Friday, October 13, 2006
Malware from "legitimate" site- Its Possible...
Source Taken from The Register
Malware housed on storage and caching servers, such as those used by ISPs, enterprises, and leading search engines, continues to pose a risk after websites containing malicious code have been pulled.
So says web security firm Finjan, which warns that instead of pointing users towards sites hosting malware, hackers could try to dupe users into visiting contaminated caches. The trick might be used to foil URL filtering products, it says.
"This is more than just a theoretical danger," Finjan chief technology officer Yuval Ben-Itzhak said. "It is possible that storage and caching servers could unintentionally become the largest 'legitimate' storage venue for malicious code. Such 'infection-by-proxy' introduces new risks for businesses and consumers where trusted web addresses become a potential distributor of malicious code - making URL Filtering solutions blind."
Finjan has published obfuscated examples of malware found on storage and caching servers to support its claims.
One well-known hacking tactic involved breaking into vulnerable web servers to install Trojan downloader code, which often takes advantage of browser vulnerabilities to download malware onto target PC (examples here and here). Finjan's point is that users visiting a cached copy of such (potentially mainstream) sites would be infected even if the main site pulled the malware. Search engines are not doing enough to flush their caches, it warns."
Finjan has sent search engines and service providers technical details of its discovery, uncovered by Finjan's Malicious Code Research Centre (MCRC) during its quarterly security trends analysis, and is continuing its dialogue with these firms in the hope of nipping the problem in the bud.
Finjan's net security report, which also discusses the increased use by hackers of Web 2.0 technologies to upload malware and the illicit trade in exploit code, can be found here (registration required). ®
Malware housed on storage and caching servers, such as those used by ISPs, enterprises, and leading search engines, continues to pose a risk after websites containing malicious code have been pulled.
So says web security firm Finjan, which warns that instead of pointing users towards sites hosting malware, hackers could try to dupe users into visiting contaminated caches. The trick might be used to foil URL filtering products, it says.
"This is more than just a theoretical danger," Finjan chief technology officer Yuval Ben-Itzhak said. "It is possible that storage and caching servers could unintentionally become the largest 'legitimate' storage venue for malicious code. Such 'infection-by-proxy' introduces new risks for businesses and consumers where trusted web addresses become a potential distributor of malicious code - making URL Filtering solutions blind."
Finjan has published obfuscated examples of malware found on storage and caching servers to support its claims.
One well-known hacking tactic involved breaking into vulnerable web servers to install Trojan downloader code, which often takes advantage of browser vulnerabilities to download malware onto target PC (examples here and here). Finjan's point is that users visiting a cached copy of such (potentially mainstream) sites would be infected even if the main site pulled the malware. Search engines are not doing enough to flush their caches, it warns."
Finjan has sent search engines and service providers technical details of its discovery, uncovered by Finjan's Malicious Code Research Centre (MCRC) during its quarterly security trends analysis, and is continuing its dialogue with these firms in the hope of nipping the problem in the bud.
Finjan's net security report, which also discusses the increased use by hackers of Web 2.0 technologies to upload malware and the illicit trade in exploit code, can be found here (registration required). ®
Friday, October 06, 2006
Is your Data Really Safe from Outsourcing. NO!!!!
Source Taken from The Register
You might say "its happening everywhere...", but if it is within your backyard, u can take out the trash yourself.
With Outsourcing, you are solely dependent on them to do their own housekeeping. Question is are they doin it???
A man in India offered to sell the front man of a Channel 4 sting operation the credit card details of 200,000 people, the programme Dispatches will reveal tonight.
The programme makers were inspired by a sting operation mounted on an Indian call centre last year by The Sun newspaper, in which a man allegedly sold the bank details of 1,000 British people to a journalist.
The Sun story helped stoke a backlash against outsourcing to India. The Sun was subsequently accused of duping its quarry and fabricating the story about fraud in India.
Dispatches will show that fraud and theft do indeed occur in India. It will demonstrate how doing business with India, like any other country, necessitates the exchange of information that can subsequently get into the wrong hands.
The Channel 4 programme also claims to have found a man willing to sell the mobile phone details of 8,000 British people, and another willing to sell bank account details.
There have been well publicised incidents of fraud involving Indians who had access to British bank accounts. But fraud is a bigger problem in UK institutions, a fact largely overlooked by the media. It is also more likely to occur in any other developed market we choose to do business with.
We have noted this before, but to recap briefly, take the example of the Indian man who was arrested in June for selling information from an HSBC call centre that was used to defraud £233,000 from customer accounts. In the same month, however, and Edinburgh Donald McKenzie was prosecuted for defrauding £21m from the Royal Bank of Scotland.
Incidents of reported fraud in the UK have tripled in since 2003, according to BDO Stoy Hayward. The British government is conducting a review of unreported fraud the UK, which is it describes as "chronic".
Accountants Ernst & Young found in a survey of Western corporate managers that almost two thirds expected to encounter more fraud in emerging markets than at home. Yet 75 per cent of fraud occurred in developed markets, the firm said. Forrester Research found in 2005 that the UK and US suffered more computer security breaches than India.
Such interest in Indian fraud in the face of such evidence warrants a reminder of the Conservative party's recent paper on India. It described euphemistically the "aversion" British people had to doing business with India. The British need to do business with India, it said, so they better learn to see the Indians as they are. ®
You might say "its happening everywhere...", but if it is within your backyard, u can take out the trash yourself.
With Outsourcing, you are solely dependent on them to do their own housekeeping. Question is are they doin it???
A man in India offered to sell the front man of a Channel 4 sting operation the credit card details of 200,000 people, the programme Dispatches will reveal tonight.
The programme makers were inspired by a sting operation mounted on an Indian call centre last year by The Sun newspaper, in which a man allegedly sold the bank details of 1,000 British people to a journalist.
The Sun story helped stoke a backlash against outsourcing to India. The Sun was subsequently accused of duping its quarry and fabricating the story about fraud in India.
Dispatches will show that fraud and theft do indeed occur in India. It will demonstrate how doing business with India, like any other country, necessitates the exchange of information that can subsequently get into the wrong hands.
The Channel 4 programme also claims to have found a man willing to sell the mobile phone details of 8,000 British people, and another willing to sell bank account details.
There have been well publicised incidents of fraud involving Indians who had access to British bank accounts. But fraud is a bigger problem in UK institutions, a fact largely overlooked by the media. It is also more likely to occur in any other developed market we choose to do business with.
We have noted this before, but to recap briefly, take the example of the Indian man who was arrested in June for selling information from an HSBC call centre that was used to defraud £233,000 from customer accounts. In the same month, however, and Edinburgh Donald McKenzie was prosecuted for defrauding £21m from the Royal Bank of Scotland.
Incidents of reported fraud in the UK have tripled in since 2003, according to BDO Stoy Hayward. The British government is conducting a review of unreported fraud the UK, which is it describes as "chronic".
Accountants Ernst & Young found in a survey of Western corporate managers that almost two thirds expected to encounter more fraud in emerging markets than at home. Yet 75 per cent of fraud occurred in developed markets, the firm said. Forrester Research found in 2005 that the UK and US suffered more computer security breaches than India.
Such interest in Indian fraud in the face of such evidence warrants a reminder of the Conservative party's recent paper on India. It described euphemistically the "aversion" British people had to doing business with India. The British need to do business with India, it said, so they better learn to see the Indians as they are. ®
