The social network giant continues to be targeted by cyber criminals and there’s no evidence on how Facebook will defend against such attacks. One of my biggest concerns is the amount of scams that are displayed via ads on Facebook. When will Facebook start moderating who advertises on their network?

Facebook needs to protect its user base by moderating the entire network for phishing scams, exploits and other criminal activity. If Facebook doesn’t care about the same people who made this company what it is today, than eventually users will leave the social parasite.

There’s one solution that could make a difference and that’s to stop 3^rd party apps from infiltrating the entire network. Instead of letting any publisher promote apps, Facebook should implement a process that in order to become a publisher of an app, a person must confirm their identity by providing their full name, physical address, banking information and phone number. Facebook confirms the person’s identity by sending a post card with a pin code to the publishers mailing address. Once the publisher receives the post card, they can enter their pin code on a secured publisher’s page on Facebook.

I can come up with a few solutions, but the sharing of apps is the biggest issue when it comes to security threats.

Most people feel safe because they only allow friends to share, view and post to their wall. That’s the biggest misconception; it’s your friends who are more than likely sharing links and apps that are not safe. In the past 4 weeks, two friends of mine shared links with me that went to malicious web sites. Do you remember the Facebook Stalker App? Who shared that with you? Your friends did.

We all need to be smarter than the average bear when it comes to clicking on links, allowing apps or clicking on ads on Facebook.

Facebook Security Articles
Beware of Facebook Credits Scam
Facebook Survey Stalker App
Facebook Trojan Spreads Rapidly

Conficker worm first appeared at the end of 2008, but it was in 2009 that the Conficker worm caused the most problems with users worldwide. The worm affected anything in its path, like a Godzilla of worms. It had no prejudice of who its next victim would be. It crippled small and medium size business, putting them in a security frenzy of sorts. The worm is still active today, even as we close out 2009.

W32/Conficker comes in several ingredients or in industry terms (variants) and is a network propagating worm that has the ability to update itself by downloads from the Internet. These downloads are from a subset of servers chosen by the worm from a very large set of generated potential download servers.

The worm’s most significant menace is how it exploits a vulnerability in Windows Server Service. This vulnerability allows the worm to trigger a download of itself to the remote computer without the user’s knowledge.

The worm also spreads to Windows shares in a network and to/from removable drives and USB sticks also known as thumb drives. The former makes it difficult to get rid of in a network, while the latter has resulted in several infections in high-profile organizations, which normally would have had quite adequate security systems in place.

The Conficker worms have advanced systems to protect themselves from being disabled by well known antivirus applications. It’s a tough worm and one that will be hard to top in 2010.

The worm has been pretty much silent since April 2009. It’s important to always keep your antivirus applications updated.

What award do we give this worm? The Godzilla Worm Award would fit well.

According to CA (Computer Associates) beware of any Hallmark E-Cards in your inbox. It may seem safe and genuine sent from a family or friend, but this malware can cause havoc to your computer. We recommend that you keep a watchful eye out for deceptive Christmas ‘promotions’ or e-cards.

From CA: Using the happy subject line “You have received [sic] A Hallmark E-Card”, Win32/Mytob variants attached to spam emails have been getting around lately. The team at CA ISBU labs has monitored Mytob’s increased activity especially towards the end of Q3 2008, and you can read more by visiting the Win32/Mytob.OM and Win32/Mytob.ON malware analyses in our encyclopedia.

Now that we’ve turned the corner into the Yuletide season, we expected Win32/Mytob variants to spice up the social engineering with festive spirit, and unfortunately we were not disappointed. Today we received a new Win32/Mytob variant disguised as a Hallmark e-card, as well as McDonalds and Coca-Cola Christmas promotions. We detect the malware as Win32/Mytob.OO, and it uses this deceivingly friendly Christmas snowman file icon:

Win32/Mytob.OO uses this icon to hide its nefarious intentions.

Below are full details of three spam emails sent by Win32/Mytob.OO. In the first spam email, the worm poses as a Hallmark e-card with these characteristics:

From:
postcards@hallmark.com

Subject:
You have received [sic] A Hallmark E-Card

Message:

Hello!

You have received [sic] a Hallmark E-Card from your friend. To see it, check the attachment. There’s something special about that E-Card feeling. We invite you to make a friend’s day and send one. Hope to see you soon, your friends at Hallmark your privacy is our priority. Click the “Privacy and Security” link at the bottom of this E-mail to view our policy.

Attachment: postcard.zip

Source: Computer Associates

Apple has changed its stance that Macs require antivirus software. Yesterday, the computer maker received a lot of negative press after an article was discovered on the company’s site encouraging Mac users to install antivirus software. Less than 24 hours later, Apple has quietly removed this recommendation from its Knowledgebase.

Is Apple projecting a false sense of security just to save face? Many experts repeatedly warn that all operating systems are susceptible to viruses, and as the Mac becomes more popular OS X will inevitably become a bigger target for malicious attacks.

Apple has repeatedly claimed that Macs, while not completely immune to viruses and spyware, are far safer than Windows computers.

Of course Macs are safer, they only own a little over 8% of the market share. Hackers would rather target the masses (Windows users) than to go after a smaller audience, but that will change over time as Macs start picking up more fans.

Surf safe all!

Let’s make it clear Apple users, malicious viruses do not only affect Windows-based machines. I would get annoyed when Mac users bragged about how secure the Mac is, and how Windows is a magnet for viruses and malicious attacks. On a post dated in late November, Apple urged its users to protect themselves from viruses by downloading software from its Apple Support Website. There are 3 versions of this anti-virus software:

• Intego VirusBarrier X5 (License: commercial)
• Symantec Norton Anti-Virus 11 for Macintosh (License: commercial)
• McAfee VirusScan for Mac (License: commercial)

Apple has finally admitted they’re no longer safe from an attack. This is a huge change in their thinking, as the perception has always been that the Mac OS is safe from spyware, viruses and other forms of malicious code.

The Apple Support site states: “Apple encourages the widespread use of multiple antivirus utilities so that virus programmers have more than one application to circumvent, thus making the whole virus writing process more difficult.”

The site also notes that consumer software and Mac OS are the likely culprits from what appears to be a propagation of Apple-centric viruses.

The run is over Apple heads! Your Mac OS is no longer spared from the wrath of malicious attacks. Now take a back seat and learn from the Windows users.

This weekend marks the 20th anniversary of the Internet Worm, the first major worm that propagated on the Internet. Even though many years have passed and underlying media has changed, worms are still able to wreak havoc and keep system administrators up at night. Today the damage done by worms is far less visible and far less newsworthy but far more difficult to repair than in the past.

On November 2nd, 1988, Robert Tappan Morris launched an application ostensibly designed to count the number of systems on the Internet. It was designed to propagate across Unix systems by exploiting several vulnerabilities, including a conceptual flaw in how r-services (rlogin, rsh, and rexec) authenticate connections, the archaic remote debug feature in Sendmail, and a buffer overflow in the finger daemon.

There was a flaw in its design, the Worm attempted far more propagation attempts than were necessary, causing targeted machines to slow dramatically from resource starvation. Long story short, the then Mr. Morris was caught, found guilty, and sentenced to probation and community service.

Many years of highly visible worms followed. Who could forget such classic hits as Melissa and I Love You, viruses that attacked software that is standard on Windows PCs, as well as Code Red and SQL Slammer for their Windows Server brethren.

Source: ZDNet

Kaspersky, via PC Magazine, has graciously told the public to worry about mobile phone worms. According to Adam O’Donnell of ZDNet he doesn’t think you should be too concerned with mobile viruses just yet.

Hush up Adam! Mobile users should at least be aware of the facts and also safe guard them selves from any threat or exploit. Cell phones are small computers with high bandwidth that can run applications, download files and play music. Any device that has the capabilities to download third party apps, is just as vulnerable to being exposed to viruses and malware.

Facts:

Cell phones have less developers than desktop computers, and consequently malware developers. That’s what Mac has been bolstering for a long time as well as the Mac user population, but we all know what happened with that. Macs like PCs are just as vulnerable to malware, viruses and hackers. What makes you think the cell phone won’t be next? Adam?

MAC has barely 8% of the market share and in the last year there have been many reported attacks directed at the MAC OS. Cell phones make up a huge consumer base and that my friend is appetizing to any malware or virus developer.

Adam you should be more careful in what you say as it may bite you in the ass.

We recently wrote a blog about Malware is at an all time high, totaling more blocked in July than in all of 2007 according to SaaS vendor ScanSafe. Every time you turn around, there is another phishing scam, email disguised as a FedEX notification, or outlandish news headline. Of course, all of these are simply cover ups to entice unsuspecting users into compromising their computers. Even though there are a lot of fantastic (and free) tools to keep your computers malware-free, most people do not take the time or expend the effort to protect themselves.

A well trained user is unlikely to be infected by most malware as there are some very simple things you can do to avoid it.

Tips you need to follow:

1. Always go to the source. If you see an offer that is too good to be true, than it probably is.
2. A warning message that sets you on edge, go to a trusted source to confirm the information.
3. If Paris Hilton tossed a midget in a bar or some guy in a third World country was offering millions to click on a link to provide details about yourself, your best move is to delete these messages and move on.
4. No links. Don’t click on any links sent to you in an email unless the person who sent it tells you directly. In addition, when you send a link, contact the person you sent it to and let them know that you sent it.
5. If someone you don’t know is asking you for personal information, assume that they are up to no good. If you are worried that your bank really needs to confirm information, call them. If PayPal needs to communicate with you, email them directly.

We’re all vulnerable when it comes to malware, viruses, and browser hijacking, but not from legitimate web sites, think again! It’s a known fact that many popular web sites are in fact transmitting malware.

Hackers or in this case cyber-criminals are trying to monetize their evil doings.

The first form stems from the phishing business, where malware authors create new domains and Web sites so fast that URL filtering and signature databases cannot keep up. The goal here is to score a few victims before the security companies can generate new signatures.

The second form consists of hijacked Web sites, sites that are otherwise legitimate but have been corrupted in a way that leads its visitors to malicious content.

An example of the interplay between these two types of Web threats is the Asprox botnet.  The botnet originally derived from phishing attempts to draw unwitting users to malware via short-lived Web sites, but, in the last few months, Asprox has morphed into SQL injection attacks against legitimate sites. In automated fashion, the botnet leverages Google to find and exploit Web sites with vulnerable Active Server Pages injecting an IFrame into the assailable site that redirects site visitors to exploit code elsewhere on the Web.

According to some sources, legitimate Web sites now comprise the majority of pages currently hosting malware. In its July 2008 Security Threat Report Update, Sophos Labs declared that 90 percent of the infected Web pages it detected in the first half of 2008 originated from legitimate Web sites that were hacked in some form. The report also stated that Sophos Labs found, on average, more than 16,000 new infected pages each day during that time.

It’s important to be carefull when web surfing. Don’t surf naked! Protect your data with well known anti-virus programs.

As predicted, hackers tried to trick users into downloading the Storm bot Trojan Friday by unleashing a flood of Fourth of July spam bearing links to malicious sites, several security companies reported.

The spam campaign, anticipated earlier in the week by MX Logic Inc. , used messages with subject headings ranging from “Amazing firework 2008″ and “Celebrating Fourth of July” to “Light up the sky” and “Spectacular fireworks show,” said U.K.-based Sophos Plc. in an alert posted to the Web Friday.

Links in the spam led to hacker-controlled sites that trumpeted a video clip worth downloading. “Colorful Independence Day events have already started throughout the country,” the malicious sites claimed. “The largest firework happens on the last weekday before the Fourth of July. Unprecedented sum of money was spent on this fabulous show. If you want to see the best Independence Day firework just click on the video and run it.”

The file pitched to users was an executable: “fireworks.exe.”

Users who agreed to the download didn’t receive a video, but instead infected their Windows-running PCs with the Storm Trojan horse, which hijacked the system and added it to the existing collection of compromised computers making up the Storm botnet.

Last checked, we didn’t see any details on the Symantec web site for any cure.