden on a Web page–often a hacked-but-otherwise-benign site. When you browse the page, the exploit hunts for software flaws in Windows or in third-party programs such as Adobe Flash or QuickTime. If it finds one, the exploit may surreptitiously install malware without any hint of the attack.

In contrast, social engineering attacks try to trick you into downloading and installing bot malware that poses as a useful program or video. Some attacks combine tactics, as when a scammer sends an e-mail message encouraging you to open an attached PDF file, only to trigger an exploit buried in the file that then hunts for a flaw in Adobe Reader.

Security upgrades in Windows 7 could help prevent many attacks that target software flaws. ActiveX attacks, once the bane of Internet Explorer users, may “pretty much disappear” due to IE 8′s Protected Mode, says H.D. Moore, chief security officer at Rapid7 and creator of the Metasploit testing tool.

The arcane-sounding Address Space Layer Randomization makes it harder for crooks to find a vulnerability for a running program in your computer’s memory. The related Data Execution Prevention feature attempts to prohibit an attack from taking advantage of any flaw that it may discover.

“These two, in particular, could have a very large impact,” says Wisniewski. Still, though ASLR and DEP were expanded to protect more programs in Windows 7 than in Vista, they don’t cover all applications.

Vista Safer Than XP?

For a sense of what that impact might be, we can look at how Vista fared against malware. Microsoft’s latest Security Intelligence Report covers the first half of 2009, prior to Windows 7′s release. It’s based on data from the Malicious Software Removal Tool, which Microsoft distributes via Automatic Updates to fight common malware infections. According to that data, the infection rate for an up-to-date Vista computer was 62 percent lower than that for an up-to-date XP system.

It’s possible, of course, that Vista users are technologically savvier on average, and so less likely to fall victim to malware. The sample sizes for XP and Vista, which Microsoft didn’t include in the report, might skew the statistics, as well.

But Sophos’s Wisniewski thinks that ASLR and DEP are factors, too. And since those features are expanded in Windows 7, there’s reason to hope they’ll continue to be effective.

“I don’t see this going away anytime soon,” says Moore. He notes that there are plenty of ways crooks can and likely will continue to ply their evil trade against the new OS. But “it does raise the bar,” Moore says.

Hacking People, Not Programs

Exploit-based attacks may be harder to pull off against Windows 7, but social engineering attacks may be as dangerous as ever. And the theoretically less-annoying User Account Control does little to disable poisoned downloads.

In October, Sophos ran a test to see how Windows 7 and UAC would handle malware. First, the testers grabbed the first ten samples of malicious software that came into their lab. They then ran those samples on a fresh Windows 7 machine with UAC at its default settings, and with no antivirus installed.

Two samples couldn’t run on Windows 7 at all. But at its default setting, UAC blocked only one sample, leaving seven pieces of malware that loaded right up.

Sophos’s test highlights two points. First, Wisniewski and others say, UAC isn’t designed to block malware as much as it is to encourage programmers to write software that doesn’t require special privileges–so you shouldn’t count on it for protection.

Second, if a bad guy tricks you into downloading a Trojan horse, ASLR and DEP don’t matter. IE 8′s SmartScreen filter and similar features in other browsers might block known nasties, but the malware universe is bigger than that.

Social engineering ruses include using a hijacked social network account to send malware lures to friends of the owner, sending a link to a supposed video taken of a friend, and hiding a poisoned URL in a shortened link of the type commonly used on Twitter. (For more on such dangers, see “How to Stop 11 Hidden Security Threats.”)

Toss in other tried-and-true scams such as videos that instruct you to in­­stall a codec file (but instead lead you to a malware download), and phony documents attached to e-mail messages that appear to come from coworkers, and it becomes clear why Windows 7 users can’t let their guard down.

  • Squidoo
  • Multiply
  • Facebook
  • Delicious
  • Digg
  • StumbleUpon
  • Twitter
  • TechNet
  • Technorati Favorites
  • MySpace
  • Share/Save/Bookmark
Subscribe E-Newsletter

Don't get left behind. Sign up to receive the latest news.

Our Sponsors
Kerio
Ozaki
redwood
Super Micro
Kaspersky
KOSS
Xitrix
Western Digital
Emerson
Copylandia
JobsDB
ePLDT
Bitdefender
Multi-Color
mseedsystems
Smart
Peplink
Sophos
Astaro
itproasia
MEC
APC
wsi
Wolfpac
ArcusIT
 
 
 
PC World Magazine Subscription
subscribe now
Web Design